appliedmediacreation.com Open in urlscan Pro
107.180.48.113 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://appliedmediacreation.com/
Submission: On July 06 via manual (July 6th 2022, 8:35:20 am UTC) from NL — Scanned from NL

Summary HTTP 12 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 12 HTTP transactions. The main IP is 107.180.48.113, located in Ashburn, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is appliedmediacreation.com.
TLS certificate: Issued by appliedmediacreation.com on November 9th 2018. Valid for: a year.

This is the only time appliedmediacreation.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: ING Group (Banking)

Domain & IP information

	IP Address		AS Autonomous System
12	107.180.48.113 107.180.48.113		26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
12	1

12 107.180.48.113 (Ashburn, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-107-180-48-113.ip.secureserver.net

appliedmediacreation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	appliedmediacreation.com appliedmediacreation.com	128 KB
12	1

	Domain	Requested by
12	appliedmediacreation.com	appliedmediacreation.com
12	1

This site contains links to these domains. Also see Links.

Domain
inlogcodes.mijn.ing.nl
aanvragen.ing.nl
www.ing.nl

Subject Issuer	Validity	Valid
appliedmediacreation.com appliedmediacreation.com	`2018-11-09` - `2019-11-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://appliedmediacreation.com/
Frame ID: 058450A4115779F0A9CC573272F4ED1F
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Controle Pagina Mijn ING - ING Bankieren

Page Statistics

12
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

128 kB
Transfer

248 kB
Size

1
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://inlogcodes.mijn.ing.nl/particulier/zelf-regelen/instellen/inlogcodes/index.jsp
Title: Wachtwoord en/of gebruikersnaam vergeten?

Search URL Search Domain Scan URL

URL: https://aanvragen.ing.nl/particulier/aanvragen/aanvraagframe.html
Title: Mijn ING aanvragen

Search URL Search Domain Scan URL

URL: https://www.ing.nl/particulier/klantenservice/index.html
Title: Contact met ING

