ofertools.com Open in urlscan Pro
78.46.158.237 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html
Submission: On June 27 via automatic, source openphish (June 27th 2018, 4:58:28 pm UTC)

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 18 HTTP transactions. The main IP is 78.46.158.237, located in Germany and belongs to HETZNER-AS, DE. The main domain is ofertools.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on May 10th 2018. Valid for: 3 months.

This is the only time ofertools.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: ING Group (Banking)

Domain & IP information

	IP Address		AS Autonomous System
18	78.46.158.237 78.46.158.237		24940 (HETZNER-AS) (HETZNER-AS)
18	1

18 78.46.158.237 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: res2.abtinweb.com

ofertools.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	ofertools.com ofertools.com	418 KB
18	1

	Domain	Requested by
18	ofertools.com	ofertools.com
18	1

This site contains no links.

Subject Issuer	Validity	Valid
ofertools.com cPanel, Inc. Certification Authority	`2018-05-10` - `2018-08-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html
Frame ID: 823C348D4C12C0530C7F188EFBDDBE05
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

418 kB
Transfer

417 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request index2.html Show response ofertools.com/wp-content/languages/plugins/ING_login/9c69a/	13 KB 13 KB	42ms 39ms	Document text/html	78.46.158.237 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.46.158.237 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS res2.abtinweb.com Software Apache / Resource Hash `ef74d06ff8617c719b4a33c74494c27f175accd3157094aeb2a74a8dff8b3a60` Request headers Host ofertools.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 823C348D4C12C0530C7F188EFBDDBE05 Response headers Date Wed, 27 Jun 2018 16:58:13 GMT Server Apache Last-Modified Wed, 27 Jun 2018 13:56:31 GMT Accept-Ranges bytes Content-Length 12932 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html
GET H/1.1	200 OK	rules.js Show response ofertools.com/wp-content/languages/plugins/ING_login/9c69a/img/	627 B 881 B	181ms 180ms	Script application/javascript	78.46.158.237 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/img/rules.js Requested by Host: ofertools.com URL: https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.46.158.237 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS res2.abtinweb.com Software Apache / Resource Hash `06abd98d655f6589a183f05e9e56e5ef93e0e43f9129b785a89a1de8f4fdd594` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ofertools.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html Connection keep-alive Cache-Control no-cache Referer https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 27 Jun 2018 16:58:13 GMT Last-Modified Wed, 27 Jun 2018 13:56:31 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 627
GET H/1.1	404 Not Found	Untitled1.css ofertools.com/wp-content/languages/plugins/ING_login/9c69a/	0 0	986ms 982ms	Stylesheet text/html	78.46.158.237 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/Untitled1.css Requested by Host: ofertools.com URL: https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.46.158.237 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS res2.abtinweb.com Software Apache / Resource Hash Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ofertools.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html Connection keep-alive Cache-Control no-cache Referer https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 27 Jun 2018 16:58:13 GMT Server Apache Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Cache-Control no-cache, must-revalidate, max-age=0 Connection Keep-Alive Link <https://ofertools.com/wp-json/>; rel="https://api.w.org/" Keep-Alive timeout=5, max=100 Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	404 Not Found	index.css ofertools.com/wp-content/languages/plugins/ING_login/9c69a/	0 0	994ms 991ms	Stylesheet text/html	78.46.158.237 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index.css Requested by Host: ofertools.com URL: https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.46.158.237 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS res2.abtinweb.com Software Apache / Resource Hash Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ofertools.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html Connection keep-alive Cache-Control no-cache Referer https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 27 Jun 2018 16:58:13 GMT Server Apache Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Cache-Control no-cache, must-revalidate, max-age=0 Connection Keep-Alive Link <https://ofertools.com/wp-json/>; rel="https://api.w.org/" Keep-Alive timeout=5, max=100 Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	200 OK	2.png ofertools.com/wp-content/languages/plugins/ING_login/9c69a/img/	148 KB 148 KB	22ms 22ms	Image image/png	78.46.158.237 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/img/2.png Requested by Host: ofertools.com URL: https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.46.158.237 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS res2.abtinweb.com Software Apache / Resource Hash `bc63124633d72ed5d1d375c31c0e8abeb559b755ba1dbaf0f45efec62eea325f` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ofertools.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html Connection keep-alive Cache-Control no-cache Referer https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 27 Jun 2018 16:58:14 GMT Last-Modified Wed, 27 Jun 2018 13:56:31 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 151810
