www.ingdirect-es.info Open in urlscan Pro
104.21.58.251 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.ingdirect-es.info/login
Submission: On January 11 via api (January 11th 2024, 10:57:01 am UTC) from NL — Scanned from ES

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 104.21.58.251, located in and belongs to CLOUDFLARENET, US. The main domain is www.ingdirect-es.info.
TLS certificate: Issued by GTS CA 1P5 on January 10th 2024. Valid for: 3 months.

This is the only time www.ingdirect-es.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: ING Group (Banking)

Domain & IP information

	IP Address		AS Autonomous System
3 19	104.21.58.251 104.21.58.251		13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	1

19 104.21.58.251 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

www.ingdirect-es.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	ingdirect-es.info 3 redirects www.ingdirect-es.info	69 KB
16	1

	Domain	Requested by
19	www.ingdirect-es.info	3 redirects www.ingdirect-es.info
16	1

This site contains no links.

Subject Issuer	Validity	Valid
ingdirect-es.info GTS CA 1P5	`2024-01-10` - `2024-04-09`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.ingdirect-es.info/login
Frame ID: 3DC1DB2CBEC3DB8C1919DC3678830AD0
Requests: 14 HTTP requests in this frame

Frame: https://www.ingdirect-es.info/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Frame ID: 743FCBB0D10D87DABF849AFA15E5E942
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Document

Page URL History Show full URLs

https://www.ingdirect-es.info/login HTTP 302
https://www.ingdirect-es.info/ HTTP 302
https://www.ingdirect-es.info/login Page URL

Page Statistics

16
Requests

94 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

67 kB
Transfer

133 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.ingdirect-es.info/login HTTP 302
https://www.ingdirect-es.info/ HTTP 302
https://www.ingdirect-es.info/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://www.ingdirect-es.info/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.ingdirect-es.info/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
www.ingdirect-es.info/
Redirect Chain

https://www.ingdirect-es.info/login
https://www.ingdirect-es.info/
https://www.ingdirect-es.info/login

4 KB
2 KB

296ms
295ms

Document
text/html

104.21.58.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ingdirect-es.info/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.58.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2de07181d8c52d1d6e6c40b50863e22704327c592b832c86a7e010ecdbe1e28f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 843ca2d4095b8678-MAD
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 11 Jan 2024 10:56:57 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Djvo%2BdwQxdaindVX%2BKHJYYY8H96nJULTHRFigVJc8wBXZf0snrbuPw0bn6Sv44KG4QrwTVXIxy%2BNkP63D98z5MaNL7qcjo26kfWeASmD%2BUWMzvA2PVCK2Gazy7e0pjSJEWj7DvcUmvg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 843ca2cc1a4c8678-MAD
content-type: text/html; charset=UTF-8
date: Thu, 11 Jan 2024 10:56:56 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: ./login
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ySQk5vio0lmgp0z8%2Fvd4Ri282Ll7T7Mreqz6On1YWRX7ULEWbRAt2aDjKSNzIz40lPkniTJPx4zQYTKkYhoGYffgK3CPq7qBlVi6ZUzfhpC5NwVUmF4%2BTttIZPykf0YMeD6mWtKiyEM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 normalize.css
www.ingdirect-es.info/assets/css/ 8 KB
2 KB 133ms
126ms Stylesheet
text/css 104.21.58.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ingdirect-es.info/assets/css/normalize.css
Requested by: Host: www.ingdirect-es.info
URL: https://www.ingdirect-es.info/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.58.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6f17989f6edbc4bc487a88f28df128f221568c3841f21d0555fe78889cc1e26

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.ingdirect-es.info/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 10:56:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 20 Apr 2023 03:30:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 44092
etag: W/"6440b1ba-2125"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cCINFF%2FeqDNyWzkiRj9ZsHL%2F9na9ikwPwLxyJ59EY95uQL4BM86My5KVsM8fwbP57FfJKfB5SasYcASOXDfJ8InETpry%2FLliLrFzhepZBMyHjDqPTcXXHctL6McpX9Hae8belhbT3Vc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 843ca2d56c388678-MAD
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
www.ingdirect-es.info/assets/css/ 13 KB
3 KB 130ms
125ms Stylesheet
text/css 104.21.58.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ingdirect-es.info/assets/css/style.css
Requested by: Host: www.ingdirect-es.info
URL: https://www.ingdirect-es.info/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.58.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3852ceb132b384cd80819aae000a0ec30e024a00ca66d20334943d85fab8e312

