ing.betaalservice.me Open in urlscan Pro
199.188.201.16 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ing.betaalservice.me/nl/retail/login
Submission: On May 28 via manual (May 28th 2020, 1:54:27 pm UTC) from NL

Summary HTTP 30 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 30 HTTP transactions. The main IP is 199.188.201.16, located in Los Angeles, United States and belongs to NAMECHEAP-NET, US. The main domain is ing.betaalservice.me.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 28th 2020. Valid for: a year.

This is the only time ing.betaalservice.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: ING Group (Banking)

Domain & IP information

	IP Address	AS Autonomous System
6 23	199.188.201.16 199.188.201.16	22612 (NAMECHEAP...) (NAMECHEAP-NET)
6	104.108.165.66 104.108.165.66	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
30	4

23 199.188.201.16 (Los Angeles, United States) 6 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: server274-1.web-hosting.com

ing.betaalservice.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.108.165.66 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-165-66.deploy.static.akamaitechnologies.com

www.ing.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	betaalservice.me 6 redirects ing.betaalservice.me	83 KB
6	ing.be www.ing.be
1	jquery.com code.jquery.com	81 KB
30	3

	Domain	Requested by
23	ing.betaalservice.me	6 redirects ing.betaalservice.me code.jquery.com
6	www.ing.be	ing.betaalservice.me
1	code.jquery.com	ing.betaalservice.me
30	3

This site contains links to these domains. Also see Links.

Domain
www.ing.nl
inlogcodes.mijn.ing.nl
aanvragen.ing.nl

Subject Issuer	Validity	Valid
ing.betaalservice.me Sectigo RSA Domain Validation Secure Server CA	`2020-05-28` - `2021-05-28`	a year	crt.sh
www.ing.be Entrust Certification Authority - L1M	`2018-08-21` - `2020-08-19`	2 years	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://ing.betaalservice.me/nl/retail/login
Frame ID: 4E755205337FF5BA4C8558F8DDA1354E
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

30
Requests

80 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

187 kB
Transfer

507 kB
Size

1
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ing.nl/

Search URL Search Domain Scan URL

URL: https://www.ing.nl/de-ing/internetbankieren/onderhoud-mijn-ing/index.html
Title: Lees verder

Search URL Search Domain Scan URL

URL: https://inlogcodes.mijn.ing.nl/particulier/zelf-regelen/instellen/inlogcodes/index.jsp
Title: Wachtwoord en/of gebruikersnaam vergeten?

Search URL Search Domain Scan URL

URL: https://aanvragen.ing.nl/particulier/aanvragen/aanvraagframe.html
Title: Mijn ING aanvragen

Search URL Search Domain Scan URL

URL: https://www.ing.nl/de-ing/veilig-bankieren/belangrijke-mededelingen/inloggegevens-niet-onthouden.html
Title: Inloggegevens niet meer onthouden, lees hoe

Search URL Search Domain Scan URL

URL: https://www.ing.nl/particulier/klantenservice/index.html
Title: Contact met ING

Search URL Search Domain Scan URL

URL: https://www.ing.nl/veiligbankieren
Title: Veilig bankieren

Search URL Search Domain Scan URL

URL: https://www.ing.nl/privacy-statement
Title: Privacy en cookies

Search URL Search Domain Scan URL

URL: https://www.ing.nl/disclaimer
Title: Disclaimer

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://ing.betaalservice.me/nl/retail/Betaal%20met%20Mijn%20ING%20-%20iDEAL%20Inloggen_bestanden/alert-info.svg HTTP 302
https://www.ing.be/404

Request Chain 5

https://ing.betaalservice.me/nl/retail/assets/menu-close.svg HTTP 302
https://www.ing.be/404

Request Chain 6

https://ing.betaalservice.me/nl/retail/Betaal%20met%20Mijn%20ING%20-%20iDEAL%20Inloggen_bestanden/alert-error.svg HTTP 302
https://www.ing.be/404

Request Chain 7

https://ing.betaalservice.me/public/ing/img/alert-error.svg/img/alert-error.svg HTTP 302
https://www.ing.be/404

Request Chain 10

https://ing.betaalservice.me/nl/retail/assets/illustratie_algemenestoring.png HTTP 302
https://www.ing.be/404

