aflossen.xyz Open in urlscan Pro
2606:4700:3030::6815:1e82 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://aflossen.xyz/ing/
Effective URL:
https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/
Submission: On February 11 via manual (February 11th 2022, 2:33:01 pm UTC) from NL — Scanned from NL

Summary HTTP 28 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3030::6815:1e82, located in United States and belongs to CLOUDFLARENET, US. The main domain is aflossen.xyz.
TLS certificate: Issued by E1 on February 11th 2022. Valid for: 3 months.

This is the only time aflossen.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: ING Group (Banking)

Domain & IP information

	IP Address	AS Autonomous System
3 29	2606:4700:303... 2606:4700:3030::6815:1e82	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	5.230.70.164 5.230.70.164	12586 (ASGHOSTNET) (ASGHOSTNET)
28	3

29 2606:4700:3030::6815:1e82 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

aflossen.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.230.70.164 (Germany)

ASN12586 (ASGHOSTNET, DE)
PTR: placeholder.noezserver.de

boxpanelbe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	aflossen.xyz 3 redirects aflossen.xyz	454 KB
1	boxpanelbe.com boxpanelbe.com Failed	290 B
28	2

	Domain	Requested by
29	aflossen.xyz	3 redirects aflossen.xyz
1	boxpanelbe.com	aflossen.xyz
28	2

This site contains links to these domains. Also see Links.

Domain
inlogcodes.mijn.ing.nl

Subject Issuer	Validity	Valid
*.aflossen.xyz E1	`2022-02-11` - `2022-05-12`	3 months	crt.sh
boxpanelbe.com R3	`2022-01-18` - `2022-04-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/
Frame ID: 80460642A06D33D201D262582D9EE5CB
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Lоg in bij Mijn ING - ING Bаnkieren

Page URL History Show full URLs

https://aflossen.xyz/ing/ Page URL
https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b HTTP 301
http://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/ HTTP 301
https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/ HTTP 302
https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/ Page URL

Detected technologies

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

\bangular.{0,32}\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

96 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

452 kB
Transfer

729 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://inlogcodes.mijn.ing.nl/particulier/zelf-regelen/instellen/inlogcodes/index.jsp