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.ingdirect-es.info/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 10:56:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 21 Oct 2023 10:57:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 44091
etag: W/"6533ae97-3244"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yVHek0dljSlb02Rlij%2BOdUgoBJR2HW3iLmKtQ9PWpjAVV4FAXA2Qqvjq9nkzoTclCxpj8%2BXllhSjWdo0Iy1qTeWlobwDmTtB9nOSlMq8GYo8I8bI%2BoicbfE6towc3gf%2FRPr4WpYVsqM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 843ca2d56c3b8678-MAD
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 e3f40009f3551a33351ee943b8654cbb.svg
www.ingdirect-es.info/assets/img/ 37 KB
9 KB 133ms
129ms Image
image/svg+xml 104.21.58.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ingdirect-es.info/assets/img/e3f40009f3551a33351ee943b8654cbb.svg
Requested by: Host: www.ingdirect-es.info
URL: https://www.ingdirect-es.info/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.58.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a77d762d62e1948dd5c2346672422e68cea346657fe350c42a30705721100cf

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.ingdirect-es.info/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 10:56:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 May 2023 17:08:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 44091
etag: W/"6453e688-9595"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3xqTIspUK5GzfVF7PhUkcvhzM%2FixwXiZL5zzs7VkJRK7mJta00IUUN%2FzuX9O5Wglf6Z8DpTERXrqV3KLk1WbGHFdixAqfUt0a%2BrYwI55HCmjpdiMaHT5lyVAm7nUX3J2QTPaUI6%2F2f8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 843ca2d56c3e8678-MAD
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 phone-icon.png
www.ingdirect-es.info/assets/img/ 2 KB
2 KB 134ms
130ms Image
image/png 104.21.58.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ingdirect-es.info/assets/img/phone-icon.png
Requested by: Host: www.ingdirect-es.info
URL: https://www.ingdirect-es.info/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.58.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ba35e49440ce55e2f7d64f26ba045e5fc46ab90299e6e63b57696abf942135c

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.ingdirect-es.info/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 10:56:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 44091
alt-svc: h3=":443"; ma=86400
content-length: 1663
last-modified: Thu, 04 May 2023 17:36:02 GMT
server: cloudflare
etag: "6453ed02-67f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lRdFMDYQvpOt9k4w70NAJdqMMvRwW5LA53fNxX4EgHNXy%2FO9wMAoMEJUcfvOK3LMfIQH7Nunlq0VtwW%2FifBl4U0kYzV6H4cCQtM8uyboP9zTkcANwzuzWsDsFyQemSUepqcjDw4Mj9s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 843ca2d56c3f8678-MAD
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 left-icon.png
www.ingdirect-es.info/assets/img/ 273 B
608 B 131ms
128ms Image
image/png 104.21.58.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ingdirect-es.info/assets/img/left-icon.png
Requested by: Host: www.ingdirect-es.info
URL: https://www.ingdirect-es.info/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.58.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a92897dc4282e49189d2638a1a68c79b92a41cf8cb1e4535b9b03cf3c75f5de

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.ingdirect-es.info/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 10:56:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 44092
alt-svc: h3=":443"; ma=86400
content-length: 273
last-modified: Fri, 05 May 2023 14:37:04 GMT
server: cloudflare
etag: "64551490-111"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S1sDATFH3xLuE%2FgAC2OUPOzKL493fXrBcG4dGmw93VEUpceJ0U6nct79%2FYwHgLxSvo1JwYB8%2Bi7%2FdNpXv3obtdsRGD%2B5BcgZt0ovK86DWHArgXj4%2FwhdHH0lpwfJVzdgU0Y9qcS%2BXos%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 843ca2d56c408678-MAD
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 app.js Show response
www.ingdirect-es.info/assets/js/ 5 KB
2 KB 129ms
127ms Script
application/javascript 104.21.58.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ingdirect-es.info/assets/js/app.js
Requested by: Host: www.ingdirect-es.info
URL: https://www.ingdirect-es.info/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.58.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1099a73640fce9576865ded36b2c21615fc000f9b21ff64a2576fc801c11ee02