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response appliedmediacreation.com/	11 KB 3 KB	1086ms 834ms	Document text/html	107.180.48.113 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://appliedmediacreation.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.180.48.113 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-107-180-48-113.ip.secureserver.net Software Apache / PHP/7.2.34 Resource Hash `6b652088f01903cc430be55986760cf59b58c472de1d74b71cecdf7f1b60923f` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-encoding br content-length 2637 content-type text/html; charset=UTF-8 date Wed, 06 Jul 2022 08:35:15 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server Apache vary Accept-Encoding x-powered-by PHP/7.2.34
GET H2	200	jsq.js Show response appliedmediacreation.com/	114 KB 33 KB	143ms 142ms	Script application/javascript	107.180.48.113 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://appliedmediacreation.com/jsq.js Requested by Host: appliedmediacreation.com URL: https://appliedmediacreation.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.180.48.113 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-107-180-48-113.ip.secureserver.net Software Apache / Resource Hash `1c853b3a0e88308bc554d66aae33413ffbd0d93757c9504fc5f6d01a80e75ab9` Request headers accept-language nl-NL,nl;q=0.9 Referer https://appliedmediacreation.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 06 Jul 2022 08:35:16 GMT content-encoding br last-modified Thu, 30 Jul 2020 01:00:00 GMT server Apache etag "2480156-1c9e5-5ab9e31120400-br" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 33531
GET H2	200	ing-logo.svg appliedmediacreation.com/css/img/	11 KB 5 KB	142ms 141ms	Image image/svg+xml	107.180.48.113 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL https://appliedmediacreation.com/css/img/ing-logo.svg Requested by Host: appliedmediacreation.com URL: https://appliedmediacreation.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.180.48.113 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-107-180-48-113.ip.secureserver.net Software Apache / Resource Hash `84a60ca3b0ec180e3295696847244027db35fc8bd6f3c4919efcb0bdfa01d87a` Request headers accept-language nl-NL,nl;q=0.9 Referer https://appliedmediacreation.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 06 Jul 2022 08:35:16 GMT content-encoding br last-modified Thu, 30 Jul 2020 01:00:08 GMT server Apache etag "2480151-2de2-5ab9e318c1600-br" vary Accept-Encoding content-type image/svg+xml accept-ranges bytes content-length 4616
GET H2	200	alert-info.svg appliedmediacreation.com/css/img/	599 B 371 B	109ms 109ms	Image image/svg+xml	107.180.48.113 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL https://appliedmediacreation.com/css/img/alert-info.svg Requested by Host: appliedmediacreation.com URL: https://appliedmediacreation.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.180.48.113 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-107-180-48-113.ip.secureserver.net Software Apache / Resource Hash `d081f2b314d6d890c432b89159b76a0bcaf341e90205ae81134b6856d288ee66` Request headers accept-language nl-NL,nl;q=0.9 Referer https://appliedmediacreation.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 06 Jul 2022 08:35:16 GMT content-encoding br last-modified Thu, 30 Jul 2020 01:00:10 GMT server Apache etag "2480147-257-5ab9e31aa9a80-br" vary Accept-Encoding content-type image/svg+xml accept-ranges bytes content-length 291
GET H2	200	alert-error.svg appliedmediacreation.com/css/img/	632 B 382 B	109ms 108ms	Image image/svg+xml	107.180.48.113 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL https://appliedmediacreation.com/css/img/alert-error.svg Requested by Host: appliedmediacreation.com URL: https://appliedmediacreation.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.180.48.113 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-107-180-48-113.ip.secureserver.net Software Apache / Resource Hash `739a8eab3150bde3441a99e26d358c2ac64a101157c79a8b9bdb8e21c2309ba3` Request headers accept-language nl-NL,nl;q=0.9 Referer https://appliedmediacreation.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 06 Jul 2022 08:35:16 GMT content-encoding br last-modified Thu, 30 Jul 2020 01:00:10 GMT server Apache etag "2480146-278-5ab9e31aa9a80-br" vary Accept-Encoding content-type image/svg+xml accept-ranges bytes content-length 324
GET H2	200	menu-close.svg appliedmediacreation.com/css/img/	354 B 256 B	107ms 106ms	Image image/svg+xml	107.180.48.113 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL https://appliedmediacreation.com/css/img/menu-close.svg Requested by Host: appliedmediacreation.com URL: https://appliedmediacreation.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.180.48.113 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-107-180-48-113.ip.secureserver.net Software Apache / Resource Hash `a8c3098593ed42dfb7a75432dcd0e7711a31de1d891af966950ce14d8a11848e` Request headers accept-language nl-NL,nl;q=0.9 Referer https://appliedmediacreation.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 06 Jul 2022 08:35:16 GMT content-encoding br last-modified Thu, 30 Jul 2020 01:00:08 GMT server Apache etag "2480153-162-5ab9e318c1600-br" vary Accept-Encoding content-type image/svg+xml accept-ranges bytes content-length 200
GET H2	200	illustratie_algemenestoring.png appliedmediacreation.com/css/img/	14 KB 15 KB	105ms 104ms	Image image/png	107.180.48.113 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL https://appliedmediacreation.com/css/img/illustratie_algemenestoring.png Requested by Host: appliedmediacreation.com URL: https://appliedmediacreation.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.180.48.113 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-107-180-48-113.ip.secureserver.net Software Apache / Resource Hash `1e932fd1c21334067f030f29d277be08c51604c49d3dffe1600b891fceae4e3f` Request headers accept-language nl-NL,nl;q=0.9 Referer https://appliedmediacreation.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 06 Jul 2022 08:35:16 GMT last-modified Thu, 30 Jul 2020 01:00:10 GMT server Apache accept-ranges bytes etag "248014a-39b0-5ab9e31aa9a80" content-length 14768 content-type image/png
GET H2	200	arrow-chevron-open-right.svg appliedmediacreation.com/css/img/	373 B 285 B	109ms 109ms	Image image/svg+xml	107.180.48.113 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL https://appliedmediacreation.com/css/img/arrow-chevron-open-right.svg Requested by Host: appliedmediacreation.com URL: https://appliedmediacreation.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.180.48.113 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-107-180-48-113.ip.secureserver.net Software Apache / Resource Hash `4660e3da26ee1cca9ff90b3ad94fa57ff2b7083558980456c562dd43948d52f1` Request headers accept-language nl-NL,nl;q=0.9 Referer https://appliedmediacreation.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 06 Jul 2022 08:35:16 GMT content-encoding br last-modified Thu, 30 Jul 2020 01:00:10 GMT server Apache etag "2480148-175-5ab9e31aa9a80-br" vary Accept-Encoding content-type image/svg+xml accept-ranges bytes content-length 228
GET H2	200	base.css appliedmediacreation.com/	15 KB 3 KB	118ms 117ms	Stylesheet text/css	107.180.48.113 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://appliedmediacreation.com/base.css Requested by Host: appliedmediacreation.com URL: https://appliedmediacreation.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.180.48.113 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-107-180-48-113.ip.secureserver.net Software Apache / Resource Hash `46ebae0928a58e07d91f1c39babd91138af1d5788cf3eeb16b0ca76886836aed` Request headers accept-language nl-NL,nl;q=0.9 Referer https://appliedmediacreation.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 06 Jul 2022 08:35:16 GMT content-encoding br last-modified Thu, 30 Jul 2020 01:00:00 GMT server Apache etag "248013a-3da0-5ab9e31120400-br" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 3477
GET H2	200	811383197.svg appliedmediacreation.com/css/img/	21 KB 9 KB	115ms 112ms	Image image/svg+xml	107.180.48.113 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL https://appliedmediacreation.com/css/img/811383197.svg Requested by Host: appliedmediacreation.com URL: https://appliedmediacreation.com/base.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.180.48.113 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-107-180-48-113.ip.secureserver.net Software Apache / Resource Hash `3e5c9215408174cff78c491ad0cd933f2cf7c21bdaf61d71abac85e49f901fd2` Request headers accept-language nl-NL,nl;q=0.9 Referer https://appliedmediacreation.com/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 06 Jul 2022 08:35:16 GMT content-encoding br last-modified Thu, 30 Jul 2020 01:00:10 GMT server Apache etag "2480145-5346-5ab9e31aa9a80-br" vary Accept-Encoding content-type image/svg+xml accept-ranges bytes content-length 9172
GET H2	200	1224525800.woff2 appliedmediacreation.com/css/fonts/	30 KB 30 KB	125ms 123ms	Font font/woff2	107.180.48.113 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://appliedmediacreation.com/css/fonts/1224525800.woff2 Requested by Host: appliedmediacreation.com URL: https://appliedmediacreation.com/base.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.180.48.113 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-107-180-48-113.ip.secureserver.net Software Apache / Resource Hash `3a135f82b209a59959b162a1fbc9b0b38856d1332af286f86046b06357b3811e` Request headers Referer https://appliedmediacreation.com/base.css Origin https://appliedmediacreation.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 06 Jul 2022 08:35:16 GMT content-encoding br last-modified Thu, 30 Jul 2020 01:00:08 GMT server Apache etag "248013e-76f8-5ab9e318c1600-br" vary Accept-Encoding content-type font/woff2 accept-ranges bytes content-length 30441
GET H2	200	_388920554.woff2 appliedmediacreation.com/css/fonts/	29 KB 29 KB	129ms 127ms	Font font/woff2	107.180.48.113 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://appliedmediacreation.com/css/fonts/_388920554.woff2 Requested by Host: appliedmediacreation.com URL: https://appliedmediacreation.com/base.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.180.48.113 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-107-180-48-113.ip.secureserver.net Software Apache / Resource Hash `f74c344733a85af20d2754b208f12309e2a30c591795d0881cb0ad94c4be6155` Request headers Referer https://appliedmediacreation.com/base.css Origin https://appliedmediacreation.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 06 Jul 2022 08:35:16 GMT content-encoding br last-modified Thu, 30 Jul 2020 01:00:08 GMT server Apache etag "2480142-73b0-5ab9e318c1600-br" vary Accept-Encoding content-type font/woff2 accept-ranges bytes content-length 29613