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://aflossen.xyz/ing/ Page URL
https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b HTTP 301
http://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/ HTTP 301
https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/ HTTP 302
https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response aflossen.xyz/ing/	662 B 930 B	97ms 50ms	Document text/html	2606:4700:3030::6815:1e82 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aflossen.xyz/ing/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:1e82 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2912af7353e858fecafa0d7dd420b7b6c2140265f2e24506d69acfe19e2337f7` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language nl-NL,nl;q=0.9 Response headers date Fri, 11 Feb 2022 14:32:56 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KullUxHjvptM32ioTCNeJ3FsEP%2F14EgtmpAMT7smcJuK2kgZFJlzerCcb4ziPCTqVs36G46h6xSznGAkfnsaAKNpdqAXdxHSyOYCYpjTgyh4q7se6ypnnFzc4il4sXS3NKkhPBKUwwfGqE8%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6dbe4a18ce979180-FRA content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	Primary Request / Show response aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/ Redirect Chain https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b? http://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/? https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/? https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/?	38 KB 7 KB	60ms 60ms	Document text/html	2606:4700:3030::6815:1e82 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? Requested by Host: aflossen.xyz URL: https://aflossen.xyz/ing/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:1e82 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `136b5836b92291106103640d421ca7a74b98db5c8662d5e065b9c9d9487d421f` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language nl-NL,nl;q=0.9 Response headers date Fri, 11 Feb 2022 14:32:57 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LVQnIxuhzjekLXkPhubsysFZX72dTElnzOqXSQ8I%2FhPdGXdraDeN6JDjGaWGKFE%2BP9cus464WkxFqOvq7VK6kwJdselEp8qDBqwfTKUaFCEYq531z%2FGRevxi0%2FPtliNSaanouTQMBI%2B2wJA%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6dbe4a2058a39231-FRA content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Redirect headers date Fri, 11 Feb 2022 14:32:57 GMT content-type text/html; charset=UTF-8 location login/? cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RvqPgvZodco9VbkJAULoQKcMhLytHaQR35zzgNi%2ByNZlJfMF8ZbkaiorD6%2FfXkRkLuKb3jVqMsxkry1DdXxIMUNlV4yfY0tbstzo6YJYpNe6W4DQHK2FoGhwYcXLXo4rPeDhnX6ZyYOEvvo%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6dbe4a200fe19231-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	jquery.min.js Show response aflossen.xyz/ing/bower_components/jquery/dist/	85 KB 31 KB	94ms 94ms	Script application/javascript	2606:4700:3030::6815:1e82 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aflossen.xyz/ing/bower_components/jquery/dist/jquery.min.js Requested by Host: aflossen.xyz URL: https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:1e82 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de` Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 11 Feb 2022 14:32:57 GMT content-encoding br cf-cache-status MISS last-modified Tue, 13 Oct 2020 22:20:36 GMT server cloudflare etag W/"15283-5b194d2f37500-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZWjZqOXeXQOKrEb37jSoqkPVAs17m5tE7oyytrbSfVmR%2FRALuDztURZU8jtasfzoU%2FB73tjVR5lFsWI9l30%2FjQ9x2QVA64KgfChoXVa81nBVh1%2BwnYFWJvpsSmXSVpmrl%2FHDTfuIPEWcTnc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6dbe4a20d9f59231-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	ua-parser.min.js Show response aflossen.xyz/ing/bower_components/ua-parser-js/dist/	17 KB 7 KB	71ms 70ms	Script application/javascript	2606:4700:3030::6815:1e82 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aflossen.xyz/ing/bower_components/ua-parser-js/dist/ua-parser.min.js Requested by Host: aflossen.xyz URL: https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:1e82 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896` Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 11 Feb 2022 14:32:57 GMT content-encoding br cf-cache-status MISS last-modified Tue, 13 Oct 2020 22:20:40 GMT server cloudflare etag W/"4298-5b194d3307e00-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CP57sPOYyJEiIkmOOZ4x6bT0CsYI%2FHaDCiLyQ38x35ol0x8in0rxVIC4OzUL2QU4azCIo3inlN4C67z2TEh%2Frku3k2JfV3svL1xoHRonDSnahudL9mr6iHTsxaiOBj0pfil6rzh04hVbIAM%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6dbe4a20d9fb9231-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	font-awesome.min.css aflossen.xyz/ing/bower_components/font-awesome/css/	30 KB 7 KB	44ms 44ms	Stylesheet