urlscan.io logo urlscan.io
SecurityTrails logo

ing-id-security.net Open in urlscan Pro
172.67.180.126  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ing-id-security.net/global/login.php?acc=un7surcb7yapfttfijmbwjvuzsh9iqg1cd38yyiubqaqc9xcomnbfbuuk5ktqz929iwv5biedix...
Effective URL: https://ing-id-security.net/global/login.php?acc=dHgnfJL69oVAeT5IYIUPQ4wzt0EbMjtHGamHB9XDm0kql0ukKnxPSreSSDXNxJS8vlnXMDT53ig...
Submission: On April 10 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 1 domains to perform 12 HTTP transactions. The main IP is 172.67.180.126, located in United States and belongs to CLOUDFLARENET, US. The main domain is ing-id-security.net.
TLS certificate: Issued by GTS CA 1P5 on April 8th 2024. Valid for: 3 months.
This is the only time ing-id-security.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: ING Group (Banking)

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 14 172.67.180.126 13335 (CLOUDFLAR...)
12 3
Apex Domain
Subdomains		 Transfer
15 ing-id-security.net
ing-id-security.net
382 KB
12 1
Domain Requested by
15 ing-id-security.net 3 redirects ing-id-security.net
12 1

This site contains links to these domains. Also see Links.

Domain
www.ing.com.au
twitter.com
www.facebook.com
www.youtube.com
blog.ing.com.au
www.ing.jobs
Subject Issuer Validity Valid
ing-id-security.net
GTS CA 1P5		 2024-04-08 -
2024-07-07		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://ing-id-security.net/global/login.php?acc=dHgnfJL69oVAeT5IYIUPQ4wzt0EbMjtHGamHB9XDm0kql0ukKnxPSreSSDXNxJS8vlnXMDT53igYPhyf8ycWzYam8rh5dm4AgeBLsMlxITFogdAkel0o4DfHmhGm
Frame ID: C9FA290729A8E0DECF9010FB7FD06475
Requests: 29 HTTP requests in this frame

Frame: https://ing-id-security.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Frame ID: F88DA1FF1EBA0B17F43D81732642542A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Secure Banking Login - ING

Page URL History Show full URLs

  1. http://ing-id-security.net/global/login.php?acc=un7surcb7yapfttfijmbwjvuzsh9iqg1cd38yyiubqaqc9xcomnbfbu... HTTP 307
    https://ing-id-security.net/global/login.php?acc=un7surcb7yapfttfijmbwjvuzsh9iqg1cd38yyiubqaqc9xcomnbfbu... Page URL
  2. https://ing-id-security.net/global/login.php?acc=un7surcb7yapfttfijmbwjvuzsh9iqg1cd38yyiubqaqc9xcomnbfbu... Page URL
  3. https://ing-id-security.net/global/login.php?acc=un7surcb7yapfttfijmbwjvuzsh9iqg1cd38yyiubqaqc9xcomnbfbu... HTTP 302
    https://ing-id-security.net/index.php HTTP 302
    https://ing-id-security.net/global/login.php?acc=dHgnfJL69oVAeT5IYIUPQ4wzt0EbMjtHGamHB9XDm0kql0ukKnxPSre... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

