ing.nepgroup-webinars.com Open in urlscan Pro
138.68.122.189  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response ing.nepgroup-webinars.com/watch/l5OQShSDGts/	31 KB 13 KB	144ms 66ms	Document text/html	138.68.122.189 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://ing.nepgroup-webinars.com/watch/l5OQShSDGts/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.68.122.189 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 9a1cc94340f3541161053086e6a37351d1645d25ccf299b380a91165404d62ba Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language nl-NL,nl;q=0.9 Response headers Server nginx Date Thu, 04 Nov 2021 10:42:32 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive X-Frame-Options SAMEORIGIN X-XSS-Protection 1; mode=block X-Content-Type-Options nosniff X-Download-Options noopen X-Permitted-Cross-Domain-Policies none Referrer-Policy strict-origin-when-cross-origin Access-Control-Allow-Origin * Access-Control-Allow-Methods POST, GET, OPTIONS Access-Control-Allow-Headers X-Requested-With, X-Prototype-Version Access-Control-Max-Age 1728000 ETag W/"9a1cc94340f3541161053086e6a37351" Cache-Control max-age=0, private, must-revalidate X-Request-Id 1d922ee2-c5e9-41df-907d-260632f4ce4f X-Runtime 0.032610 Strict-Transport-Security max-age=15780000 Content-Encoding gzip
GET H2	200	application-6c3170ae3a69403586d01d1608a94e34a92e6e3d883245274e2c03c677d9a260.css assets-cdn.webinargeek.com/assets/	426 KB 104 KB	113ms 28ms	Stylesheet text/css	2600:9000:2156:ae00:18:260f:14c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets-cdn.webinargeek.com/assets/application-6c3170ae3a69403586d01d1608a94e34a92e6e3d883245274e2c03c677d9a260.css Requested by Host: ing.nepgroup-webinars.com URL: https://ing.nepgroup-webinars.com/watch/l5OQShSDGts/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:ae00:18:260f:14c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash e812074779ce471c86c4887096db49d9eaa8fef5283a33a946bda7db172fed8a Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://ing.nepgroup-webinars.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 22 Oct 2021 20:05:10 GMT content-encoding gzip server nginx age 1089442 x-cache Hit from cloudfront content-type text/css access-control-allow-origin * cache-control max-age=315360000, public x-amz-cf-pop FRA50-C1 content-length 105632 via 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront) x-amz-cf-id R-d6C7bw5ldcRGczGvXjbebu-j2HKbkLioyJKSoeQx1XyKdwsMOu3w== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	web_default-40178b235927bdeeacb5e9102c3f394c6b74c132d1a65b65bcc9ddb5a5aec393.css assets-cdn.webinargeek.com/assets/templates/	20 KB 4 KB	140ms 55ms	Stylesheet text/css	2600:9000:2156:ae00:18:260f:14c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets-cdn.webinargeek.com/assets/templates/web_default-40178b235927bdeeacb5e9102c3f394c6b74c132d1a65b65bcc9ddb5a5aec393.css Requested by Host: ing.nepgroup-webinars.com URL: https://ing.nepgroup-webinars.com/watch/l5OQShSDGts/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:ae00:18:260f:14c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 40178b235927bdeeacb5e9102c3f394c6b74c132d1a65b65bcc9ddb5a5aec393 Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://ing.nepgroup-webinars.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sat, 02 Oct 2021 20:03:12 GMT content-encoding gzip server nginx age 2817560 x-cache Hit from cloudfront content-type text/css access-control-allow-origin * cache-control max-age=315360000, public x-amz-cf-pop FRA50-C1 content-length 3377 via 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront) x-amz-cf-id k2rogxwHgoWkf1d6ya-2PqkY5jf-yPDHnCUibOoTxkTsq88CwXfj0A== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	ingme_fonts.css webcasting.nepworldwide.nl/webinargeek/ing_fonts/	332 B 601 B	221ms 22ms	Stylesheet text/css	2a06:5dc0:3::100 DENIT-AS Amsterdam