Request Chain 12

https://ing.betaalservice.me/public/ing/css/ING_HalfLion_Reversed.svg HTTP 302
https://www.ing.be/404

Request Chain 13

https://ing.betaalservice.me/public/ing/css/fonts/5.woff2 HTTP 302
https://www.ing.be/404

Request Chain 14

https://ing.betaalservice.me/public/ing/css/fonts/1.woff2 HTTP 302
https://www.ing.be/404

Request Chain 16

https://ing.betaalservice.me/public/ing/css/fonts/6.woff HTTP 302
https://www.ing.be/404

Request Chain 17

https://ing.betaalservice.me/public/ing/css/fonts/2.woff HTTP 302
https://www.ing.be/404

Request Chain 18

https://ing.betaalservice.me/public/ing/css/fonts/3.ttf HTTP 302
https://www.ing.be/404

Request Chain 19

https://ing.betaalservice.me/public/ing/css/fonts/7.ttf HTTP 302
https://www.ing.be/404

30 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login Show response ing.betaalservice.me/nl/retail/	17 KB 4 KB	547ms 184ms	Document text/html	199.188.201.16 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://ing.betaalservice.me/nl/retail/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 199.188.201.16 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server274-1.web-hosting.com Software Apache / PHP/7.2.31 Resource Hash `8bdc5597facee6e3f376168d4b20c5ca04cb88f66ff5ac1c1f936b6a92240f3d` Request headers :method GET :authority ing.betaalservice.me :scheme https :path /nl/retail/login pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Thu, 28 May 2020 13:54:09 GMT server Apache x-powered-by PHP/7.2.31 expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache set-cookie PHPSESSID=27b4d5d1b82ba9da44a60b209bc0cf52; path=/ vary Accept-Encoding content-encoding gzip content-length 3728 content-type text/html; charset=UTF-8
GET H2	200	main.css ing.betaalservice.me/public/ing/css/	15 KB 4 KB	171ms 169ms	Stylesheet text/css	199.188.201.16 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://ing.betaalservice.me/public/ing/css/main.css Requested by Host: ing.betaalservice.me URL: https://ing.betaalservice.me/nl/retail/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 199.188.201.16 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server274-1.web-hosting.com Software Apache / Resource Hash `3341e8fbc2735887ec100c965c510ab15e46cc75ac55cd7efc4e63ff6826ed17` Request headers Referer https://ing.betaalservice.me/nl/retail/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 28 May 2020 13:54:09 GMT content-encoding gzip last-modified Thu, 28 May 2020 12:15:50 GMT server Apache vary Accept-Encoding content-type text/css status 200 accept-ranges bytes content-length 3735
GET H2	200	pwdfnt.css ing.betaalservice.me/public/ing/css/	162 KB 65 KB	335ms 333ms	Stylesheet text/css	199.188.201.16 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://ing.betaalservice.me/public/ing/css/pwdfnt.css Requested by Host: ing.betaalservice.me URL: https://ing.betaalservice.me/nl/retail/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 199.188.201.16 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server274-1.web-hosting.com Software Apache / Resource Hash `c7ddda47b321052e5b083bb6200194f9a0a536999ea15e4348ff56c43176c026` Request headers Referer https://ing.betaalservice.me/nl/retail/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 28 May 2020 13:54:09 GMT content-encoding gzip last-modified Thu, 28 May 2020 12:15:51 GMT server Apache vary Accept-Encoding content-type text/css status 200 accept-ranges bytes
GET H2	200	ing-logo.svg ing.betaalservice.me/public/ing/img/	11 KB 5 KB	175ms 173ms	Image image/svg+xml	199.188.201.16 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://ing.betaalservice.me/public/ing/img/ing-logo.svg Requested by Host: ing.betaalservice.me URL: https://ing.betaalservice.me/nl/retail/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 199.188.201.16 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server274-1.web-hosting.com Software Apache / Resource Hash `6b80296141a1137a67f4eb559196937efe42c85d54c13d1ecda26736a4beffd5` Request headers Referer https://ing.betaalservice.me/nl/retail/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 28 May 2020 13:54:09 GMT content-encoding gzip last-modified Thu, 28 May 2020 12:15:58 GMT server Apache vary Accept-Encoding content-type image/svg+xml status 200 accept-ranges bytes content-length 4606
