www.ingdirect-es.info
Open in
urlscan Pro
104.21.58.251
Malicious Activity!
Public Scan
Submission: On January 11 via api from NL — Scanned from ES
Summary
TLS certificate: Issued by GTS CA 1P5 on January 10th 2024. Valid for: 3 months.
This is the only time www.ingdirect-es.info was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: ING Group (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 19 | 104.21.58.251 104.21.58.251 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
16 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
ingdirect-es.info
3 redirects
www.ingdirect-es.info |
69 KB |
16 | 1 |
Domain | Requested by | |
---|---|---|
19 | www.ingdirect-es.info |
3 redirects
www.ingdirect-es.info
|
16 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
ingdirect-es.info GTS CA 1P5 |
2024-01-10 - 2024-04-09 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.ingdirect-es.info/login
Frame ID: 3DC1DB2CBEC3DB8C1919DC3678830AD0
Requests: 14 HTTP requests in this frame
Frame:
https://www.ingdirect-es.info/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Frame ID: 743FCBB0D10D87DABF849AFA15E5E942
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
DocumentPage URL History Show full URLs
-
https://www.ingdirect-es.info/login
HTTP 302
https://www.ingdirect-es.info/ HTTP 302
https://www.ingdirect-es.info/login Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.ingdirect-es.info/login
HTTP 302
https://www.ingdirect-es.info/ HTTP 302
https://www.ingdirect-es.info/login Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 9- https://www.ingdirect-es.info/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://www.ingdirect-es.info/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login
www.ingdirect-es.info/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
normalize.css
www.ingdirect-es.info/assets/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
www.ingdirect-es.info/assets/css/ |
13 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e3f40009f3551a33351ee943b8654cbb.svg
www.ingdirect-es.info/assets/img/ |
37 KB 9 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
phone-icon.png
www.ingdirect-es.info/assets/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
left-icon.png
www.ingdirect-es.info/assets/img/ |
273 B 608 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
www.ingdirect-es.info/assets/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
live.js
www.ingdirect-es.info/assets/js/ |
512 B 631 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fcc1889b9ff054ccc3edbca148a17426.svg
www.ingdirect-es.info/assets/img/ |
27 KB 12 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
97205b19383b6a85ef38eb0997c23c35.woff2
www.ingdirect-es.info/assets/css/fonts/ |
29 KB 29 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
www.ingdirect-es.info/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/ Frame 743F Redirect Chain
|
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
843ca2d4095b8678
www.ingdirect-es.info/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 743F |
0 539 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
updateOnline.php
www.ingdirect-es.info/helpers/ |
8 B 332 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
updateOnline.php
www.ingdirect-es.info/helpers/ |
8 B 316 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
updateOnline.php
www.ingdirect-es.info/helpers/ |
8 B 303 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
updateOnline.php
www.ingdirect-es.info/helpers/ |
8 B 307 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: ING Group (Banking)12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| documentPictureInPicture function| checkTypeDni function| numPad function| addMonthValues function| addYearValues function| cloneDivs function| showPass function| validVmovil function| balanceForm function| Online function| saludar2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.ingdirect-es.info/ | Name: PHPSESSID Value: 25cjdpsilcnrq0ila1j7249o99 |
|
.ingdirect-es.info/ | Name: cf_clearance Value: DAgX4.kKltTYFNZTsKZabGAPQAy6FxXWAiS71.EZukw-1704970617-0-2-ef9c7ab0.aa631696.b89d2550-0.2.1704970617 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.ingdirect-es.info
104.21.58.251
0ba35e49440ce55e2f7d64f26ba045e5fc46ab90299e6e63b57696abf942135c
1099a73640fce9576865ded36b2c21615fc000f9b21ff64a2576fc801c11ee02
1a77d762d62e1948dd5c2346672422e68cea346657fe350c42a30705721100cf
1a92897dc4282e49189d2638a1a68c79b92a41cf8cb1e4535b9b03cf3c75f5de
2de07181d8c52d1d6e6c40b50863e22704327c592b832c86a7e010ecdbe1e28f
3852ceb132b384cd80819aae000a0ec30e024a00ca66d20334943d85fab8e312
6b3c4d3e255d73ca9e57959f5860c8357dbfad51249a6ee5a969c0d75f38f462
80451a8af862ea3d6fa09f3370ea6fb9ec8ac44b4e28be3323b6c5064b5d5e90
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f17989f6edbc4bc487a88f28df128f221568c3841f21d0555fe78889cc1e26
ec9bc0394da11ae51636c01a4a539b861e8ae14818592dc61931b94476356f4a
f034f9986ae0fa2e3de3b40fcc378bacf6a5a01d269af841121501f610ddc65b
f74c344733a85af20d2754b208f12309e2a30c591795d0881cb0ad94c4be6155