text/css	2606:4700:3030::6815:1e82 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aflossen.xyz/ing/bower_components/font-awesome/css/font-awesome.min.css Requested by Host: aflossen.xyz URL: https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:1e82 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd` Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 11 Feb 2022 14:32:57 GMT content-encoding br cf-cache-status MISS last-modified Tue, 13 Oct 2020 22:20:30 GMT server cloudflare etag W/"7918-5b194d297e780-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7orQGCD7pxInPQyDJCSvae0qYNE8Md67kvkSUrE28i2nQPkg%2Bph3xoAKJHME%2BOD5W8Q5WLVYGxmZvLPkHep73wbYA5LoBmEKTHsuV0mxtGhoDgsM6%2B20Rv%2BPkP8KWB1PDaQHjJBAdYTR%2FM8%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6dbe4a20d9fd9231-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	jquery.maskedinput.min.js Show response aflossen.xyz/ing/bower_components/jquery.maskedinput/dist/	16 KB 4 KB	38ms 37ms	Script application/javascript	2606:4700:3030::6815:1e82 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aflossen.xyz/ing/bower_components/jquery.maskedinput/dist/jquery.maskedinput.min.js Requested by Host: aflossen.xyz URL: https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:1e82 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6a2f967ab83a1b16b06c60bbbbbe901f1719b620718f43ee6b7a48d7578cee67` Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 11 Feb 2022 14:32:57 GMT content-encoding br cf-cache-status MISS last-modified Tue, 13 Oct 2020 22:20:40 GMT server cloudflare etag W/"4001-5b194d3307e00-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3YQs1ZTtxwSgRjTpB%2BFrDiM8s3q7clsD0nXFPsA1sqh6Q2wkRQ6NJbZW%2BzhH2%2B1TNWBbWZ69sKyteplW0zIV9QWIuXiHk5OP%2FxOzquLyNbSAgbhnQQkZxadZSHLVKDd6Jif%2B%2Bm%2BTB8rtM%2Bg%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6dbe4a20d9ff9231-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	angular.min.js Show response aflossen.xyz/ing/bower_components/angular/	165 KB 59 KB	71ms 70ms	Script application/javascript	2606:4700:3030::6815:1e82 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aflossen.xyz/ing/bower_components/angular/angular.min.js Requested by Host: aflossen.xyz URL: https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:1e82 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `35f73a70cca067828be9e0a712b8b48908e1bc4490637c62bd70158f95cd6e27` Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 11 Feb 2022 14:32:57 GMT content-encoding br cf-cache-status MISS last-modified Tue, 13 Oct 2020 22:20:14 GMT server cloudflare etag W/"2937c-5b194d1a3c380-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2B8OwaYo41kCZdniTq0BvZYDfyrXEiomn7VLi3BFrsTf%2FzINvfOzaUMoArcfG80mR%2BqPk52nyc7wNtCNvAdBVzt0vWMhGUYkf1WMCMpLG2lPcUqChIxaHFvJqAY1oJyZ6L3Gv01aAQGdcBo%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6dbe4a20da039231-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	css.css aflossen.xyz/ing/login/form/	4 KB 2 KB	162ms 161ms	Stylesheet text/css	2606:4700:3030::6815:1e82 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aflossen.xyz/ing/login/form/css.css Requested by Host: aflossen.xyz URL: https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:1e82 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `52cd7e147acc7f9edf46bebb32bd115bf3a6e94e3d552c4ae151ba2509907eff` Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 11 Feb 2022 14:32:57 GMT content-encoding br cf-cache-status MISS last-modified Tue, 13 Oct 2020 22:20:22 GMT server cloudflare etag W/"e31-5b194d21dd580-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FEL4XcCn1oTOA1otTqd7qVcHI8W8QyyDXFaLYCBjs3gI%2BagePOJTPHuwWg8ANuLf%2FOCWknAeXBQoeXS5TDvYItrc%2FWtcp4JZcukWqXHhIObD0FR9Akf7YToDGcjIleQzWQWzgt5g1W%2F0G1w%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6dbe4a20da049231-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	index.css aflossen.xyz/ing/login/	11 KB 3 KB	162ms 162ms	Stylesheet text/css	2606:4700:3030::6815:1e82 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aflossen.xyz/ing/login/index.css Requested by Host: aflossen.xyz URL: https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:1e82 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ffaeedd622c4f83ad8ac8c548bacb384a93a830c6161ce2ad58c669cfe31df5e` Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 11 Feb 2022 14:32:57 GMT content-encoding br cf-cache-status MISS last-modified Tue, 13 Oct 2020 22:20:12 GMT server cloudflare etag W/"2cdb-5b194d1853f00-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gaMl66lUeB0L%2F4XMIXUFg9PCki8Um1AkjQQn6mdcXzT9gWfBtsG7KUqqfSZQ5w2nW92uRxnrY9xqIUTtK1XdVSG%2BJv9E1EF5C4FQ3PAzbPDnm8r%2FYFmlFO7KkUzEZ21VlHipFyuxAVAEfqM%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6dbe4a20da059231-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	