92 %
HTTPS

50 %
IPv6

1
Domains

1
Subdomains

3
IPs

1
Countries

473 kB
Transfer

1866 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ing-id-security.net/global/login.php?acc=un7surcb7yapfttfijmbwjvuzsh9iqg1cd38yyiubqaqc9xcomnbfbuuk5ktqz929iwv5biedix4mq3v2sf8zcutirdfrss9avuz3a6is25eld7vxba4swnah7rt HTTP 307
    https://ing-id-security.net/global/login.php?acc=un7surcb7yapfttfijmbwjvuzsh9iqg1cd38yyiubqaqc9xcomnbfbuuk5ktqz929iwv5biedix4mq3v2sf8zcutirdfrss9avuz3a6is25eld7vxba4swnah7rt Page URL
  2. https://ing-id-security.net/global/login.php?acc=un7surcb7yapfttfijmbwjvuzsh9iqg1cd38yyiubqaqc9xcomnbfbuuk5ktqz929iwv5biedix4mq3v2sf8zcutirdfrss9avuz3a6is25eld7vxba4swnah7rt Page URL
  3. https://ing-id-security.net/global/login.php?acc=un7surcb7yapfttfijmbwjvuzsh9iqg1cd38yyiubqaqc9xcomnbfbuuk5ktqz929iwv5biedix4mq3v2sf8zcutirdfrss9avuz3a6is25eld7vxba4swnah7rt HTTP 302
    https://ing-id-security.net/index.php HTTP 302
    https://ing-id-security.net/global/login.php?acc=dHgnfJL69oVAeT5IYIUPQ4wzt0EbMjtHGamHB9XDm0kql0ukKnxPSreSSDXNxJS8vlnXMDT53igYPhyf8ycWzYam8rh5dm4AgeBLsMlxITFogdAkel0o4DfHmhGm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://ing-id-security.net/global/login.php?acc=un7surcb7yapfttfijmbwjvuzsh9iqg1cd38yyiubqaqc9xcomnbfbuuk5ktqz929iwv5biedix4mq3v2sf8zcutirdfrss9avuz3a6is25eld7vxba4swnah7rt HTTP 307
  • https://ing-id-security.net/global/login.php?acc=un7surcb7yapfttfijmbwjvuzsh9iqg1cd38yyiubqaqc9xcomnbfbuuk5ktqz929iwv5biedix4mq3v2sf8zcutirdfrss9avuz3a6is25eld7vxba4swnah7rt
Request Chain 2
  • https://ing-id-security.net/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://ing-id-security.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
login.php
ing-id-security.net/global/
Redirect Chain
  • http://ing-id-security.net/global/login.php?acc=un7surcb7yapfttfijmbwjvuzsh9iqg1cd38yyiubqaqc9xcomnbfbuuk5ktqz929iwv5biedix4mq3v2sf8zcutirdfrss9avuz3a6is25eld7vxba4swnah7rt
  • https://ing-id-security.net/global/login.php?acc=un7surcb7yapfttfijmbwjvuzsh9iqg1cd38yyiubqaqc9xcomnbfbuuk5ktqz929iwv5biedix4mq3v2sf8zcutirdfrss9avuz3a6is25eld7vxba4swnah7rt
19 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ing-id-security.net/global/login.php?acc=un7surcb7yapfttfijmbwjvuzsh9iqg1cd38yyiubqaqc9xcomnbfbuuk5ktqz929iwv5biedix4mq3v2sf8zcutirdfrss9avuz3a6is25eld7vxba4swnah7rt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:53b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7331f5021f02d6917341ef54413c89d3eebcac7dbcdc2c8f2fdda1f605c08b1a
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
8725bf4a6ee47475-MIA
content-type
text/html; charset=utf-8
date
Wed, 10 Apr 2024 21:14:34 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ukyGASy%2BSghUkz7cjMDktbYpOjwQDsxTnAzD3zcL%2FWK38bvaiTlXGlmpp6C8xZdypEl7Ii8oLh6GWJZZ4raaX%2FY3GdVXjfi6kLd1NoTg6aZm9plQtDviOo3gQ4P9%2FKxFTZttvD2fbkTgaD%2BlDwEOmwO%2F"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