GET H/1.1	404 Not Found	index_Button1_bkgrnd.png ofertools.com/wp-content/languages/plugins/ING_login/9c69a/images/	8 KB 8 KB	3331ms 1740ms	Image text/html	78.46.158.237 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/images/index_Button1_bkgrnd.png Requested by Host: ofertools.com URL: https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.46.158.237 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS res2.abtinweb.com Software Apache / Resource Hash `c9b21ad4b83ffa7a75c38543562202a16ea4b5dc51f1c71b1e3495a770e391e3` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ofertools.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html Connection keep-alive Cache-Control no-cache Referer https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 27 Jun 2018 16:58:16 GMT Server Apache Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Cache-Control no-cache, must-revalidate, max-age=0 Connection Keep-Alive Link <https://ofertools.com/wp-json/>; rel="https://api.w.org/" Keep-Alive timeout=5, max=100 Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	404 Not Found	index_Button12_bkgrnd.png ofertools.com/wp-content/languages/plugins/ING_login/9c69a/images/	15 KB 15 KB	3295ms 1694ms	Image text/html	78.46.158.237 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/images/index_Button12_bkgrnd.png Requested by Host: ofertools.com URL: https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.46.158.237 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS res2.abtinweb.com Software Apache / Resource Hash `8cd15a7a395fceb07e3b2f0e0f6c75835f8a2bae8a83d42c5708ac8b226ef35d` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ofertools.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html Connection keep-alive Cache-Control no-cache Referer https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 27 Jun 2018 16:58:16 GMT Server Apache Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Cache-Control no-cache, must-revalidate, max-age=0 Connection Keep-Alive Link <https://ofertools.com/wp-json/>; rel="https://api.w.org/" Keep-Alive timeout=5, max=100 Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	404 Not Found	index_Button11_bkgrnd.png ofertools.com/wp-content/languages/plugins/ING_login/9c69a/images/	8 KB 8 KB	3273ms 1656ms	Image text/html	78.46.158.237 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/images/index_Button11_bkgrnd.png Requested by Host: ofertools.com URL: https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.46.158.237 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS res2.abtinweb.com Software Apache / Resource Hash `c9b21ad4b83ffa7a75c38543562202a16ea4b5dc51f1c71b1e3495a770e391e3` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ofertools.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html Connection keep-alive Cache-Control no-cache Referer https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 27 Jun 2018 16:58:16 GMT Server Apache Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Cache-Control no-cache, must-revalidate, max-age=0 Connection Keep-Alive Link <https://ofertools.com/wp-json/>; rel="https://api.w.org/" Keep-Alive timeout=5, max=100 Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	404 Not Found	index_Button10_bkgrnd.png ofertools.com/wp-content/languages/plugins/ING_login/9c69a/images/	23 KB 23 KB	3333ms 1613ms	Image text/html	78.46.158.237 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/images/index_Button10_bkgrnd.png Requested by Host: ofertools.com URL: https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.46.158.237 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS res2.abtinweb.com Software Apache / Resource Hash `d6fb055e293fcb90ac88d1800fc8f3ba3e47079fe78e4d5ef6aa0bbf882130a4` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ofertools.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html Connection keep-alive Cache-Control no-cache Referer https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 27 Jun 2018 16:58:16 GMT Server Apache Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Cache-Control no-cache, must-revalidate, max-age=0 Connection Keep-Alive Link <https://ofertools.com/wp-json/>; rel="https://api.w.org/" Keep-Alive timeout=5, max=100 Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	404 Not Found	index_Button9_bkgrnd.png ofertools.com/wp-content/languages/plugins/ING_login/9c69a/images/	15 KB 15 KB	4291ms 1021ms	Image text/html	78.46.158.237 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/images/index_Button9_bkgrnd.png Requested by Host: ofertools.com URL: https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.46.158.237 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS res2.abtinweb.com Software Apache / Resource Hash `154ce7badd9bd1e971c128b2e0b950635eead37aec8d5f28a0e193906d2bcd87` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ofertools.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html Connection keep-alive Cache-Control no-cache Referer https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 27 Jun 2018 16:58:17 GMT Server Apache Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Cache-Control no-cache, must-revalidate, max-age=0 Connection Keep-Alive Link <https://ofertools.com/wp-json/>; rel="https://api.w.org/" Keep-Alive timeout=5, max=100 Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	404 Not Found	index_Button8_bkgrnd.png ofertools.com/wp-content/languages/plugins/ING_login/9c69a/images/	8 KB 8 KB	1550ms 1542ms	Image text/html	78.46.158.237 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/images/index_Button8_bkgrnd.png Requested by Host: ofertools.com URL: https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.46.158.237 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS res2.abtinweb.com Software Apache / Resource Hash `679c8f24ad1f94e8abb838c582fcfbeaec1eabb99a88d1d530b71c67b4f0fe65` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ofertools.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html Connection keep-alive Cache-Control no-cache Referer https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 27 Jun 2018 16:58:14 GMT Server Apache Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Cache-Control no-cache, must-revalidate, max-age=0 Connection Keep-Alive Link <https://ofertools.com/wp-json/>; rel="https://api.w.org/" Keep-Alive timeout=5, max=100 Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	404 Not Found	index_Button7_bkgrnd.png ofertools.com/wp-content/languages/plugins/ING_login/9c69a/images/	62 KB 62 KB	1609ms 1587ms	Image text/html	78.46.158.237 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/images/index_Button7_bkgrnd.png Requested by Host: ofertools.com URL: https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.46.158.237 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS res2.abtinweb.com Software Apache / Resource Hash `0de57e0fcda2690478e8ef7417735280da50a33dae4043dfc98cab9db24a5b27` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ofertools.