General Check archive.org Show headers Download Go to Full URL https://webcasting.nepworldwide.nl/webinargeek/ing_fonts/ingme_fonts.css?family=INGMeWeb-Regular&display=swap Requested by Host: ing.nepgroup-webinars.com URL: https://ing.nepgroup-webinars.com/watch/l5OQShSDGts/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a06:5dc0:3::100 , Netherlands, ASN25542 (DENIT-AS Amsterdam, NL), Reverse DNS Software Apache / Resource Hash 2d736bed1b54639e08513497e8bf68cad33ce9cedf84b55b89195123051b3eb2 Request headers Accept-Language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Thu, 04 Nov 2021 10:42:32 GMT Last-Modified Wed, 08 Apr 2020 10:26:04 GMT Server Apache ETag "14c-5a2c4ed739601" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=200 Content-Length 332
GET H2	200	application-3bbd3811c7af9c8e60cbd61864c07da7cf0f6e94a5b6710b9a9cfdfe34274d50.js Show response assets-cdn.webinargeek.com/assets/	2 MB 276 KB	141ms 57ms	Script application/javascript	2600:9000:2156:ae00:18:260f:14c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets-cdn.webinargeek.com/assets/application-3bbd3811c7af9c8e60cbd61864c07da7cf0f6e94a5b6710b9a9cfdfe34274d50.js Requested by Host: ing.nepgroup-webinars.com URL: https://ing.nepgroup-webinars.com/watch/l5OQShSDGts/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:ae00:18:260f:14c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 3bbd3811c7af9c8e60cbd61864c07da7cf0f6e94a5b6710b9a9cfdfe34274d50 Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://ing.nepgroup-webinars.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sat, 02 Oct 2021 20:03:14 GMT content-encoding gzip server nginx age 2817558 x-cache Hit from cloudfront content-type application/javascript access-control-allow-origin * cache-control max-age=315360000, public x-amz-cf-pop FRA50-C1 content-length 282174 via 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront) x-amz-cf-id nEKucVXAEG-tw7uM70b83yCKuW9li97uPjEsHMkb16UFEaCWUOflTQ== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	ec1dff81-fe22-445f-bda4-e8cad26f9a2e.png static.webinargeek.com/uploads/account/logo/2092/	25 KB 25 KB	121ms 45ms	Image image/png	2600:9000:2156:8400:18:dcb9:3e00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.webinargeek.com/uploads/account/logo/2092/ec1dff81-fe22-445f-bda4-e8cad26f9a2e.png Requested by Host: ing.nepgroup-webinars.com URL: https://ing.nepgroup-webinars.com/watch/l5OQShSDGts/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:8400:18:dcb9:3e00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bc7d4c48293da99bb3c2b4ea7a7e66e0ad37951babbe1fccc2afbb9ea0af2af1 Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://ing.nepgroup-webinars.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 04 Nov 2021 10:42:33 GMT via 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront) last-modified Mon, 18 Nov 2019 14:57:51 GMT server AmazonS3 x-amz-cf-pop FRA50-C1 etag "514d3cded9cf584114057f8facfd8a7c" x-cache RefreshHit from cloudfront content-type image/png accept-ranges bytes content-length 25501 x-amz-cf-id nwqy4Wp0DZn6jMY1t_tT7hdFPY0Jc_d-GEWkHSyxHwSjjmV-XsK1Hw==
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 20 KB	74ms 22ms	Script text/javascript	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: ing.nepgroup-webinars.com URL: https://ing.nepgroup-webinars.com/watch/l5OQShSDGts/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://ing.nepgroup-webinars.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 26 Oct 2021 23:24:02 GMT server Golfe2 age 2486 date Thu, 04 Nov 2021 10:01:06 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19747 expires Thu, 04 Nov 2021 12:01:06 GMT
GET H/1.1	200 OK	INGMeWeb-Regular.woff webcasting.nepworldwide.nl/webinargeek/ing_fonts/assets/fonts/	36 KB 37 KB	90ms 22ms	Font application/font-woff	2a06:5dc0:3::100 DENIT-AS Amsterdam