Location
https://ing-id-security.net/global/login.php?acc=un7surcb7yapfttfijmbwjvuzsh9iqg1cd38yyiubqaqc9xcomnbfbuuk5ktqz929iwv5biedix4mq3v2sf8zcutirdfrss9avuz3a6is25eld7vxba4swnah7rt
Non-Authoritative-Reason
HttpsUpgrades
login.php
ing-id-security.net/global/ 		7 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ing-id-security.net/global/login.php?acc=un7surcb7yapfttfijmbwjvuzsh9iqg1cd38yyiubqaqc9xcomnbfbuuk5ktqz929iwv5biedix4mq3v2sf8zcutirdfrss9avuz3a6is25eld7vxba4swnah7rt
Requested by
Host: ing-id-security.net
URL: https://ing-id-security.net/global/login.php?acc=un7surcb7yapfttfijmbwjvuzsh9iqg1cd38yyiubqaqc9xcomnbfbuuk5ktqz929iwv5biedix4mq3v2sf8zcutirdfrss9avuz3a6is25eld7vxba4swnah7rt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.180.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-Requested-TimeStamp-Expire
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
X-Requested-TimeStamp-Combination
X-Requested-Type-Combination
GET
Content-type
application/x-www-form-urlencoded
nI4HynmON0pYKheTZysvegspyHA
29282433
X-Requested-Type
GET
Referer
https://ing-id-security.net/global/login.php?acc=un7surcb7yapfttfijmbwjvuzsh9iqg1cd38yyiubqaqc9xcomnbfbuuk5ktqz929iwv5biedix4mq3v2sf8zcutirdfrss9avuz3a6is25eld7vxba4swnah7rt
X-Requested-with
XMLHttpRequest
X-Requested-TimeStamp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 10 Apr 2024 21:14:35 GMT
x-content-type-options
nosniff, nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P%2BaI%2BSUYqLAV1zmzs5%2FV16ZvkSk7FainTnkcP4R54t1rPq0HGzyEA6lXwBgkga57ULHhHf85FugDf4YQidqtSs%2BDAKYsgic7UF095TJYRX6wWUe602Ykey8nXgieDflos5xCYKJl"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8725bf4edaae8dea-MIA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
expires
0
main.js
ing-id-security.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/ Frame F88D
Redirect Chain
  • https://ing-id-security.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://ing-id-security.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ing-id-security.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Protocol
H3
Server
172.67.180.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f3b5b1003b11e6865afa7179d190d82f8a774b52920b745c873b2d412956f75
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Apr 2024 21:14:34 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mRa3WhdD1IDtayIJv1bstGwt0oWIAf7LcCWmGIZ52qVJ%2FI3a3SGxKa%2BgPZdaHh9QoYLzyt5ZksBc4FZQ3shDiWX%2BoNvNtjHeUW%2BZ6c39nK%2Bh8CigomfY7s5AFQ9eO0UkoszFy%2BrF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8725bf4f1add8dea-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 10 Apr 2024 21:14:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qLiNBgO%2B4fR2Lob37Hxh0HmFzDD3hTVH1JOf%2Fs25KR0dNLtVKV2A1UNG21pzxvnoYZynJpGq331rKS5aMIBz1NyGNoBNXH5wxW0MSvLvVGlNHxfOMpSHvdMG9dIp246D1xHCVtrr"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
cache-control
max-age=300, public
cf-ray
8725bf4edab28dea-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
8725bf4a6ee47475
ing-id-security.net/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame F88D 		0
594 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ing-id-security.net/cdn-cgi/challenge-platform/h/b/jsd/r/8725bf4a6ee47475
Requested by
Host: ing-id-security.net