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ING Group (Banking)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			appliedmediacreation.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 4d060eabb011fd7989aa66a137efa04a

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

appliedmediacreation.com
107.180.48.113
1c853b3a0e88308bc554d66aae33413ffbd0d93757c9504fc5f6d01a80e75ab9
1e932fd1c21334067f030f29d277be08c51604c49d3dffe1600b891fceae4e3f
3a135f82b209a59959b162a1fbc9b0b38856d1332af286f86046b06357b3811e
3e5c9215408174cff78c491ad0cd933f2cf7c21bdaf61d71abac85e49f901fd2
4660e3da26ee1cca9ff90b3ad94fa57ff2b7083558980456c562dd43948d52f1
46ebae0928a58e07d91f1c39babd91138af1d5788cf3eeb16b0ca76886836aed
6b652088f01903cc430be55986760cf59b58c472de1d74b71cecdf7f1b60923f
739a8eab3150bde3441a99e26d358c2ac64a101157c79a8b9bdb8e21c2309ba3
84a60ca3b0ec180e3295696847244027db35fc8bd6f3c4919efcb0bdfa01d87a
a8c3098593ed42dfb7a75432dcd0e7711a31de1d891af966950ce14d8a11848e
d081f2b314d6d890c432b89159b76a0bcaf341e90205ae81134b6856d288ee66
f74c344733a85af20d2754b208f12309e2a30c591795d0881cb0ad94c4be6155

appliedmediacreation.com Open in urlscan Pro 107.180.48.113 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

12 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

128 kBTransfer

248 kBSize

1 Cookies

3 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

10 JavaScript Global Variables

1 Cookies

Indicators

appliedmediacreation.com Open in urlscan Pro
107.180.48.113 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

128 kB
Transfer

248 kB
Size

1
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!