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html Connection keep-alive Cache-Control no-cache Referer https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 27 Jun 2018 16:58:14 GMT Server Apache Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Cache-Control no-cache, must-revalidate, max-age=0 Connection Keep-Alive Link <https://ofertools.com/wp-json/>; rel="https://api.w.org/" Keep-Alive timeout=5, max=97 Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	404 Not Found	index_Button6_bkgrnd.png ofertools.com/wp-content/languages/plugins/ING_login/9c69a/images/	15 KB 15 KB	1595ms 1587ms	Image text/html	78.46.158.237 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/images/index_Button6_bkgrnd.png Requested by Host: ofertools.com URL: https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.46.158.237 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS res2.abtinweb.com Software Apache / Resource Hash `f7d3b37d0896cc721d5bc9591d47ad817792a2370461b3cd182a36e8b77c8dcb` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ofertools.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html Connection keep-alive Cache-Control no-cache Referer https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 27 Jun 2018 16:58:14 GMT Server Apache Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Cache-Control no-cache, must-revalidate, max-age=0 Connection Keep-Alive Link <https://ofertools.com/wp-json/>; rel="https://api.w.org/" Keep-Alive timeout=5, max=100 Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	404 Not Found	index_Button5_bkgrnd.png ofertools.com/wp-content/languages/plugins/ING_login/9c69a/images/	23 KB 23 KB	1713ms 1706ms	Image text/html	78.46.158.237 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/images/index_Button5_bkgrnd.png Requested by Host: ofertools.com URL: https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.46.158.237 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS res2.abtinweb.com Software Apache / Resource Hash `6e0e4974408575be3fb61fc937fe98fed3f55782c3a61f093a3851be8bc89629` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ofertools.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html Connection keep-alive Cache-Control no-cache Referer https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 27 Jun 2018 16:58:14 GMT Server Apache Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Cache-Control no-cache, must-revalidate, max-age=0 Connection Keep-Alive Link <https://ofertools.com/wp-json/>; rel="https://api.w.org/" Keep-Alive timeout=5, max=100 Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	404 Not Found	index_Button4_bkgrnd.png ofertools.com/wp-content/languages/plugins/ING_login/9c69a/images/	15 KB 15 KB	3357ms 1804ms	Image text/html	78.46.158.237 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/images/index_Button4_bkgrnd.png Requested by Host: ofertools.com URL: https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.46.158.237 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS res2.abtinweb.com Software Apache / Resource Hash `64bc738f284f99d94ac2e3137552392abfd13a44892aac74bc4e124a725935f9` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ofertools.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html Connection keep-alive Cache-Control no-cache Referer https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 27 Jun 2018 16:58:16 GMT Server Apache Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Cache-Control no-cache, must-revalidate, max-age=0 Connection Keep-Alive Link <https://ofertools.com/wp-json/>; rel="https://api.w.org/" Keep-Alive timeout=5, max=100 Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	404 Not Found	index_Button3_bkgrnd.png ofertools.com/wp-content/languages/plugins/ING_login/9c69a/images/	15 KB 15 KB	1479ms 1471ms	Image text/html	78.46.158.237 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/images/index_Button3_bkgrnd.png Requested by Host: ofertools.com URL: https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.46.158.237 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS res2.abtinweb.com Software Apache / Resource Hash `a535a0dde0a3a178755a7931a7b0d35ed0a1fae3b6b39e848e56d596baa364a2` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ofertools.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html Connection keep-alive Cache-Control no-cache Referer https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 27 Jun 2018 16:58:14 GMT Server Apache Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Cache-Control no-cache, must-revalidate, max-age=0 Connection Keep-Alive Link <https://ofertools.com/wp-json/>; rel="https://api.w.org/" Keep-Alive timeout=5, max=100 Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	404 Not Found	index_Button2_bkgrnd.png ofertools.com/wp-content/languages/plugins/ING_login/9c69a/images/	31 KB 31 KB	3264ms 1778ms	Image text/html	78.46.158.237 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/images/index_Button2_bkgrnd.png Requested by Host: ofertools.com URL: https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.46.158.237 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS res2.abtinweb.com Software Apache / Resource Hash `48b99671a737bee938c0b96447cfa11ef306e4ceb13fc4a37ece83c263cf4ca4` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ofertools.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html Connection keep-alive Cache-Control no-cache Referer https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 27 Jun 2018 16:58:16 GMT Server Apache Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Cache-Control no-cache, must-revalidate, max-age=0 Connection Keep-Alive Link <https://ofertools.com/wp-json/>; rel="https://api.w.org/" Keep-Alive timeout=5, max=100 Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	404 Not Found	index_Editbox1_bkgrnd.png ofertools.com/wp-content/languages/plugins/ING_login/9c69a/images/	16 KB 16 KB	1584ms 1576ms	Image text/html	78.46.158.237 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/images/index_Editbox1_bkgrnd.png Requested by Host: ofertools.com URL: https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.46.158.237 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS res2.abtinweb.com Software Apache / Resource Hash `e7ed0e203808c09b66b97a96e5160a2691e3d43216129af2534223310780620e` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ofertools.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html Connection keep-alive Cache-Control no-cache Referer https://ofertools.com/wp-content/languages/plugins/ING_login/9c69a/index2.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 27 Jun 2018 16:58:14 GMT Server Apache Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Cache-Control no-cache, must-revalidate, max-age=0 Connection Keep-Alive Link <https://ofertools.com/wp-json/>; rel="https://api.w.org/" Keep-Alive timeout=5, max=100 Expires Wed, 11 Jan 1984 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ING Group (Banking)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| vide1 function| addCode function| valider

