ingwholesalebanking.fr
Open in
urlscan Pro
51.144.187.226
Malicious Activity!
Public Scan
Submission Tags: @jcybersec_
Submission: On June 02 via api from GB
Summary
TLS certificate: Issued by Entrust Certification Authority - L1M on May 1st 2020. Valid for: a year.
This is the only time ingwholesalebanking.fr was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: ING Group (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
18 | 51.144.187.226 51.144.187.226 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2a00:1450:400... 2a00:1450:4001:801::2008 | 15169 (GOOGLE) (GOOGLE) | |
10 | 2a00:1450:400... 2a00:1450:4001:81b::200e | 15169 (GOOGLE) (GOOGLE) | |
2 | 84.53.185.177 84.53.185.177 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 185.54.150.22 185.54.150.22 | 60164 (WEBTREKK-AS) (WEBTREKK-AS) | |
1 | 185.54.150.20 185.54.150.20 | 60164 (WEBTREKK-AS) (WEBTREKK-AS) | |
1 | 185.54.150.123 185.54.150.123 | 60164 (WEBTREKK-AS) (WEBTREKK-AS) | |
34 | 7 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ingwholesalebanking.fr |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a84-53-185-177.deploy.static.akamaitechnologies.com
www.ingwb.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
ingwholesalebanking.fr
ingwholesalebanking.fr |
309 KB |
10 |
google-analytics.com
www.google-analytics.com |
46 KB |
2 |
ingwb.com
www.ingwb.com |
190 KB |
1 |
wcfbc.net
fbc.wcfbc.net |
752 B |
1 |
wt-eu02.net
ing-wb01.wt-eu02.net |
|
1 |
wt-safetag.com
responder.wt-safetag.com |
353 B |
1 |
googletagmanager.com
www.googletagmanager.com |
75 KB |
34 | 7 |
Domain | Requested by | |
---|---|---|
18 | ingwholesalebanking.fr |
ingwholesalebanking.fr
|
10 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com ingwholesalebanking.fr |
2 | www.ingwb.com |
ingwholesalebanking.fr
|
1 | fbc.wcfbc.net | |
1 | ing-wb01.wt-eu02.net | |
1 | responder.wt-safetag.com |
ingwholesalebanking.fr
|
1 | www.googletagmanager.com |
ingwholesalebanking.fr
|
34 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
esipub.esi-sa.com |
www.google.com |
www.ing.fr |
www.ingcb.com |
www.ingwb.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
ingwb.com Entrust Certification Authority - L1M |
2020-05-01 - 2021-04-30 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-05-05 - 2020-07-28 |
3 months | crt.sh |
*.wt-safetag.com Go Daddy Secure Certificate Authority - G2 |
2018-09-04 - 2020-09-04 |
2 years | crt.sh |
*.wt-eu02.net Go Daddy Secure Certificate Authority - G2 |
2018-01-08 - 2021-01-08 |
3 years | crt.sh |
fbc.wcfbc.net Go Daddy Secure Certificate Authority - G2 |
2018-01-11 - 2021-01-11 |
3 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://ingwholesalebanking.fr/fr/home
Frame ID: D6A49CAD942676570995E8F3AF8FCAB7
Requests: 34 HTTP requests in this frame
Screenshot
Detected technologies
Google Analytics (Analytics) ExpandDetected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
- html /<!-- (?:End )?Google Tag Manager -->/i
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Plan
Search URL Search Domain Scan URL
Title: site d’ING en France
Search URL Search Domain Scan URL
Title: Page France du site ING WB Groupe
Search URL Search Domain Scan URL
Title: www.ingwb.com
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
home
ingwholesalebanking.fr/fr/ |
20 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fonts-regular-1.52.0.82.min.css
ingwholesalebanking.fr/Static/Stylesheets/fonts-regular/ |
1 KB 804 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ingcb-1.52.0.82.min.css
ingwholesalebanking.fr/Static/Stylesheets/ingcb/ |
112 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
polyfills.js
ingwholesalebanking.fr/Static/Javascript/header/ |
9 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header-1.52.0.82.min.js
ingwholesalebanking.fr/Static/Javascript/ |
15 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FR.png
ingwholesalebanking.fr/static/images/flags/ |
101 B 421 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
espace-client.png
ingwholesalebanking.fr/media/464464/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
footer-1.52.0.82.min.js
ingwholesalebanking.fr/Static/Javascript/ |
244 KB 98 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
294 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
INGMeWeb-Regular.woff
ingwholesalebanking.fr/Static/Fonts/INGMe/ |
36 KB 37 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.svg
ingwholesalebanking.fr/Static/Images/ |
17 KB 17 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
INGMeWeb-Bold.woff
ingwholesalebanking.fr/Static/Fonts/INGMe/ |
37 KB 38 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
home-car-left.gif
ingwholesalebanking.fr/Static/Images/ |
453 B 773 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
home-car-right.gif