GET H2	200	logo-ideal.svg ing.betaalservice.me/public/ing/img/	3 KB 1 KB	174ms 172ms	Image image/svg+xml	199.188.201.16 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://ing.betaalservice.me/public/ing/img/logo-ideal.svg Requested by Host: ing.betaalservice.me URL: https://ing.betaalservice.me/nl/retail/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 199.188.201.16 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server274-1.web-hosting.com Software Apache / Resource Hash `532de4f1bbf77ff1445ab24e142be64e9ee1cc8820c1fc0afecef3924ddf6f92` Request headers Referer https://ing.betaalservice.me/nl/retail/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 28 May 2020 13:54:09 GMT content-encoding gzip last-modified Thu, 28 May 2020 12:15:58 GMT server Apache vary Accept-Encoding content-type image/svg+xml status 200 accept-ranges bytes content-length 1222
GET H/1.1	404 Not Found	404 www.ing.be/ Redirect Chain https://ing.betaalservice.me/nl/retail/Betaal%20met%20Mijn%20ING%20-%20iDEAL%20Inloggen_bestanden/alert-info.svg https://www.ing.be/404	0 0	138ms 69ms	Image text/html	104.108.165.66 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ing.be/404 Requested by Host: ing.betaalservice.me URL: https://ing.betaalservice.me/nl/retail/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.108.165.66 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-108-165-66.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://ing.betaalservice.me/nl/retail/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Redirect headers pragma no-cache date Thu, 28 May 2020 13:54:09 GMT server Apache x-powered-by PHP/7.2.31 status 302 content-type text/html; charset=UTF-8 location https://www.ing.be/404 cache-control no-store, no-cache, must-revalidate content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	404 Not Found	404 www.ing.be/ Redirect Chain https://ing.betaalservice.me/nl/retail/assets/menu-close.svg https://www.ing.be/404	0 0	150ms 82ms	Image text/html	104.108.165.66 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ing.be/404 Requested by Host: ing.betaalservice.me URL: https://ing.betaalservice.me/nl/retail/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.108.165.66 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-108-165-66.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://ing.betaalservice.me/nl/retail/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Redirect headers pragma no-cache date Thu, 28 May 2020 13:54:09 GMT server Apache x-powered-by PHP/7.2.31 status 302 content-type text/html; charset=UTF-8 location https://www.ing.be/404 cache-control no-store, no-cache, must-revalidate content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	404 Not Found	404 www.ing.be/ Redirect Chain https://ing.betaalservice.me/nl/retail/Betaal%20met%20Mijn%20ING%20-%20iDEAL%20Inloggen_bestanden/alert-error.svg https://www.ing.be/404	0 0	144ms 77ms	Image text/html	104.108.165.66 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ing.be/404 Requested by Host: ing.betaalservice.me URL: https://ing.betaalservice.me/nl/retail/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.108.165.66 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-108-165-66.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://ing.betaalservice.me/nl/retail/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Redirect headers pragma no-cache date Thu, 28 May 2020 13:54:09 GMT server Apache x-powered-by PHP/7.2.31 status 302 content-type text/html; charset=UTF-8 location https://www.ing.be/404 cache-control no-store, no-cache, must-revalidate content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	404 Not Found	404 www.ing.be/ Redirect Chain https://ing.betaalservice.me/public/ing/img/alert-error.svg/img/alert-error.svg https://www.ing.be/404	0 0	200ms 132ms	Image text/html	104.108.165.66 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ing.be/404 Requested by Host: ing.betaalservice.me URL: https://ing.betaalservice.me/nl/retail/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.108.165.66 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-108-165-66.