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ofertools.com
78.46.158.237
06abd98d655f6589a183f05e9e56e5ef93e0e43f9129b785a89a1de8f4fdd594
0de57e0fcda2690478e8ef7417735280da50a33dae4043dfc98cab9db24a5b27
154ce7badd9bd1e971c128b2e0b950635eead37aec8d5f28a0e193906d2bcd87
48b99671a737bee938c0b96447cfa11ef306e4ceb13fc4a37ece83c263cf4ca4
64bc738f284f99d94ac2e3137552392abfd13a44892aac74bc4e124a725935f9
679c8f24ad1f94e8abb838c582fcfbeaec1eabb99a88d1d530b71c67b4f0fe65
6e0e4974408575be3fb61fc937fe98fed3f55782c3a61f093a3851be8bc89629
8cd15a7a395fceb07e3b2f0e0f6c75835f8a2bae8a83d42c5708ac8b226ef35d
a535a0dde0a3a178755a7931a7b0d35ed0a1fae3b6b39e848e56d596baa364a2
bc63124633d72ed5d1d375c31c0e8abeb559b755ba1dbaf0f45efec62eea325f
c9b21ad4b83ffa7a75c38543562202a16ea4b5dc51f1c71b1e3495a770e391e3
d6fb055e293fcb90ac88d1800fc8f3ba3e47079fe78e4d5ef6aa0bbf882130a4
e7ed0e203808c09b66b97a96e5160a2691e3d43216129af2534223310780620e
ef74d06ff8617c719b4a33c74494c27f175accd3157094aeb2a74a8dff8b3a60
f7d3b37d0896cc721d5bc9591d47ad817792a2370461b3cd182a36e8b77c8dcb

ofertools.com Open in urlscan Pro 78.46.158.237 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

418 kBTransfer

417 kBSize

0 Cookies

0 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

0 Cookies

Indicators

ofertools.com Open in urlscan Pro
78.46.158.237 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

418 kB
Transfer

417 kB
Size

0
Cookies

18 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!