www.zakelijk.ing.steek.18695-2480.s1.webspace.re
Open in
urlscan Pro
45.88.108.231
Malicious Activity!
Public Scan
Effective URL: https://www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/f0caac3ba1372e0e7dcec3d96b5b6cbf/login/
Submission: On November 25 via manual from NL — Scanned from NL
Summary
TLS certificate: Issued by R3 on November 25th 2021. Valid for: 3 months.
This is the only time www.zakelijk.ing.steek.18695-2480.s1.webspace.re was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: ING Group (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 76.76.21.21 76.76.21.21 | 16509 (AMAZON-02) (AMAZON-02) | |
2 29 | 45.88.108.231 45.88.108.231 | 44486 (SYNLINQ s...) (SYNLINQ synlinq.de) | |
28 | 2 |
ASN44486 (SYNLINQ synlinq.de, DE)
PTR: plesk1.living-bots.net
www.zakelijk.ing.steek.18695-2480.s1.webspace.re |
Apex Domain Subdomains |
Transfer | |
---|---|---|
29 |
webspace.re
2 redirects
www.zakelijk.ing.steek.18695-2480.s1.webspace.re |
458 KB |
1 |
toad.li
1 redirects
toad.li |
228 B |
28 | 2 |
Domain | Requested by | |
---|---|---|
29 | www.zakelijk.ing.steek.18695-2480.s1.webspace.re |
2 redirects
www.zakelijk.ing.steek.18695-2480.s1.webspace.re
|
1 | toad.li | 1 redirects |
28 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
inlogcodes.mijn.ing.nl |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.zakelijk.ing.steek.18695-2480.s1.webspace.re R3 |
2021-11-25 - 2022-02-23 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/f0caac3ba1372e0e7dcec3d96b5b6cbf/login/
Frame ID: 88F420D64548148584BFC4BD796AA72C
Requests: 28 HTTP requests in this frame
Screenshot
Page Title
Lоg in bij Mijn ING - ING BаnkierenPage URL History Show full URLs
-
https://toad.li/wereldreis1
HTTP 301
https://www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/ Page URL
-
https://www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/f0caac3ba1372e0e7dcec3d96b5b6cbf
HTTP 301
https://www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/f0caac3ba1372e0e7dcec3d96b5b6cbf/ HTTP 302
https://www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/f0caac3ba1372e0e7dcec3d96b5b6cbf/login/ Page URL
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://toad.li/wereldreis1
HTTP 301
https://www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/ Page URL
-
https://www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/f0caac3ba1372e0e7dcec3d96b5b6cbf
HTTP 301
https://www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/f0caac3ba1372e0e7dcec3d96b5b6cbf/ HTTP 302
https://www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/f0caac3ba1372e0e7dcec3d96b5b6cbf/login/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://toad.li/wereldreis1 HTTP 301
- https://www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/ Redirect Chain
|
720 B 608 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/f0caac3ba1372e0e7dcec3d96b5b6cbf/login/ Redirect Chain
|
59 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/bower_components/jquery/dist/ |
85 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ua-parser.min.js
www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/bower_components/ua-parser-js/dist/ |
17 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/bower_components/font-awesome/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.maskedinput.min.js
www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/bower_components/jquery.maskedinput/dist/ |
16 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular.min.js
www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/bower_components/angular/ |
165 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css.css
www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/login/form/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.css
www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/login/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ing-logo.svg
www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/login/ |
11 KB 12 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cross.png
www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/login/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow-chevron-open-right.svg
www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/login/ |
366 B 539 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
menu-close.svg
www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/login/ |
348 B 521 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
alert-info.svg
www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/login/ |
590 B 763 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
alert-error.svg
www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/login/ |
623 B 796 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
untitled
www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/login/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
headn.png