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.ingdirect-es.info/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 10:56:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 21 Oct 2023 10:42:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 44092
etag: W/"6533aafe-13d1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0lajWV9M5ITdE5%2FEQ7RWenkcOvhYYKgy%2BsoLs5ihzwyjFXTbr3dqUSFuiVJO7nlo5b7m%2Fpjrxk1n2%2BWwSDd0OYsTVYqmzMlXt0EVilauyLevxsRUGuxsjQ6jwcSzspBBEGh%2BOwLy1xM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 843ca2d56c438678-MAD
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 live.js Show response
www.ingdirect-es.info/assets/js/ 512 B
631 B 133ms
131ms Script
application/javascript 104.21.58.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ingdirect-es.info/assets/js/live.js
Requested by: Host: www.ingdirect-es.info
URL: https://www.ingdirect-es.info/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.58.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec9bc0394da11ae51636c01a4a539b861e8ae14818592dc61931b94476356f4a

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.ingdirect-es.info/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 10:56:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 20 Feb 2023 07:55:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 44092
etag: W/"63f3278a-200"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pEmwznIYAH%2FS4ADIs%2BhpwTakOuZtN3VlZ5I5waavd7NI9rkmNUZ4eD3jN8Bt%2FoVRTYilsgSW5I3YYa7CqqZHI7IHgbImzT5%2FF9boOYigMloWtS5W%2BHzGMRB1zbaGGgAShiXB5p%2BZQ0U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 843ca2d56c448678-MAD
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fcc1889b9ff054ccc3edbca148a17426.svg
www.ingdirect-es.info/assets/img/ 27 KB
12 KB 65ms
65ms Image
image/svg+xml 104.21.58.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ingdirect-es.info/assets/img/fcc1889b9ff054ccc3edbca148a17426.svg
Requested by: Host: www.ingdirect-es.info
URL: https://www.ingdirect-es.info/assets/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.58.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b3c4d3e255d73ca9e57959f5860c8357dbfad51249a6ee5a969c0d75f38f462

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.ingdirect-es.info/assets/css/style.css
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 10:56:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 May 2023 17:08:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 44090
etag: W/"6453e6a0-6c45"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Um%2B6eLuOwHKFi3yDF91Gx%2F0tDlxGpCyyHAkZBfuDOWwS6uSGUO90ShI%2FPdhuGtA8uk2fs%2FSO54sTg24tvAYcHz4GfjayzOjCbNG6nlI6TdYv%2BtRFfoaVz1N3%2BjVqEJdf84VpcLhvRP0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 843ca2d5ed818678-MAD
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 97205b19383b6a85ef38eb0997c23c35.woff2
www.ingdirect-es.info/assets/css/fonts/ 29 KB
29 KB 78ms
77ms Font
application/octet-stream 104.21.58.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ingdirect-es.info/assets/css/fonts/97205b19383b6a85ef38eb0997c23c35.woff2
Requested by: Host: www.ingdirect-es.info
URL: https://www.ingdirect-es.info/assets/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.58.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f74c344733a85af20d2754b208f12309e2a30c591795d0881cb0ad94c4be6155

Request headers

Referer: https://www.ingdirect-es.info/assets/css/style.css
Origin: https://www.ingdirect-es.info
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 10:56:57 GMT
cf-cache-status: HIT
last-modified: Thu, 04 May 2023 17:21:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4381
etag: "73b0-5fae16795a800"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jNrGWHBppWqp39r%2FfEls6TW1EPIA%2Fu1nNlC8EoZ72NHVpQ3mrqsYQlaESGiWHiiXoYdAhPpDP%2B2U7h4g6sxlHm3LYnSUiq8R%2Bl%2BXUsdW6N0wUUaRRPfqJSA2ZwkNJTbw3dQobbM77ns%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 843ca2d5ed7e8678-MAD
alt-svc: h3=":443"; ma=86400
content-length: 29616

GET
H2

200

main.js Show response
www.ingdirect-es.info/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/ Frame 743F
Redirect Chain

https://www.ingdirect-es.info/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.ingdirect-es.info/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