ingwholesalebanking.fr/Static/Images/ |
453 B 773 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
overlay-bg.png
ingwholesalebanking.fr/Static/Images/ |
98 B 417 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
office.png
ingwholesalebanking.fr/Static/Images/ |
878 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icons.png
ingwholesalebanking.fr/Static/Images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ing-icons-v4-5.woff
ingwholesalebanking.fr/Static/Fonts/ |
62 KB 62 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.google-analytics.com/gtm/ |
66 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
linkid.js
www.google-analytics.com/plugins/ua/ |
2 KB 995 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 192 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/r/ |
35 B 121 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 90 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 90 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 96 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 90 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 90 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cookies
ingwholesalebanking.fr/ |
799 B 884 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ImageGen.ashx
www.ingwb.com/ |
108 KB 109 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ImageGen.ashx
www.ingwb.com/ |
81 KB 82 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
111111111111111
responder.wt-safetag.com/resp/api/get/ |
12 B 353 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wt
ing-wb01.wt-eu02.net/Unknown%20ING%20WB%20site/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fbc
fbc.wcfbc.net/v1/ |
84 B 752 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: ING Group (Banking)33 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| dataLayer object| html5 object| Modernizr object| homeCarouselImages object| google_tag_manager function| postscribe string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_optimize function| FastClick object| INGCB function| $ function| jQuery object| jQuery1124008973728184726837 number| len object| webtrekkConfig object| wts object| wt_safetagConfig object| webtrekkUnloadObjects object| webtrekkLinktrackObjects object| webtrekkHeatmapObjects function| WebtrekkV3 function| webtrekkV3 function| safetagLoaderHandler object| pageconfig object| wt number| wt_r4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.ingwholesalebanking.fr/ | Name: _gat_UA-47331806-2 Value: 1 |
|
.ingwholesalebanking.fr/ | Name: _gid Value: GA1.2.1027719978.1591096604 |
|
.ingwholesalebanking.fr/ | Name: _ga Value: GA1.2.1261484883.1591096604 |
|
ingwholesalebanking.fr/ | Name: ASP.NET_SessionId Value: src5yrpt1xql2o1kzedytvlw |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fbc.wcfbc.net
ing-wb01.wt-eu02.net
ingwholesalebanking.fr
responder.wt-safetag.com
www.google-analytics.com
www.googletagmanager.com
www.ingwb.com
185.54.150.123
185.54.150.20
185.54.150.22
2a00:1450:4001:801::2008
2a00:1450:4001:81b::200e
51.144.187.226
84.53.185.177
0e654b8374b6a6faa8ed8828b6f403cea89438d3611f73a88a928033f90ebeb6
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
401c4cf2f10b27ac111f4d4d72e6af649f06886d3f486bb0f3cdbff96587f357
43de3930b435fba19d89da9f5597191bb495ce03a5112b91bead6d7d18c04d80
48d8fe3abbdf6620a0203bdb4da7f57621b8f478cdbd054230638233cede2aae
4a0a7668aaa847d33f49023d0982c6331bc9705cad2586eccb8086a680ef534c
50a03c39b1f27335bf23a86631ade6a010cd813ed9a8841e169ac4d31f92a569
52e991a68f0112d78ce891127daa9d66c2fafa6588d4e2c21f430820103d2b77
530fb67d9f1a98f035d0dbc2046c24ca352f0bb557e0a9cdfa7422c114673eb4
5784f2a76cf623c6d8d9ae898246f8c25d9bcd0fc2d1bdd90c091cd2a4a4e3d9
58b02a180d16312318251321337e6368d70a1e6b3d8637420ada2ad02225fd91
5c4cf5ef463bcbff0da64dfd7d9e23d73004ce5f4f5e6d479ba809ef3f56e028
61438666bef9cc2f7ccbdacb8b6dbb7a1cd208aa39cb80e8cfb912d8ca3f7f24
62b1c17c5287f5f4020baecda856004a6c5316d3c2b4cd9a1a01a5e18841e92c
6bc1a519b789033168035b848d3d4942f243d02c18b804ff027413e0049396f6
6ff1ab22e2c6bafe53523c55bfcf2ea0148cb52eba2e18392d5bb14518dba77b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88d47f2ba0cdb1931c5f732d6fef56bd9de4d7eb7501a295338b0d0c6b261e24
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
aa1b6d8a8180a617048197e53775d4caa5924c45f7e2f0eadc3fd35289865135
bc7a0c81f0058b6468c8febdb7127227b562e37c53fefa6f40be9259172d769e
c79d2db8dd70101071166582b03f6806e4fe06b1ca67c34a2c47fe0685c91c36
d327071f6d5d0df99f77fda6e664c7063181996763f9f19766acd24542779dea
d3da32db517abb5a0aaea8c0a824a4ba1a5c79c8fc7c04da18974be451ef2706
e1eb294db85ca963d8a613dd63729eb5e642505b5daeb23f5ee04b1c91e90ffa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5cb35bd410aba4b717a1cc46814a88b50ff311f9514630dffa3480cb43b92e0
f5a4cf7a202084da18ef796d441d0da4f2689b0a9352e24e33cf25f4b9ba96bc