URL: https://ing-id-security.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.180.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 10 Apr 2024 21:14:35 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zsy9vOHVKRzbjXJqbiAZAVNqTDa7uw4ErwSOe1kapwn7686JdilmRV45apanDDmBXtwESYV6DGBsXwJB6uvCceX7nCOoVIGls%2FZqWGpcTadOmlFos1WqQflPSEbod2XRQMzHdg%2B%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8725bf510d1d8dea-MIA
alt-svc
h3=":443"; ma=86400
login.php
ing-id-security.net/global/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ing-id-security.net/global/login.php?acc=un7surcb7yapfttfijmbwjvuzsh9iqg1cd38yyiubqaqc9xcomnbfbuuk5ktqz929iwv5biedix4mq3v2sf8zcutirdfrss9avuz3a6is25eld7vxba4swnah7rt
Requested by
Host: ing-id-security.net
URL: https://ing-id-security.net/global/login.php?acc=un7surcb7yapfttfijmbwjvuzsh9iqg1cd38yyiubqaqc9xcomnbfbuuk5ktqz929iwv5biedix4mq3v2sf8zcutirdfrss9avuz3a6is25eld7vxba4swnah7rt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.180.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://ing-id-security.net/global/login.php?acc=un7surcb7yapfttfijmbwjvuzsh9iqg1cd38yyiubqaqc9xcomnbfbuuk5ktqz929iwv5biedix4mq3v2sf8zcutirdfrss9avuz3a6is25eld7vxba4swnah7rt
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
8725bf520e8c8dea-MIA
content-type
text/html; charset=utf-8
date
Wed, 10 Apr 2024 21:14:35 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WPYKIxRsdUd7iF9VCCrjbMBjoHXv23zW%2FR8oO0nqlhU%2F9Zl7aVYavB2%2FC0mQ%2FqSNH7kkiDYrTCWrmFIELmt3deVCo2pxlmBP3j4Ca%2B7Gfy%2FDrEi0xDkAMVYh9qhGPeILu9udfAkg"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block
login.php
ing-id-security.net/global/ 		0
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ing-id-security.net/global/login.php?acc=un7surcb7yapfttfijmbwjvuzsh9iqg1cd38yyiubqaqc9xcomnbfbuuk5ktqz929iwv5biedix4mq3v2sf8zcutirdfrss9avuz3a6is25eld7vxba4swnah7rt
Requested by
Host: ing-id-security.net
URL: https://ing-id-security.net/global/login.php?acc=un7surcb7yapfttfijmbwjvuzsh9iqg1cd38yyiubqaqc9xcomnbfbuuk5ktqz929iwv5biedix4mq3v2sf8zcutirdfrss9avuz3a6is25eld7vxba4swnah7rt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.180.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-Requested-TimeStamp-Expire
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
X-Requested-TimeStamp-Combination
X-Requested-Type-Combination
GET
Content-type
application/x-www-form-urlencoded
X-Requested-Type
GET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
zYSbE60TgyvHzFC0Zatd5Vmm-1Q
29282433
Referer
https://ing-id-security.net/global/login.php?acc=un7surcb7yapfttfijmbwjvuzsh9iqg1cd38yyiubqaqc9xcomnbfbuuk5ktqz929iwv5biedix4mq3v2sf8zcutirdfrss9avuz3a6is25eld7vxba4swnah7rt
X-Requested-with
XMLHttpRequest
X-Requested-TimeStamp
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 10 Apr 2024 21:14:35 GMT
x-content-type-options
nosniff, nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=egdZpzfiTOVlOC9s%2FrrQG3RdYdDtFcB1PgTDYdTe7WEvhGAf1iNr2UAAkjWgMw4zzXxjm%2FcRt3W%2BnI2nRnI6ZZDmgkmoPLjBSk4UlXkDGf0EPrdiUTNtgeJv%2FaHX4kHnN%2BV6%2FSWi"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8725bf53c9228dea-MIA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
expires
0
Primary Request login.php
ing-id-security.net/global/
Redirect Chain
  • https://ing-id-security.net/global/login.php?acc=un7surcb7yapfttfijmbwjvuzsh9iqg1cd38yyiubqaqc9xcomnbfbuuk5ktqz929iwv5biedix4mq3v2sf8zcutirdfrss9avuz3a6is25eld7vxba4swnah7rt
  • https://ing-id-security.net/index.php
  • https://ing-id-security.net/global/login.php?acc=dHgnfJL69oVAeT5IYIUPQ4wzt0EbMjtHGamHB9XDm0kql0ukKnxPSreSSDXNxJS8vlnXMDT53igYPhyf8ycWzYam8rh5dm4AgeBLsMlxITFogdAkel0o4DfHmhGm