7 KB
4 KB

94ms
93ms

Script
application/javascript

104.21.58.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ingdirect-es.info/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

Protocol

Server

104.21.58.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80451a8af862ea3d6fa09f3370ea6fb9ec8ac44b4e28be3323b6c5064b5d5e90

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 10:56:57 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FF2sTAT6z6ItTe%2BC%2FcPnzyDBBBkzkNKYiwjKWAu4lkEuAXev%2BYvauu0dCCVSWvscLN2u%2F9rgdpUSauWs5qQ%2FlL0OyW19YWgLWdyfOs3TKbN8r7qGAtQ596rzU7ZGjL3mHwTmczTXNQM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 843ca2d6df9a8678-MAD
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 11 Jan 2024 10:56:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zu71%2F%2BFIi%2F0iDJtj2ARkRVNQMrzt6oiiXkLhf9SdVwqJPYL%2BmNNSNDi4yeHKkU5xy0c3BhQMD8VXINDYdQvWTAdWsZyufKMSR2zIr%2BQj5BfTGdIKqTq1DLx2FEUWJ9722UcaUYbZctc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
cache-control: max-age=300, public
cf-ray: 843ca2d61e108678-MAD
alt-svc: h3=":443"; ma=86400

POST
H2 200 843ca2d4095b8678 Show response
www.ingdirect-es.info/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 743F 0
539 B 75ms
75ms XHR
text/plain 104.21.58.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ingdirect-es.info/cdn-cgi/challenge-platform/h/b/jsd/r/843ca2d4095b8678
Requested by: Host: www.ingdirect-es.info
URL: https://www.ingdirect-es.info/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.58.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: application/json

Response headers

date: Thu, 11 Jan 2024 10:56:57 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8yl0iFD9ifkD6qLFFV4l3agq1dHJQtd2ODiwsoBjSgE5DVCSBqs%2BzVJ9k3WpWdABJgnRZc2Bnz4VWHhX85fWviEDs1ShHFrLaZMqxZDCfMXyrJdR790g1UQ9ga1W1MzNog3wVmVkwFQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 843ca2d7c9e08678-MAD
alt-svc: h3=":443"; ma=86400

GET
H2 200 updateOnline.php Show response
www.ingdirect-es.info/helpers/ 8 B
332 B 121ms
120ms XHR
text/html 104.21.58.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ingdirect-es.info/helpers/updateOnline.php?user_id=a880a6a5dbe7d376420bbb5bd9f220a8
Requested by: Host: www.ingdirect-es.info
URL: https://www.ingdirect-es.info/assets/js/live.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.58.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f034f9986ae0fa2e3de3b40fcc378bacf6a5a01d269af841121501f610ddc65b

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.ingdirect-es.info/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 10:56:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uj%2FUOwF0DwAPPxbE6acZSsc1P5V9L08Vqc2OyEzVsOBzxd6cKMW9O4X35K9ypUG1qvfjpPZMWUDx6h4Dk5GT1Vg8C%2BW5PtDh07dBaOXal1vOrAmCt8LS86geILcLZ7Sx16JeLEhbKN4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 843ca2dcabbc8678-MAD
alt-svc: h3=":443"; ma=86400

GET
H2 200 updateOnline.php Show response
www.ingdirect-es.info/helpers/ 8 B
316 B 228ms
227ms XHR
text/html 104.21.58.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ingdirect-es.info/helpers/updateOnline.php?user_id=a880a6a5dbe7d376420bbb5bd9f220a8
Requested by: Host: www.ingdirect-es.info
URL: https://www.ingdirect-es.info/assets/js/live.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.58.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f034f9986ae0fa2e3de3b40fcc378bacf6a5a01d269af841121501f610ddc65b

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.ingdirect-es.info/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 10:56:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3gFFUwUutOBEvI9ylL3%2BOIb046HFdIELvntshJ0KZYNMJSllR%2BfL9h6k0K24rh73%2BJsuUU0OXM%2BLuFMcHGJx%2FW9Y18TQI95kUOJy%2BJOfBd9gIAELZJbAL8mQL%2Bj9meMPyhWTnq3qdhs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 843ca2e368e08678-MAD
alt-svc: h3=":443"; ma=86400