General Check archive.org Show headers Download Go to Full URL https://webcasting.nepworldwide.nl/webinargeek/ing_fonts/assets/fonts/INGMeWeb-Regular.woff Requested by Host: webcasting.nepworldwide.nl URL: https://webcasting.nepworldwide.nl/webinargeek/ing_fonts/ingme_fonts.css?family=INGMeWeb-Regular&display=swap Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a06:5dc0:3::100 , Netherlands, ASN25542 (DENIT-AS Amsterdam, NL), Reverse DNS Software Apache / Resource Hash 4a0a7668aaa847d33f49023d0982c6331bc9705cad2586eccb8086a680ef534c Request headers Referer https://webcasting.nepworldwide.nl/webinargeek/ing_fonts/ingme_fonts.css?family=INGMeWeb-Regular&display=swap Origin https://ing.nepgroup-webinars.com Accept-Language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Thu, 04 Nov 2021 10:42:32 GMT Last-Modified Wed, 08 Apr 2020 10:26:04 GMT Server Apache ETag "91e0-5a2c4ed74de24" Access-Control-Allow-Methods GET,PUT,POST,DELETE Content-Type application/font-woff Access-Control-Allow-Origin * Connection Keep-Alive Accept-Ranges bytes Access-Control-Allow-Headers Content-Type, Authorization Content-Length 37344 Keep-Alive timeout=15, max=200
GET H2	200	65677a9a-4121-4f9c-925c-d4937755c763.png static.webinargeek.com/uploads/image/13400396/	10 KB 10 KB	60ms 59ms	Image image/png	2600:9000:2156:8400:18:dcb9:3e00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.webinargeek.com/uploads/image/13400396/65677a9a-4121-4f9c-925c-d4937755c763.png Requested by Host: ing.nepgroup-webinars.com URL: https://ing.nepgroup-webinars.com/watch/l5OQShSDGts/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:8400:18:dcb9:3e00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6e3760b51103b29cfab56936d258684a881bd1172b40fe214209a336743ea963 Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://ing.nepgroup-webinars.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 04 Nov 2021 10:42:33 GMT via 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront) last-modified Mon, 25 Oct 2021 14:18:51 GMT server AmazonS3 x-amz-cf-pop FRA50-C1 etag "bb84ee595e18b44a1a0f3b63765b92e7" x-cache Miss from cloudfront content-type image/png accept-ranges bytes content-length 9789 x-amz-cf-id voghl9QTw--eFebXsgqcgJZBHJ5CxktC1ttCPUM6Xpk6fIXZ7kdz-w==
GET H2	200	glyphicons-halflings-regular-fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c.woff2 assets-cdn.webinargeek.com/assets/glyphicons/	18 KB 18 KB	77ms 28ms	Font font/woff2	2600:9000:2156:ae00:18:260f:14c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets-cdn.webinargeek.com/assets/glyphicons/glyphicons-halflings-regular-fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c.woff2 Requested by Host: assets-cdn.webinargeek.com URL: https://assets-cdn.webinargeek.com/assets/application-6c3170ae3a69403586d01d1608a94e34a92e6e3d883245274e2c03c677d9a260.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:ae00:18:260f:14c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c Request headers Referer https://assets-cdn.webinargeek.com/assets/application-6c3170ae3a69403586d01d1608a94e34a92e6e3d883245274e2c03c677d9a260.css Origin https://ing.nepgroup-webinars.com Accept-Language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 01 Nov 2021 07:48:24 GMT via 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront) server nginx age 269648 x-cache Hit from cloudfront content-type font/woff2 access-control-allow-origin * cache-control max-age=315360000, public x-amz-cf-pop FRA50-C1 accept-ranges bytes content-length 18028 x-amz-cf-id 7X7u5YErfZXbjnlY6iyxwwOKnwSHJDnSueFI-lcKxLBmU6Ydol_RGA== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	helveticaltstd-bold-e68ce485ac7fcb4180eae7723ad22756d9521f96c453e9f80abdc3284db87e61.woff assets-cdn.webinargeek.com/assets/helvetica/	24 KB 24 KB	83ms 39ms	Font font/woff	2600:9000:2156:ae00:18:260f:14c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets-cdn.webinargeek.com/assets/helvetica/helveticaltstd-bold-e68ce485ac7fcb4180eae7723ad22756d9521f96c453e9f80abdc3284db87e61.woff Requested by Host: assets-cdn.webinargeek.com URL: https://assets-cdn.webinargeek.com/assets/application-6c3170ae3a69403586d01d1608a94e34a92e6e3d883245274e2c03c677d9a260.