ing-logo.svg aflossen.xyz/ing/login/	11 KB 5 KB	222ms 220ms	Image image/svg+xml	2606:4700:3030::6815:1e82 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://aflossen.xyz/ing/login/ing-logo.svg Requested by Host: aflossen.xyz URL: https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:1e82 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ce1c11b3fa4cc5878006ce1fd10de3ce91cf23e4731946a39d2bf5bfaed25670` Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 11 Feb 2022 14:32:58 GMT content-encoding br cf-cache-status MISS last-modified Tue, 13 Oct 2020 22:20:12 GMT server cloudflare etag W/"2de2-5b194d1853f00" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CjV5b7WpdV6K4abfbqMUeRRNUOJ6FgdZWnESmfsuEfibQT5zU4ecmXFBaEGIZH%2FF0UePIhyL8izGYMuCnE6YlFKjCsWenYeVhd5nKWfgIV9cLyRKRtmjKKUSmc9AyrgSogcidFubrVj1WEs%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6dbe4a21ec3c9231-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	cross.png aflossen.xyz/ing/login/	2 KB 3 KB	2229ms 2228ms	Image image/png	2606:4700:3030::6815:1e82 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://aflossen.xyz/ing/login/cross.png Requested by Host: aflossen.xyz URL: https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:1e82 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cc57673ae58b3d03ea6d9d43e417ef26e96c611b33eff3e20faee392c3b53bfb` Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 11 Feb 2022 14:33:00 GMT cf-cache-status MISS last-modified Tue, 13 Oct 2020 22:20:12 GMT server cloudflare etag "975-5b194d1853f00" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kmrVWZYV8J7mOcQS8zkykWVKddRY5x7zvfEziMzLD0yE%2B%2BLGVTvG3k6YQ7YLpB%2BiUTKvC9x1XJ85%2Fl3QbHGRScPspOufkwF%2Fj12k1U0%2FIaESCtXK2hftIpRDpNqEblk%2FcGimnnN4btyYy5Q%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6dbe4a21ec409231-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2421
GET H3	200	arrow-chevron-open-right.svg aflossen.xyz/ing/login/	366 B 796 B	2231ms 2229ms	Image image/svg+xml	2606:4700:3030::6815:1e82 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://aflossen.xyz/ing/login/arrow-chevron-open-right.svg Requested by Host: aflossen.xyz URL: https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:1e82 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c40c32284db736cf15432a4da1684b391bb82d244589b2001f83a4cbd8e984bb` Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 11 Feb 2022 14:33:00 GMT content-encoding br cf-cache-status MISS last-modified Tue, 13 Oct 2020 22:20:12 GMT server cloudflare etag W/"16e-5b194d1853f00" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=axoVPPfSPpkke%2FZBbafFfwDO8QAg%2BjZmTa9ySBrmjNV3janyJXauYUsKX2zpVAcPBhO9la22wARU%2BkmYt9pcekt68szkVMxBdFDhGjGVKR5EYbSaGwbtFwQ2jf2%2BKUN9FS03B2J04KhK6Kk%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6dbe4a21ec429231-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	menu-close.svg aflossen.xyz/ing/login/	348 B 768 B	2257ms 2256ms	Image image/svg+xml	2606:4700:3030::6815:1e82 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://aflossen.xyz/ing/login/menu-close.svg Requested by Host: aflossen.xyz URL: https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:1e82 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9030f83b22e9a96c2aafff1a3abfdd4ffd0cffa31e1748df717d84282fba82b5` Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 11 Feb 2022 14:33:00 GMT content-encoding br cf-cache-status MISS last-modified Tue, 13 Oct 2020 22:20:12 GMT server cloudflare etag W/"15c-5b194d1853f00" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KIrshXHZzepTUzefSX5AkAtbAshiYUrTdcE%2FlxFGmpaSPNEqAmC2zDGWMm32%2B1D4uOg3WF2JvvU3TcuhuL4PXvxSQSF3YGPyS3EXF1cFg2vz88fpGWYlB0YJq7mPCJI6q7CLmd4Qs5qPFSQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6dbe4a21ec439231-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	alert-info.svg aflossen.xyz/ing/login/	590 B 862 B	63ms 61ms	Image image/svg+xml	2606:4700:3030::6815:1e82 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://aflossen.xyz/ing/login/alert-info.svg Requested by Host: aflossen.xyz URL: https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:1e82 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c622f9704a79e3194eb565250143e8eb50abb9e752fe09cddbe32f68db3af923` Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 11 Feb 2022 14:32:57 GMT content-encoding br cf-cache-status MISS last-modified Tue, 13 Oct 2020 22:20:12 GMT server cloudflare etag W/"24e-5b194d1853f00" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6JJjYGlz9zdQWXLHJLDeTdvDOyBTPUA6N9eVO2x9OJtyLjGd1U%2FSsP1YDHTEaKzHGoEeVWcI9Elo9709mZKEPg%2FzN4x5VvBvT5Jnk0tOR%2BdVGev726hyshDVoay2m2Op1IhnvtQTpB5zsrQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6dbe4a21ec709231-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	