GET
H2 200 updateOnline.php Show response
www.ingdirect-es.info/helpers/ 8 B
303 B 381ms
380ms XHR
text/html 104.21.58.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ingdirect-es.info/helpers/updateOnline.php?user_id=a880a6a5dbe7d376420bbb5bd9f220a8
Requested by: Host: www.ingdirect-es.info
URL: https://www.ingdirect-es.info/assets/js/live.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.58.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f034f9986ae0fa2e3de3b40fcc378bacf6a5a01d269af841121501f610ddc65b

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.ingdirect-es.info/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 10:57:00 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O9dvgffPh0UOcGtgqz6VcasgnjUUX8FUM3wxik7f0G09hsAuaz8ujLeIZvWxRcHKHTY3RLEyT0SbLsO7ijQCGFuY8WC2vJLI75hPz1ouYDhfoCsifahlMUVopNZ%2Fiwsrjo6WB%2FqHVws%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 843ca2ea0d438678-MAD
alt-svc: h3=":443"; ma=86400

GET
H2 200 updateOnline.php Show response
www.ingdirect-es.info/helpers/ 8 B
307 B 374ms
374ms XHR
text/html 104.21.58.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ingdirect-es.info/helpers/updateOnline.php?user_id=a880a6a5dbe7d376420bbb5bd9f220a8
Requested by: Host: www.ingdirect-es.info
URL: https://www.ingdirect-es.info/assets/js/live.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.58.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f034f9986ae0fa2e3de3b40fcc378bacf6a5a01d269af841121501f610ddc65b

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.ingdirect-es.info/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 10:57:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HpySn87Rj0ODScooAZ3%2BKySrD7XVH6eyrgcNy3Ozq7oSn1c8HEJ4i8dR3uLnn9GhXKwdXmWiSwqXFVF%2Fd%2FEHienqW0bi7vp9zG4co9vEBzBY2WLOiOz%2B1cCYafSKTC04xyabUPx2mKI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 843ca2efe8c28678-MAD
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ING Group (Banking)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.ingdirect-es.info/	1969-12-31 23:59:59	Name: PHPSESSID Value: 25cjdpsilcnrq0ila1j7249o99
			.ingdirect-es.info/	1970-01-21 02:21:46	Name: cf_clearance Value: DAgX4.kKltTYFNZTsKZabGAPQAy6FxXWAiS71.EZukw-1704970617-0-2-ef9c7ab0.aa631696.b89d2550-0.2.1704970617

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.ingdirect-es.info
104.21.58.251
0ba35e49440ce55e2f7d64f26ba045e5fc46ab90299e6e63b57696abf942135c
1099a73640fce9576865ded36b2c21615fc000f9b21ff64a2576fc801c11ee02
1a77d762d62e1948dd5c2346672422e68cea346657fe350c42a30705721100cf
1a92897dc4282e49189d2638a1a68c79b92a41cf8cb1e4535b9b03cf3c75f5de
2de07181d8c52d1d6e6c40b50863e22704327c592b832c86a7e010ecdbe1e28f
3852ceb132b384cd80819aae000a0ec30e024a00ca66d20334943d85fab8e312
6b3c4d3e255d73ca9e57959f5860c8357dbfad51249a6ee5a969c0d75f38f462
80451a8af862ea3d6fa09f3370ea6fb9ec8ac44b4e28be3323b6c5064b5d5e90
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f17989f6edbc4bc487a88f28df128f221568c3841f21d0555fe78889cc1e26
ec9bc0394da11ae51636c01a4a539b861e8ae14818592dc61931b94476356f4a
f034f9986ae0fa2e3de3b40fcc378bacf6a5a01d269af841121501f610ddc65b
f74c344733a85af20d2754b208f12309e2a30c591795d0881cb0ad94c4be6155

www.ingdirect-es.info Open in urlscan Pro 104.21.58.251 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

16 Requests

94 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

67 kBTransfer

133 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

12 JavaScript Global Variables

2 Cookies

Indicators

www.ingdirect-es.info Open in urlscan Pro
104.21.58.251 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

94 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

67 kB
Transfer

133 kB
Size

2
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!