208 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ing-id-security.net/global/login.php?acc=dHgnfJL69oVAeT5IYIUPQ4wzt0EbMjtHGamHB9XDm0kql0ukKnxPSreSSDXNxJS8vlnXMDT53igYPhyf8ycWzYam8rh5dm4AgeBLsMlxITFogdAkel0o4DfHmhGm
Requested by
Host: ing-id-security.net
URL: https://ing-id-security.net/global/login.php?acc=un7surcb7yapfttfijmbwjvuzsh9iqg1cd38yyiubqaqc9xcomnbfbuuk5ktqz929iwv5biedix4mq3v2sf8zcutirdfrss9avuz3a6is25eld7vxba4swnah7rt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.180.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68a2a0a5c64a1db4728fdbab9865a05e112aceb73b6530d5352047a3c93d6095
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://ing-id-security.net/global/login.php?acc=un7surcb7yapfttfijmbwjvuzsh9iqg1cd38yyiubqaqc9xcomnbfbuuk5ktqz929iwv5biedix4mq3v2sf8zcutirdfrss9avuz3a6is25eld7vxba4swnah7rt
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8725bf612a218dea-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 10 Apr 2024 21:14:37 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BRl3K1OMB%2BizDxOyoBy00klEdSQrACfVULicX97Emmv%2BzhxlxiAjFVu%2FrA0Wkkn8B4r7eAUtI6170QzWy0B6jtDPOxbvcJ2bJVPXoYeLqgP%2FPBmX8UTeF%2B%2BVJckjkJg6DdAs3ttY"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8725bf574d708dea-MIA
content-type
text/html; charset=UTF-8
date
Wed, 10 Apr 2024 21:14:37 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
global/login.php?acc=dHgnfJL69oVAeT5IYIUPQ4wzt0EbMjtHGamHB9XDm0kql0ukKnxPSreSSDXNxJS8vlnXMDT53igYPhyf8ycWzYam8rh5dm4AgeBLsMlxITFogdAkel0o4DfHmhGm
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WiXusrE5fcfT1oaxmiJnK8MjY9ZkVPuMpu7yLDNpv7AjDUwQXeaDGNdxWm0pQQfC6scQ%2ByP1XQ1eLnxOhrr5TzXPjfTVNYudcPLHU30A4xX5sNz3kH%2BhAwD6RqbfmO4wFGwX045f"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff nosniff
x-xss-protection
1; mode=block 1; mode=block
style1.css
ing-id-security.net/global/css/ 		1 MB
255 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ing-id-security.net/global/css/style1.css
Requested by
Host: ing-id-security.net
URL: https://ing-id-security.net/global/login.php?acc=dHgnfJL69oVAeT5IYIUPQ4wzt0EbMjtHGamHB9XDm0kql0ukKnxPSreSSDXNxJS8vlnXMDT53igYPhyf8ycWzYam8rh5dm4AgeBLsMlxITFogdAkel0o4DfHmhGm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.180.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29f23729c180042e6a5043cfa7aefb11cb972dad4ea5f5a21aa5e1cc6c796b41
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ing-id-security.net/global/login.php?acc=dHgnfJL69oVAeT5IYIUPQ4wzt0EbMjtHGamHB9XDm0kql0ukKnxPSreSSDXNxJS8vlnXMDT53igYPhyf8ycWzYam8rh5dm4AgeBLsMlxITFogdAkel0o4DfHmhGm
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 21:14:37 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
194828
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
pragma
public
last-modified
Sun, 31 Mar 2024 18:49:30 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y05BJ89NXNS%2BWFtiXSXlEUpJOFUtvZkmDu8trIR1xJ49iUhJsZxOhGYYYHOnT9hv2lyQiQfNY44zOxWw9QMNIgLLtlt3MtSqrWq%2BRFjfTdXDlbT6U39YR6eUFp95gzz%2FsGinLFBw"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
8725bf630c7f8dea-MIA
expires
Wed, 08 May 2024 15:07:29 GMT
jquery.js
ing-id-security.net/global/js/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ing-id-security.net/global/js/jquery.js
Requested by
Host: ing-id-security.net