alert-error.svg aflossen.xyz/ing/login/	623 B 908 B	2255ms 2253ms	Image image/svg+xml	2606:4700:3030::6815:1e82 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://aflossen.xyz/ing/login/alert-error.svg Requested by Host: aflossen.xyz URL: https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:1e82 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `403237e689dc78baa222a8d6cb6e3455d49c6dcef78391657e52f4161ee3da36` Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 11 Feb 2022 14:33:00 GMT content-encoding br cf-cache-status MISS last-modified Tue, 13 Oct 2020 22:20:12 GMT server cloudflare etag W/"26f-5b194d1853f00" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RmA%2FghheUnLdD%2F76QOmEn%2FvMUZRp0WtXRirJm8O4CWgQ9tZXVVyK0FPWjuA4llvboNVCMANhUceksXS87T37OmpAi4OnAGdcewpNCWhSKr9O%2FMqICcmW9uSGMxZI7U%2FG%2FB7wexVpWSdHLJw%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6dbe4a21ec739231-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	untitled aflossen.xyz/ing/login/	274 B 274 B	109ms 108ms	Image text/html	2606:4700:3030::6815:1e82 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://aflossen.xyz/ing/login/untitled Requested by Host: aflossen.xyz URL: https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:1e82 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a8a8d1e66042596c7870f36e034f6124e6e5bd8f1823b461ba8d24f05fec4ceb` Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 11 Feb 2022 14:32:57 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1e1TzXZwyBjpXrzBPhUOJpGtWBLAJqlSnB8Z1IvHEOA33cUrleL3s6SV136ODl7EYvAGece5IZd1pguf2qIuD5DMqqMOzm9rZb%2FrCJr8F12IuhxuscWZyDRzy1B6%2BFsma5X5XlEBS79V9Ek%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cf-ray 6dbe4a21ec769231-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	headn.png aflossen.xyz/ing/login/	35 KB 36 KB	2248ms 2247ms	Image image/png	2606:4700:3030::6815:1e82 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://aflossen.xyz/ing/login/headn.png Requested by Host: aflossen.xyz URL: https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:1e82 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `13a0096f4545566c7570cadaa041c16d7c3428fb53ce8b68e274515d81143ff9` Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 11 Feb 2022 14:33:00 GMT cf-cache-status MISS last-modified Tue, 13 Oct 2020 22:20:12 GMT server cloudflare etag "8ce4-5b194d1853f00" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8f9NwV%2BpI9rJDeqyddMZts9uTHDsiJy9my2gPud8lkAfecGra2ya%2F3LzoW9RDnXn42wx%2BI2JeQtJ7xyIwd7Ryv6DGk0hfm3TPkIf9BkbOedmgz8oTyeVbzbNsZpm1UYDk0EqQ3KqtUDUoqM%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6dbe4a21ec779231-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 36068
GET H3	200	wifi-router-flat-vector-800x566.png aflossen.xyz/ing/login/	20 KB 21 KB	3250ms 3248ms	Image image/png	2606:4700:3030::6815:1e82 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://aflossen.xyz/ing/login/wifi-router-flat-vector-800x566.png Requested by Host: aflossen.xyz URL: https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:1e82 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a5925b9f30aaf7835ee409adc9694e15fff07229c787fc7f50078ebf119e04e9` Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 11 Feb 2022 14:33:01 GMT cf-cache-status MISS last-modified Tue, 13 Oct 2020 22:20:12 GMT server cloudflare etag "506d-5b194d1853f00" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bG%2ByGZ43mQ7wAYiRbmG%2FSNRUdaMHhrQZipdMDTAIA1IiVZkWka6p2yZQDG%2BpZWiqfr%2FhgppIVE5CBgZxxWLbtOpfz%2FAQmJQ2NREd6E8jYyb76nK97schWwByYdrca6Jqxe4IkziBW9nnbfw%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6dbe4a21ec799231-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 20589
GET H3	200	conirm_with_mobile.png aflossen.xyz/ing/login/	186 KB 186 KB	63ms 62ms	Image image/png	2606:4700:3030::6815:1e82 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://aflossen.xyz/ing/login/conirm_with_mobile.png Requested by Host: aflossen.xyz URL: https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:1e82 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ac6e63e5ea914e981302cf18f27fd23ef1e178b9f2d4b665961820349a8aab48` Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 11 Feb 2022 14:32:57 GMT cf-cache-status MISS last-modified Tue, 13 Oct 2020 22:20:12 GMT server cloudflare etag "2e6d3-5b194d1853f00" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WBxXsjbqAwdYNq1FAvSaJlw1RK1ZJleR8tvzm2hmjLINl9CJGkjKQQfRTkOxSRzlpKBXxlZY%2F0qFMOe0bmEKqIE7xBJTUTiN3l36xKPi%2FWmnPUKLh1yF9S4D2iPzcJJhLZgecjBBb%2B2oCAI%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6dbe4a21ec7b9231-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 190163
