goto.otopplace.com
Open in
urlscan Pro
192.185.48.129
Malicious Activity!
Public Scan
Submission: On February 04 via api from US — Scanned from US
Summary
This is the only time goto.otopplace.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: ING Group (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 192.185.48.129 192.185.48.129 | 19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING) | |
1 | 2 |
ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: gator4123.hostgator.com
goto.otopplace.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
1 |
otopplace.com
goto.otopplace.com |
183 KB |
1 | 1 |
Domain | Requested by | |
---|---|---|
1 | goto.otopplace.com | |
1 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
loudljfffr5487d5fegtedg-bc5e7d.ingress-bonde.ewp.live |
www.ing.de |
access.ing.de |
www.youtube.com |
www.ing.jobs |
www.ingwb.de |
produkte.banking.ing.de |
www.facebook.com |
www.instagram.com |
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://goto.otopplace.com/DE/ING/Anmelden-mit-Zugangsdaten/3620e/
Frame ID: 6F7256CC215A3D4AD15F50A1AE188379
Requests: 7 HTTP requests in this frame
20 Outgoing links
These are links going to different origins than the main page.
Title: Zur Navigation
Search URL Search Domain Scan URL
Title: Zum Inhalt
Search URL Search Domain Scan URL
Title: ING DiBa
Search URL Search Domain Scan URL
Title: Neu bei uns? Jetzt Internetbanking PIN erstellen
Search URL Search Domain Scan URL
Title: Zugangsdaten vergessen?
Search URL Search Domain Scan URL
Title: So funktioniert der QR Log-in
Search URL Search Domain Scan URL
Title: QR Log-in Video-Anleitung
Search URL Search Domain Scan URL
Title: Anmelden mit QR Log-in
Search URL Search Domain Scan URL
Title: Artikel
Search URL Search Domain Scan URL
Title: hier
Search URL Search Domain Scan URL
Title: Karriere
Search URL Search Domain Scan URL
Title: Vertriebspartner
Search URL Search Domain Scan URL
Title: Wholesale Banking
Search URL Search Domain Scan URL
Title: Kontaktformular
Search URL Search Domain Scan URL
Title: AGB
Search URL Search Domain Scan URL
Title: Datenschutz
Search URL Search Domain Scan URL
Title: Impressum
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
1 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
goto.otopplace.com/DE/ING/Anmelden-mit-Zugangsdaten/3620e/ |
307 KB 183 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
16 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
30 KB 30 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
29 KB 29 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
32 KB 32 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
44 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: ING Group (Banking)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontentvisibilityautostatechange0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
goto.otopplace.com
192.185.48.129
1470546a5f8d7a68deb045a9f3be48c3fa818c53c0b4f8c854d6acdec64aa225
305948d72ce8577a386f77079dacdb6841f18668f64cc7865a196a0624e5b5a8
3a135f82b209a59959b162a1fbc9b0b38856d1332af286f86046b06357b3811e
9a214e9df938fbc09d96e47ae4dbe031d7a581647a87c38ec371bc2a2d4dc7cf
f4777b7a3b29aba8928cb11b2eb8977c7a4d215000df814668f9dd49495f56a1
f74c344733a85af20d2754b208f12309e2a30c591795d0881cb0ad94c4be6155
fb6ebe23316c03fd8d25e871bfdd9c41eb77e14115f5a01e3e0d97b94617779e