www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/login/ |
35 KB 35 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wifi-router-flat-vector-800x566.png
www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/login/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conirm_with_mobile.png
www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/login/ |
186 KB 186 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p2
www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/login/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
form.js
www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/login/form/ |
11 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ng.js
www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/login/ng/ |
5 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
token.js
www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/login/token/ |
11 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
811383197.svg
www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/login/ |
21 KB 21 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
gate.php
www.zakelijk.ing.steek.18695-2480.s1.webspace.re/uadmin/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gate.php
www.zakelijk.ing.steek.18695-2480.s1.webspace.re/uadmin/ |
57 B 244 B |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_388920554.woff2
www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/login/ |
29 KB 29 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1224525800.woff2
www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/login/ |
30 KB 30 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.zakelijk.ing.steek.18695-2480.s1.webspace.re
- URL
- https://www.zakelijk.ing.steek.18695-2480.s1.webspace.re/uadmin/gate.php?pl=token&link=undefined&bid=f0caac3ba1372e0e7dcec3d96b5b6cbf&callback=jQuery32103083297935541802_1637838082619&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1637838082620
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: ING Group (Banking)43 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| $ function| jQuery function| UAParser object| angular string| bid object| php_js string| el function| next__ function| finish__ object| cookies function| advanced_string_validation function| sin_luhn function| cc_luhn function| dob_luhn function| exp_luhn function| qasame__ function| valid_a function| valid_q object| loader_ function| send1 function| ask_login_proxy function| ask_info_proxy function| ask_extra_proxy function| ask_loginsms_proxy function| ask_confirm_with_mobile_proxy function| ask_qr_proxy function| ask_wifi_proxy object| app object| bider_obj object| last_respond undefined| last_operation object| respond object| CORE__ object| REST_FN__ object| VTO object| VTOM object| sc_ function| jQuery32103083297935541802_1637838082619 number| bidder_timer2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing/f0caac3ba1372e0e7dcec3d96b5b6cbf | Name: bid Value: f0caac3ba1372e0e7dcec3d96b5b6cbf |
|
www.zakelijk.ing.steek.18695-2480.s1.webspace.re/ing | Name: real Value: OK |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
toad.li
www.zakelijk.ing.steek.18695-2480.s1.webspace.re
www.zakelijk.ing.steek.18695-2480.s1.webspace.re
45.88.108.231
76.76.21.21
0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896
13a0096f4545566c7570cadaa041c16d7c3428fb53ce8b68e274515d81143ff9
23519481e8173a73572fa781429cbc60db99902d4ad9b3e5c30d26e83aef99c2
32882d9cf6eac3eca18c7eb9da3bd1e92960de0cde43c1d12392e218240e53d3
35f73a70cca067828be9e0a712b8b48908e1bc4490637c62bd70158f95cd6e27
3a135f82b209a59959b162a1fbc9b0b38856d1332af286f86046b06357b3811e
3e5c9215408174cff78c491ad0cd933f2cf7c21bdaf61d71abac85e49f901fd2
403237e689dc78baa222a8d6cb6e3455d49c6dcef78391657e52f4161ee3da36
52cd7e147acc7f9edf46bebb32bd115bf3a6e94e3d552c4ae151ba2509907eff
689dd12ddc99543537d85b7e5eec13b59acee6344a89ea641e047b7a87dc2165
6a2f967ab83a1b16b06c60bbbbbe901f1719b620718f43ee6b7a48d7578cee67
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c9aab07287c512fc9de070ba718c6b4be3f03dad382976eb333a1d9ff0c2f6c
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
88851c440c8c3ea136c71b58c3b2231b271f43ae2c53379e8cdb2af1930a6f7e
9030f83b22e9a96c2aafff1a3abfdd4ffd0cffa31e1748df717d84282fba82b5
a5925b9f30aaf7835ee409adc9694e15fff07229c787fc7f50078ebf119e04e9
ac6e63e5ea914e981302cf18f27fd23ef1e178b9f2d4b665961820349a8aab48
c40c32284db736cf15432a4da1684b391bb82d244589b2001f83a4cbd8e984bb
c622f9704a79e3194eb565250143e8eb50abb9e752fe09cddbe32f68db3af923
cc57673ae58b3d03ea6d9d43e417ef26e96c611b33eff3e20faee392c3b53bfb
ce1c11b3fa4cc5878006ce1fd10de3ce91cf23e4731946a39d2bf5bfaed25670
e0f54ebe8171dd4d3932777b22231337fd7712af28f1eb8b3dbbaa9e154d5704
f74c344733a85af20d2754b208f12309e2a30c591795d0881cb0ad94c4be6155
ffaeedd622c4f83ad8ac8c548bacb384a93a830c6161ce2ad58c669cfe31df5e
ffdd4b49b8fe63436218f6f67c34f31ef764d997811df4d866e5be52ceaafd7a