GET H3	404	p2 aflossen.xyz/ing/login/	274 B 274 B	115ms 114ms	Image text/html	2606:4700:3030::6815:1e82 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://aflossen.xyz/ing/login/p2 Requested by Host: aflossen.xyz URL: https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:1e82 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a8a8d1e66042596c7870f36e034f6124e6e5bd8f1823b461ba8d24f05fec4ceb` Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 11 Feb 2022 14:32:57 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aIE5TQ3Kqa%2F1oWJyf9Wqxso483X%2B8SCxl2go9wpWUml6BY6UHNNmkUWdNq0sZLWTpgkX7FEOZt1EnqfHXYC%2Bd%2B0b9nR9X8Fn9usp3jjCDVLHSrRfWkZkzLFOjQ7hukImL5yKE8zMQ4LrwrY%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cf-ray 6dbe4a21ec7c9231-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	form.js Show response aflossen.xyz/ing/login/form/	11 KB 4 KB	113ms 113ms	Script application/javascript	2606:4700:3030::6815:1e82 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aflossen.xyz/ing/login/form/form.js?v=62067399a90e8 Requested by Host: aflossen.xyz URL: https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:1e82 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `689dd12ddc99543537d85b7e5eec13b59acee6344a89ea641e047b7a87dc2165` Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 11 Feb 2022 14:32:57 GMT content-encoding br cf-cache-status MISS last-modified Tue, 13 Oct 2020 22:20:22 GMT server cloudflare etag W/"2a79-5b194d21dd580-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mpmGDxLixCEBoWLeQ8kpjbabJTIfBCxEkOa6%2FwZwD6WRLAAbmxawMSTXdD5eqEYiVIXkB0CDuu9b3%2B0VsztUvIaoUs0WDL4sLmoY1X3ryevOryRNzC00LUEmtoR2bYbyAO4awyrRoLVru60%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6dbe4a21dc209231-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	ng.js Show response aflossen.xyz/ing/login/ng/	5 KB 2 KB	1227ms 1226ms	Script application/javascript	2606:4700:3030::6815:1e82 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aflossen.xyz/ing/login/ng/ng.js?v=62067399a9136 Requested by Host: aflossen.xyz URL: https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:1e82 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `23519481e8173a73572fa781429cbc60db99902d4ad9b3e5c30d26e83aef99c2` Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 11 Feb 2022 14:32:59 GMT content-encoding br cf-cache-status MISS last-modified Tue, 13 Oct 2020 22:20:22 GMT server cloudflare etag W/"12d5-5b194d21dd580-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v310H%2BNklvFphwYs8CnhXwMNscoCdiHxSs3k9QK45IWae4fZaC97OgUXNDmUkoXrPGo3TyyIVJ6W449foTgLegYlgXKKBQb0EGwqkAqFDhCWn3rYjlB3jpTOLnwlHpyJAw%2FOfIsWVzyXmlE%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6dbe4a21dc239231-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	token.js Show response aflossen.xyz/ing/login/token/	11 KB 2 KB	1230ms 1229ms	Script application/javascript	2606:4700:3030::6815:1e82 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aflossen.xyz/ing/login/token/token.js?v=62067399a919a Requested by Host: aflossen.xyz URL: https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:1e82 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `32882d9cf6eac3eca18c7eb9da3bd1e92960de0cde43c1d12392e218240e53d3` Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 11 Feb 2022 14:32:59 GMT content-encoding br cf-cache-status MISS last-modified Tue, 13 Oct 2020 22:20:22 GMT server cloudflare etag W/"2b47-5b194d21dd580-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=In6It%2FOhiHGsf75OTN8w5zXWug%2BdsLacv6LXbUW5r%2FxfhjbdNeWMzOoUQw1czI3R2eHz0f3Dr68MN0SMpVkbMD1he5a3qFGpIO%2Brj7VU4SU3FN6vt3HZ31eXGk1%2BighLIYqXgXaFib%2B8Iz0%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6dbe4a21ec379231-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	811383197.svg aflossen.xyz/ing/login/	21 KB 10 KB	3248ms 3247ms	Image image/svg+xml	2606:4700:3030::6815:1e82 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://aflossen.xyz/ing/login/811383197.svg Requested by Host: aflossen.xyz URL: https://aflossen.xyz/ing/login/index.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:1e82 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3e5c9215408174cff78c491ad0cd933f2cf7c21bdaf61d71abac85e49f901fd2` Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://aflossen.xyz/ing/login/index.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 11 Feb 2022 14:33:01 GMT content-encoding br cf-cache-status MISS last-modified Tue, 13 Oct 2020 22:20:12 GMT server cloudflare etag W/"5346-5b194d1853f00" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iObrSrG%2B6ppSZW%2B42hDbWqkp5Gj2621q1JmTitHE1Ir%2FmUeMD%2FMOJMUiB8AkPP6mY3HNIFqeUyU5eJhCqDcwNqCDWKht0A4eW8UZ814%2F3R2io1QPlOnl%2BAZUt5FWpx66vBM9eRvo1Mo0Goo%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6dbe4a21ec7d9231-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		gate.php boxpanelbe.com/uadmin/	0 0