URL: https://ing-id-security.net/global/login.php?acc=dHgnfJL69oVAeT5IYIUPQ4wzt0EbMjtHGamHB9XDm0kql0ukKnxPSreSSDXNxJS8vlnXMDT53igYPhyf8ycWzYam8rh5dm4AgeBLsMlxITFogdAkel0o4DfHmhGm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.180.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ing-id-security.net/global/login.php?acc=dHgnfJL69oVAeT5IYIUPQ4wzt0EbMjtHGamHB9XDm0kql0ukKnxPSreSSDXNxJS8vlnXMDT53igYPhyf8ycWzYam8rh5dm4AgeBLsMlxITFogdAkel0o4DfHmhGm
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 21:14:37 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
194828
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
pragma
public
last-modified
Mon, 10 Jan 2022 20:41:12 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IQtJxiOSWFgWv7d9Yfk2PJdWt3XVDdB735vYSSJ533oXF1dKNUCtnU2GEPZP9Id5djrQNt7C%2B1V1vaufk0TNuWK%2BTMVmugLP4cYY6oJFmn4a1luA7nHeBDGez5XKbRGui7ep7NdU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
8725bf630c818dea-MIA
expires
Wed, 08 May 2024 15:07:29 GMT
load.svg
ing-id-security.net/global/images/ 		599 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ing-id-security.net/global/images/load.svg
Requested by
Host: ing-id-security.net
URL: https://ing-id-security.net/global/login.php?acc=dHgnfJL69oVAeT5IYIUPQ4wzt0EbMjtHGamHB9XDm0kql0ukKnxPSreSSDXNxJS8vlnXMDT53igYPhyf8ycWzYam8rh5dm4AgeBLsMlxITFogdAkel0o4DfHmhGm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.180.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3df5c5dec6d29dbdc93f7744e6f52cb4f985aa25d9824e2730e3b7a8c82f9b03
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ing-id-security.net/global/login.php?acc=dHgnfJL69oVAeT5IYIUPQ4wzt0EbMjtHGamHB9XDm0kql0ukKnxPSreSSDXNxJS8vlnXMDT53igYPhyf8ycWzYam8rh5dm4AgeBLsMlxITFogdAkel0o4DfHmhGm
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 21:14:38 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
194828
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
pragma
public
last-modified
Mon, 01 Apr 2024 01:05:14 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZrvF%2ByW0wBZMCClVDhrImaYPPZpOH9vCgA0AYl0Frad8TzG2XvezWBEX4Bi%2BrWjku%2FAe7OuCtQrQOnVp7UuPLem4FGwumwzljUsFCI31IU6PWvs6zcoQ%2Fv7H5yMSpaC2o2iSxpgf"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=5184000
cf-ray
8725bf643e168dea-MIA
expires
Fri, 07 Jun 2024 15:07:30 GMT
jquery.mask.js
ing-id-security.net/global/js/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ing-id-security.net/global/js/jquery.mask.js
Requested by
Host: ing-id-security.net
URL: https://ing-id-security.net/global/login.php?acc=dHgnfJL69oVAeT5IYIUPQ4wzt0EbMjtHGamHB9XDm0kql0ukKnxPSreSSDXNxJS8vlnXMDT53igYPhyf8ycWzYam8rh5dm4AgeBLsMlxITFogdAkel0o4DfHmhGm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.180.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ing-id-security.net/global/login.php?acc=dHgnfJL69oVAeT5IYIUPQ4wzt0EbMjtHGamHB9XDm0kql0ukKnxPSreSSDXNxJS8vlnXMDT53igYPhyf8ycWzYam8rh5dm4AgeBLsMlxITFogdAkel0o4DfHmhGm
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 21:14:38 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
194829
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
pragma
public
last-modified
Mon, 08 May 2023 19:58:08 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sf5xDniZbfHPo7s0Atb6t4z5EVHlrvIucxMzaXwHEnJ4Oh90RpF00Zpg1NMekEW8DlObwIK9xAGeolkx2MvHDvcIQGTt%2BbCRPl6fOosc%2FGx25PMfgHb6RwQOzYaKldq%2BI8ZtME50"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
8725bf647e728dea-MIA
expires
Wed, 08 May 2024 15:07:29 GMT
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
589bcf0a66f7b2c6c5915a5cab6df25f483ba127efdb7a8fa00fdda3969a2a75