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://ing.betaalservice.me/nl/retail/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Redirect headers pragma no-cache date Thu, 28 May 2020 13:54:09 GMT server Apache x-powered-by PHP/7.2.31 status 302 content-type text/html; charset=UTF-8 location https://www.ing.be/404 cache-control no-store, no-cache, must-revalidate content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	checkbox.svg ing.betaalservice.me/public/ing/img/	281 B 377 B	173ms 171ms	Image image/svg+xml	199.188.201.16 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://ing.betaalservice.me/public/ing/img/checkbox.svg Requested by Host: ing.betaalservice.me URL: https://ing.betaalservice.me/nl/retail/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 199.188.201.16 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server274-1.web-hosting.com Software Apache / Resource Hash `e86ba4f8dd6a82f423fbc44a456b3849eab753d9cee1057159093b9005ecb711` Request headers Referer https://ing.betaalservice.me/nl/retail/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 28 May 2020 13:54:09 GMT content-encoding gzip last-modified Thu, 28 May 2020 12:15:55 GMT server Apache vary Accept-Encoding content-type image/svg+xml status 200 accept-ranges bytes content-length 216
GET H2	200	arrow-chevron-open-right.svg ing.betaalservice.me/public/ing/img/	366 B 427 B	174ms 173ms	Image image/svg+xml	199.188.201.16 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://ing.betaalservice.me/public/ing/img/arrow-chevron-open-right.svg Requested by Host: ing.betaalservice.me URL: https://ing.betaalservice.me/nl/retail/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 199.188.201.16 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server274-1.web-hosting.com Software Apache / Resource Hash `c40c32284db736cf15432a4da1684b391bb82d244589b2001f83a4cbd8e984bb` Request headers Referer https://ing.betaalservice.me/nl/retail/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 28 May 2020 13:54:09 GMT content-encoding gzip last-modified Thu, 28 May 2020 12:15:54 GMT server Apache vary Accept-Encoding content-type image/svg+xml status 200 accept-ranges bytes content-length 266
GET H/1.1	404 Not Found	404 www.ing.be/ Redirect Chain https://ing.betaalservice.me/nl/retail/assets/illustratie_algemenestoring.png https://www.ing.be/404	0 0	196ms 128ms	Image text/html	104.108.165.66 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ing.be/404 Requested by Host: ing.betaalservice.me URL: https://ing.betaalservice.me/nl/retail/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.108.165.66 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-108-165-66.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://ing.betaalservice.me/nl/retail/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Redirect headers pragma no-cache date Thu, 28 May 2020 13:54:09 GMT server Apache x-powered-by PHP/7.2.31 status 302 content-type text/html; charset=UTF-8 location https://www.ing.be/404 cache-control no-store, no-cache, must-revalidate content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	jquery-3.4.1.js Show response code.jquery.com/	274 KB 81 KB	20ms 7ms	Script application/javascript	2001:4de0:ac19::1:b:3a HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.4.1.js Requested by Host: ing.betaalservice.me URL: https://ing.betaalservice.me/nl/retail/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash `5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://ing.betaalservice.me/nl/retail/login Origin https://ing.betaalservice.me Response headers Date Thu, 28 May 2020 13:54:09 GMT Content-Encoding gzip Last-Modified Wed, 01 May 2019 21:14:27 GMT Server nginx ETag W/"5cca0c33-4472c" Vary Accept-Encoding X-HW 1590674049.dop004.fr8.shc,1590674049.dop004.fr8.t,1590674049.cds055.fr8.c Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=315360000, public Connection Keep-Alive Accept-Ranges bytes Content-Length 82889
GET H/1.1	404 Not Found	404 www.ing.be/ Redirect Chain https://ing.betaalservice.me/public/ing/css/ING_HalfLion_Reversed.svg https://www.ing.be/404	0 0	100ms 72ms	Image text/html	104.108.165.66 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ing.be/404 Requested by Host: ing.betaalservice.me URL: https://ing.betaalservice.me/nl/retail/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.108.165.66 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-108-165-66.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://ing.betaalservice.me/public/ing/css/main.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Redirect headers pragma no-cache date Thu, 28 May 2020 13:54:10 GMT server Apache x-powered-by PHP/7.2.31 status 302 content-type text/html; charset=UTF-8 location https://www.ing.be/404 cache-control no-store, no-cache, must-revalidate content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
GET		404 www.ing.be/ Redirect Chain https://ing.betaalservice.me/public/ing/css/fonts/5.woff2 https://www.ing.be/404	0 0