GET H/1.1	200 OK	gate.php Show response boxpanelbe.com/uadmin/	56 B 290 B	110ms 29ms	Script application/javascript	5.230.70.164 ASGHOSTNET
General Check archive.org Show headers Download Go to Full URL https://boxpanelbe.com/uadmin/gate.php?pl=token&link=undefined&bid=c188330fb0307b18093998747c16cc8b&callback=jQuery3210452194293521474_1644589977874&data=%7B%22mes%22%3A%22User%20on%20Home%20page%22%7D&_=1644589977875 Requested by Host: aflossen.xyz URL: https://aflossen.xyz/ing/bower_components/jquery/dist/jquery.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.230.70.164 , Germany, ASN12586 (ASGHOSTNET, DE), Reverse DNS placeholder.noezserver.de Software Apache/2.4.18 (Ubuntu) / Resource Hash `b3d1ccd7966825d7886ade2c825a4f885d88f54e65e22a5e250812c51878c4d3` Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://aflossen.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Fri, 11 Feb 2022 14:32:59 GMT Server Apache/2.4.18 (Ubuntu) Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 56 Content-Type application/javascript
GET H3	200	_388920554.woff2 aflossen.xyz/ing/login/	29 KB 29 KB	1977ms 1977ms	Font application/octet-stream	2606:4700:3030::6815:1e82 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aflossen.xyz/ing/login/_388920554.woff2 Requested by Host: aflossen.xyz URL: https://aflossen.xyz/ing/login/index.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:1e82 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f74c344733a85af20d2754b208f12309e2a30c591795d0881cb0ad94c4be6155` Request headers Referer https://aflossen.xyz/ing/login/index.css Origin https://aflossen.xyz Accept-Language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 11 Feb 2022 14:33:01 GMT cf-cache-status MISS last-modified Tue, 13 Oct 2020 22:20:14 GMT server cloudflare etag "73b0-5b194d1a3c380" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xS53sNw9o7g42OPE2i1OmAyN9frvJ2e3HwsAJJBqusJB8xyDP9Y7B2BThgoeNT4Z9J%2FLQ8GBI0uAyCoqRSWYZ%2FHYuU2NfwQMrUFz3ZCGNSO08JrlRSaaBmYCSQ%2BR7dKdOEFb4nDACHGSkls%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6dbe4a29ed189231-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 29616
GET H3	200	1224525800.woff2 aflossen.xyz/ing/login/	30 KB 30 KB	1975ms 1975ms	Font application/octet-stream	2606:4700:3030::6815:1e82 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aflossen.xyz/ing/login/1224525800.woff2 Requested by Host: aflossen.xyz URL: https://aflossen.xyz/ing/login/index.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:1e82 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3a135f82b209a59959b162a1fbc9b0b38856d1332af286f86046b06357b3811e` Request headers Referer https://aflossen.xyz/ing/login/index.css Origin https://aflossen.xyz Accept-Language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 11 Feb 2022 14:33:01 GMT cf-cache-status MISS last-modified Tue, 13 Oct 2020 22:20:10 GMT server cloudflare etag "76f8-5b194d166ba80" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AI9XHTLpBhnQgVzhrt7%2B9ZrV9zmMYXe4dyDZ6Op6Tjq48CPdFzFbkvaGZdrNVb4C4QXCPSxrr9L2wP%2BmTkMzM692K7R1m6RDaobtuhuTw4Pk6s3wenaHMBhMboi1x6zuNtlbDQR4nVKhVms%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6dbe4a29ed1b9231-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 30456