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:ae00:18:260f:14c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash e68ce485ac7fcb4180eae7723ad22756d9521f96c453e9f80abdc3284db87e61 Request headers Referer https://assets-cdn.webinargeek.com/assets/application-6c3170ae3a69403586d01d1608a94e34a92e6e3d883245274e2c03c677d9a260.css Origin https://ing.nepgroup-webinars.com Accept-Language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 28 Oct 2021 06:07:28 GMT via 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront) server nginx age 621304 x-cache Hit from cloudfront content-type font/woff access-control-allow-origin * cache-control max-age=315360000, public x-amz-cf-pop FRA50-C1 accept-ranges bytes content-length 24628 x-amz-cf-id N20io5L0OhLXcGdTjVcI0LNvkh3kiJinuhIQGOORf4DgAWy6VnPu0g== expires Thu, 31 Dec 2037 23:55:55 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	2 B 214 B	28ms 28ms	XHR text/plain	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=1042429239&t=pageview&_s=1&dl=https%3A%2F%2Fing.nepgroup-webinars.com%2Fwatch%2Fl5OQShSDGts%2F&ul=en-us&de=UTF-8&dt=NEP%20Webinars&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=787550194&gjid=1839917306&cid=1335113019.1636022553&tid=UA-109336976-1&_gid=1785805603.1636022553&_r=1&_slc=1&z=1746412166 Requested by Host: ing.nepgroup-webinars.com URL: https://ing.nepgroup-webinars.com/watch/l5OQShSDGts/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://ing.nepgroup-webinars.com/ Accept-Language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 04 Nov 2021 10:42:32 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://ing.nepgroup-webinars.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	nr-1211.min.js Show response js-agent.newrelic.com/	33 KB 13 KB	53ms 14ms	Script application/javascript	151.101.66.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/nr-1211.min.js Requested by Host: ing.nepgroup-webinars.com URL: https://ing.nepgroup-webinars.com/watch/l5OQShSDGts/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.66.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 4e42e478fd27161799c18a75c2e9a7341996250f696d09d53db336a2962ba06b Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://ing.nepgroup-webinars.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-amz-version-id yf8j0EL0OxPIPTHd.58X6iFExO4xIT0R content-encoding gzip etag "3ad2268e635f4d033b0062f582c5b85a" x-amz-request-id C3MF3XSPDYWK8WX2 x-cache HIT cross-origin-resource-policy cross-origin content-length 12477 x-amz-id-2 LEufrzmijWXR0pYvgA+T6YlHHP10h69/q0yPTEL7hJcH5oDLRYYMArX1mOwQ0wM43GUL0QswePY= x-served-by cache-ams21070-AMS last-modified Mon, 27 Sep 2021 20:46:50 GMT server AmazonS3 x-timer S1636022553.679755,VS0,VE0 date Thu, 04 Nov 2021 10:42:32 GMT vary Accept-Encoding content-type application/javascript via 1.1 varnish cache-control public, max-age=7200, stale-if-error=604800 accept-ranges bytes x-cache-hits 16424
GET H/1.1	200 OK	8cec02d0d5 Show response bam-cell.nr-data.net/1/	49 B 715 B	455ms 420ms	Script text/javascript	162.247.243.147 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bam-cell.nr-data.net/1/8cec02d0d5?a=80832309&v=1211.ba193a8&to=d1cKQhYNXV1XQkkSBFZRClcWTUZQRlMO&rst=612&ck=1&ref=https://ing.nepgroup-webinars.com/watch/l5OQShSDGts/&qt=1&ap=32&be=167&fe=548&dc=470&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1636022552085,%22n%22:0,%22f%22:1,%22dn%22:2,%22dne%22:24,%22c%22:24,%22s%22:36,%22ce%22:79,%22rq%22:79,%22rp%22:145,%22rpe%22:146,%22dl%22:148,%22di%22:470,%22ds%22:470,%22de%22:476,%22dc%22:548,%22l%22:548,%22le%22:550%7D,%22navigation%22:%7B%7D%7D&fp=472&fcp=472&jsonp=NREUM.setToken Requested by Host: js-agent.newrelic.com URL: https://js-agent.newrelic.com/nr-1211.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82 Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://ing.nepgroup-webinars.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Thu, 04 Nov 2021 10:42:33 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC Server cloudflare Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Vary Accept-Encoding access-control-allow-methods GET, POST, PUT, HEAD, OPTIONS Content-Type text/javascript Access-Control-Allow-Origin * Transfer-Encoding chunked Cross-Origin-Resource-Policy cross-origin Connection keep-alive access-control-allow-credentials true CF-Ray 6a8d3c7aaca5fa44-AMS