GET		404 www.ing.be/ Redirect Chain https://ing.betaalservice.me/public/ing/css/fonts/1.woff2 https://www.ing.be/404	0 0

GET DATA	200 OK	truncated /	24 KB 24 KB		Font application/font-woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `fbea558fb96f7895b187c7ce9199fec546e443eecee4127f66cb526824c392d6` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer Origin https://ing.betaalservice.me Response headers Content-Type application/font-woff2;charset=utf-8
GET		404 www.ing.be/ Redirect Chain https://ing.betaalservice.me/public/ing/css/fonts/6.woff https://www.ing.be/404	0 0

GET		404 www.ing.be/ Redirect Chain https://ing.betaalservice.me/public/ing/css/fonts/2.woff https://www.ing.be/404	0 0

GET		404 www.ing.be/ Redirect Chain https://ing.betaalservice.me/public/ing/css/fonts/3.ttf https://www.ing.be/404	0 0

GET		404 www.ing.be/ Redirect Chain https://ing.betaalservice.me/public/ing/css/fonts/7.ttf https://www.ing.be/404	0 0

POST H2	200	heartbeat Show response ing.betaalservice.me/	0 196 B	185ms 184ms	XHR text/html	199.188.201.16 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://ing.betaalservice.me/heartbeat Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.4.1.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 199.188.201.16 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server274-1.web-hosting.com Software Apache / PHP/7.2.31 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept application/json, text/javascript, /; q=0.01 Referer https://ing.betaalservice.me/nl/retail/login X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Thu, 28 May 2020 13:54:11 GMT server Apache x-powered-by PHP/7.2.31 content-type text/html; charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H2	200	heartbeat Show response ing.betaalservice.me/	0 259 B	174ms 174ms	XHR text/html	199.188.201.16 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://ing.betaalservice.me/heartbeat Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.4.1.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 199.188.201.16 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server274-1.web-hosting.com Software Apache / PHP/7.2.31 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept application/json, text/javascript, /; q=0.01 Referer https://ing.betaalservice.me/nl/retail/login X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Thu, 28 May 2020 13:54:12 GMT server Apache x-powered-by PHP/7.2.31 content-type text/html; charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H2	200	heartbeat Show response ing.betaalservice.me/	0 196 B	176ms 176ms	XHR text/html	199.188.201.16 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://ing.betaalservice.me/heartbeat Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.4.1.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 199.188.201.16 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server274-1.web-hosting.com Software Apache / PHP/7.2.31 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept application/json, text/javascript, /; q=0.01 Referer https://ing.betaalservice.me/nl/retail/login X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Thu, 28 May 2020 13:54:13 GMT server Apache x-powered-by PHP/7.2.31 content-type text/html; charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H2	200	heartbeat Show response ing.betaalservice.me/	0 259 B	177ms 176ms	XHR text/html	199.188.201.16 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://ing.betaalservice.me/heartbeat Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.4.1.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 199.188.201.16 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server274-1.web-hosting.com Software Apache / PHP/7.2.31 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept application/json, text/javascript, /; q=0.01 Referer https://ing.betaalservice.me/nl/retail/login X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Thu, 28 May 2020 13:54:14 GMT server Apache x-powered-by PHP/7.2.31 content-type text/html; charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H2	200	heartbeat Show response ing.betaalservice.me/	0 196 B	176ms 175ms	XHR text/html	199.188.201.16 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://ing.betaalservice.me/heartbeat Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.4.1.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 199.188.201.16 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server274-1.web-hosting.com Software Apache / PHP/7.2.31 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept application/json, text/javascript, /; q=0.01 Referer https://ing.betaalservice.me/nl/retail/login X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Thu, 28 May 2020 13:54:15 GMT server Apache x-powered-by PHP/7.2.31 content-type text/html; charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H2	200	heartbeat Show response ing.betaalservice.me/	0 196 B	177ms 177ms	XHR text/html	199.188.201.16 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://ing.betaalservice.me/heartbeat Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.4.1.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 199.188.201.16 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server274-1.web-hosting.com Software Apache / PHP/7.2.31 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept application/json, text/javascript, /; q=0.01 Referer https://ing.betaalservice.me/nl/retail/login X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Thu, 28 May 2020 13:54:17 GMT server Apache x-powered-by PHP/7.2.31 content-type text/html; charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H2	200	heartbeat Show response ing.betaalservice.me/	0 259 B	175ms 174ms	XHR text/html	199.188.201.16 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://ing.betaalservice.me/heartbeat Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.4.1.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 199.188.201.16 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server274-1.web-hosting.com Software Apache / PHP/7.2.31 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept application/json, text/javascript, /; q=0.01 Referer https://ing.betaalservice.me/nl/retail/login X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Thu, 28 May 2020 13:54:18 GMT server Apache x-powered-by PHP/7.2.31 content-type text/html; charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H2	200	heartbeat Show response ing.betaalservice.me/	0 196 B	179ms 178ms	XHR text/html	199.188.201.16 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://ing.betaalservice.me/heartbeat Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.4.1.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 199.188.201.16 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server274-1.web-hosting.com Software Apache / PHP/7.2.31 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept application/json, text/javascript, /; q=0.01 Referer https://ing.betaalservice.me/nl/retail/login X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Thu, 28 May 2020 13:54:19 GMT server Apache x-powered-by PHP/7.2.31 content-type text/html; charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H2	200	heartbeat Show response ing.betaalservice.me/	0 259 B	177ms 176ms	XHR text/html	199.188.201.16 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://ing.betaalservice.me/heartbeat Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.4.1.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 199.188.201.16 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server274-1.web-hosting.com Software Apache / PHP/7.2.31 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept application/json, text/javascript, /; q=0.01 Referer https://ing.betaalservice.me/nl/retail/login X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Thu, 28 May 2020 13:54:20 GMT server Apache x-powered-by PHP/7.2.31 content-type text/html; charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H2	200	heartbeat Show response ing.betaalservice.me/	0 196 B	177ms 176ms	XHR text/html	199.188.201.16 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://ing.betaalservice.me/heartbeat Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.4.1.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 199.188.201.16 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server274-1.web-hosting.com Software Apache / PHP/7.2.31 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept application/json, text/javascript, /; q=0.01 Referer https://ing.betaalservice.me/nl/retail/login X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Thu, 28 May 2020 13:54:21 GMT server Apache x-powered-by PHP/7.2.31 content-type text/html; charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.ing.be
URL: https://www.ing.be/404