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: boxpanelbe.com
URL: https://boxpanelbe.com/uadmin/gate.php?pl=token&link=undefined&bid=c188330fb0307b18093998747c16cc8b&callback=jQuery3210452194293521474_1644589977872&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1644589977873

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ING Group (Banking)

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			aflossen.xyz/ing/c188330fb0307b18093998747c16cc8b	1969-12-31 23:59:59	Name: bid Value: c188330fb0307b18093998747c16cc8b
			aflossen.xyz/ing	1969-12-31 23:59:59	Name: real Value: OK

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://aflossen.xyz/ing/login/untitled Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://aflossen.xyz/ing/login/p2 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aflossen.xyz
boxpanelbe.com
boxpanelbe.com
2606:4700:3030::6815:1e82
5.230.70.164
0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896
136b5836b92291106103640d421ca7a74b98db5c8662d5e065b9c9d9487d421f
13a0096f4545566c7570cadaa041c16d7c3428fb53ce8b68e274515d81143ff9
23519481e8173a73572fa781429cbc60db99902d4ad9b3e5c30d26e83aef99c2
2912af7353e858fecafa0d7dd420b7b6c2140265f2e24506d69acfe19e2337f7
32882d9cf6eac3eca18c7eb9da3bd1e92960de0cde43c1d12392e218240e53d3
35f73a70cca067828be9e0a712b8b48908e1bc4490637c62bd70158f95cd6e27
3a135f82b209a59959b162a1fbc9b0b38856d1332af286f86046b06357b3811e
3e5c9215408174cff78c491ad0cd933f2cf7c21bdaf61d71abac85e49f901fd2
403237e689dc78baa222a8d6cb6e3455d49c6dcef78391657e52f4161ee3da36
52cd7e147acc7f9edf46bebb32bd115bf3a6e94e3d552c4ae151ba2509907eff
689dd12ddc99543537d85b7e5eec13b59acee6344a89ea641e047b7a87dc2165
6a2f967ab83a1b16b06c60bbbbbe901f1719b620718f43ee6b7a48d7578cee67
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
9030f83b22e9a96c2aafff1a3abfdd4ffd0cffa31e1748df717d84282fba82b5
a5925b9f30aaf7835ee409adc9694e15fff07229c787fc7f50078ebf119e04e9
a8a8d1e66042596c7870f36e034f6124e6e5bd8f1823b461ba8d24f05fec4ceb
ac6e63e5ea914e981302cf18f27fd23ef1e178b9f2d4b665961820349a8aab48
b3d1ccd7966825d7886ade2c825a4f885d88f54e65e22a5e250812c51878c4d3
c40c32284db736cf15432a4da1684b391bb82d244589b2001f83a4cbd8e984bb
c622f9704a79e3194eb565250143e8eb50abb9e752fe09cddbe32f68db3af923
cc57673ae58b3d03ea6d9d43e417ef26e96c611b33eff3e20faee392c3b53bfb
ce1c11b3fa4cc5878006ce1fd10de3ce91cf23e4731946a39d2bf5bfaed25670
f74c344733a85af20d2754b208f12309e2a30c591795d0881cb0ad94c4be6155
ffaeedd622c4f83ad8ac8c548bacb384a93a830c6161ce2ad58c669cfe31df5e

aflossen.xyz Open in urlscan Pro 2606:4700:3030::6815:1e82 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

96 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

452 kBTransfer

729 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

aflossen.xyz Open in urlscan Pro
2606:4700:3030::6815:1e82 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

96 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

452 kB
Transfer

729 kB
Size

2
Cookies

28 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!