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ING Group (Banking)

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| NREUM object| newrelic function| __nr_require string| GoogleAnalyticsObject function| ga object| I18n function| rgb2hex function| shadeColor function| storageAvailable function| tableSorterOptions function| colorSurveyFormBars boolean| pp_alreadyInitialized object| defaultInteractionsCkEditorOptions object| minmumCkEditorOptions object| minmumCkEditorBase object| bareCkEditorBase function| reCaptchaConfirmed boolean| iOS boolean| MOBILE boolean| mobileDevice boolean| shiftKeyPressed function| $ function| jQuery object| jQuery112407863577541397593 function| Class function| JQClass function| IsDuplicate object| jstz function| createCalendar object| ParsleyConfig object| Validator object| ParsleyUI object| ParsleyExtend function| psly function| Parsley object| ParsleyUtils object| ParsleyValidator function| moment object| Account object| Modal string| CKEDITOR_BASEPATH object| ActivateColorPicker object| ImageUpload object| RegistrationPage object| Select2 object| Timezone function| round function| preventSubmitOnEnter function| svTabs function| shouldAutoScroll function| scrollPerfectToBottom function| tryTimes function| sortByContent function| toHHMMSS function| activateToolTips function| geekRadioGroups function| textIsOverflown function| decreaseFontSizeBasedOnElement function| webinarCountdown boolean| doresize object| scroll_pos boolean| hashtag object| google_tag_data object| gaplugins object| gaGlobal object| gaData

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.nepgroup-webinars.com/	1969-12-31 23:59:59	Name: webinargeek Value: SmFuL2daNWR6MTRWUVYvZzFyRGxSRk04QjFmbkorZFNwQ0p1WStpSWx5bmZ6QTc2VFFjVXFSRXNjOTNpY3pHaCtnMVlxWDFiSDVnUyt4YUdtaExPZHJ3Y2dLTzl2VjMvOGpqS2dDdldzMEpuYWhJNzNkZ01iLzVWT0NQNWNZNEtzZlN6azFJbVNUenRkK2VZVXkyVzJBPT0tLXBBcm42L2VKbGtoZ2tTa3VZWVpUNnc9PQ%3D%3D--6a9ad928351a7e9abf79802612b5bcd157f5db4d
			.nepgroup-webinars.com/	1970-01-20 15:58:14	Name: _ga Value: GA1.2.1335113019.1636022553
			.nepgroup-webinars.com/	1970-01-19 22:28:28	Name: _gid Value: GA1.2.1785805603.1636022553
			.nepgroup-webinars.com/	1970-01-19 22:27:02	Name: _gat Value: 1
			.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 9d58c86b2abfc49c

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets-cdn.webinargeek.com
bam-cell.nr-data.net
ing.nepgroup-webinars.com
js-agent.newrelic.com
static.webinargeek.com
webcasting.nepworldwide.nl
www.google-analytics.com
138.68.122.189
151.101.66.137
162.247.243.147
2600:9000:2156:8400:18:dcb9:3e00:93a1
2600:9000:2156:ae00:18:260f:14c0:93a1
2a00:1450:4001:828::200e
2a06:5dc0:3::100
2d736bed1b54639e08513497e8bf68cad33ce9cedf84b55b89195123051b3eb2
3bbd3811c7af9c8e60cbd61864c07da7cf0f6e94a5b6710b9a9cfdfe34274d50
40178b235927bdeeacb5e9102c3f394c6b74c132d1a65b65bcc9ddb5a5aec393
4a0a7668aaa847d33f49023d0982c6331bc9705cad2586eccb8086a680ef534c
4e42e478fd27161799c18a75c2e9a7341996250f696d09d53db336a2962ba06b
6e3760b51103b29cfab56936d258684a881bd1172b40fe214209a336743ea963
9a1cc94340f3541161053086e6a37351d1645d25ccf299b380a91165404d62ba
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
bc7d4c48293da99bb3c2b4ea7a7e66e0ad37951babbe1fccc2afbb9ea0af2af1
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
e68ce485ac7fcb4180eae7723ad22756d9521f96c453e9f80abdc3284db87e61
e812074779ce471c86c4887096db49d9eaa8fef5283a33a946bda7db172fed8a
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c