Domain: www.ing.be
URL: https://www.ing.be/404

Domain: www.ing.be
URL: https://www.ing.be/404

Domain: www.ing.be
URL: https://www.ing.be/404

Domain: www.ing.be
URL: https://www.ing.be/404

Domain: www.ing.be
URL: https://www.ing.be/404

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ING Group (Banking)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ing.betaalservice.me/	1969-12-31 23:59:59	Name: PHPSESSID Value: 27b4d5d1b82ba9da44a60b209bc0cf52

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
ing.betaalservice.me
www.ing.be
www.ing.be
104.108.165.66
199.188.201.16
2001:4de0:ac19::1:b:3a
3341e8fbc2735887ec100c965c510ab15e46cc75ac55cd7efc4e63ff6826ed17
532de4f1bbf77ff1445ab24e142be64e9ee1cc8820c1fc0afecef3924ddf6f92
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55
6b80296141a1137a67f4eb559196937efe42c85d54c13d1ecda26736a4beffd5
8bdc5597facee6e3f376168d4b20c5ca04cb88f66ff5ac1c1f936b6a92240f3d
c40c32284db736cf15432a4da1684b391bb82d244589b2001f83a4cbd8e984bb
c7ddda47b321052e5b083bb6200194f9a0a536999ea15e4348ff56c43176c026
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e86ba4f8dd6a82f423fbc44a456b3849eab753d9cee1057159093b9005ecb711
fbea558fb96f7895b187c7ce9199fec546e443eecee4127f66cb526824c392d6

ing.betaalservice.me Open in urlscan Pro 199.188.201.16 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

30 Requests

80 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

187 kBTransfer

507 kBSize

1 Cookies

9 Outgoing links

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

ing.betaalservice.me Open in urlscan Pro
199.188.201.16 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

80 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

187 kB
Transfer

507 kB
Size

1
Cookies

30 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!