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		930 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f37c7a03ba5af9eb40a852e051d94a259bc84ce907fdd834e811efea05351482

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		997 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c85b89d8bbb35d3359a92c22d1194e8f6ad284a9524d9a34c037278f46c63073

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		991 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d532a843218d92d93c7187f0797f3e5aa78c0b10cef5e4d7fb81b38e18c7f5f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb0b349c967acc71d980a7c353deeead5b21ba6859ed3f140f12b94a674319f1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b9e29a1c4ca17f5be5155103d94e3944ae8d1da221db629cde0a963a59ac29c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e654abfa657a2744f263e28a18fb627e38255db60bcb250827dbb4d35eb263c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1007 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
614a027b8cd0bea1683b943046c689ffde84368adcbd1fae4ccda7c69bdb7789

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de66c298342d6307fa117c6ba9e72c713fcef7a9c9caab4f6bf1c1952d1bb37b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ef800acf044f7375b3fc4c212918a51cc479f2a288b3e33b0b9be8e83f0d7dc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db86be10b749c701b569e189682c34cfd564fffccf20ac73eeac34f2fdddcbb3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2383ddee021928b39d403a80c1a658c8c44e25ca1f142f1c9e69d409e0163cf7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a45ebf28139bdbada821c201ec140c45959d10c017e054886cc641b64b0ddc12

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a0a7668aaa847d33f49023d0982c6331bc9705cad2586eccb8086a680ef534c

Request headers

Referer
Origin
https://ing-id-security.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
font/x-woff
truncated
/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e5cb35bd410aba4b717a1cc46814a88b50ff311f9514630dffa3480cb43b92e0

Request headers

Referer
Origin
https://ing-id-security.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
font/x-woff
truncated
/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a5dcb11702a8f849ec2a0051acf4a3861c6a0c08d29d6bd064cb0ed10ba4609

Request headers

Referer
Origin
https://ing-id-security.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
font/x-woff
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b8074872912ecf763ea36a40e7e360c03bb1490098166cbb7cb0f4684df58947

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f61a1d17a23098dc105814179d444e39b1bf567d6a4bc2292fb63b21ed20997

Request headers

Referer
Origin
https://ing-id-security.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
font/x-woff
favicon.png
ing-id-security.net/global/images/ 		4 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ing-id-security.net/global/images/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.180.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ebb414e7f7e5beaac0086de794e3b97c01017abcbdf96a775e1dcd754326196
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ing-id-security.net/global/login.php?acc=dHgnfJL69oVAeT5IYIUPQ4wzt0EbMjtHGamHB9XDm0kql0ukKnxPSreSSDXNxJS8vlnXMDT53igYPhyf8ycWzYam8rh5dm4AgeBLsMlxITFogdAkel0o4DfHmhGm
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 21:14:38 GMT
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
194828
alt-svc
h3=":443"; ma=86400
content-length
4308
x-xss-protection
1; mode=block, 1; mode=block
pragma
public
last-modified
Sun, 31 Mar 2024 16:26:02 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gW%2B9gzGgJL14wrvlR8tu87IZfMr0UpM4xZ%2BLCpKhoHtIHVm%2B0Xc5fZdc2IYphr4cbl0kHvD1m%2FMXErbrzAehJuzbudrhj1oh8YWPfR4jIOdFDovjtHEfOnQOpeMMOMyOikoaC21e"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
8725bf65c8148dea-MIA
expires
Fri, 07 Jun 2024 15:07:30 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ING Group (Banking)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| sub function| xd undefined| request

15 Cookies

Domain/Path Name / Value
ing-id-security.net/ Name: OGp231JICjT-xhsG3JN_3N-oTyg
Value: gPltfxv_pK45TRtoro6AWepIeHs
ing-id-security.net/ Name: oABR4cka6QpAIZCQaQNwi1ycuOY
Value: 1712783672
ing-id-security.net/ Name: qul4gkklrWvTQ5eqz2bdhMC5erM
Value: 1712870072
ing-id-security.net/ Name: 39RHsHdZDWGx4qbE4x4g4Q3jVME
Value: yCfKQTM6DHvK9WLXb7XqEbmQ_GI
ing-id-security.net/ Name: kgJQb9Y_5GY8lXbpXR9dMrNCa8M
Value: ouISElAfhQ1uAknFu-XuuPOAghs
.ing-id-security.net/ Name: cf_clearance
Value: avPbSza9Y.WwB1nuXYRsLZfYsDluUjvkNjRYyM9zhHo-1712783675-1.0.1.1-x9uxpAbGJosgpyQQUXHlqbOookk0hxdZOM_jOhaqmzknQwxJ1pkHOyvrWPI7C3pezTm4f1fg1rXSYI1D2JMeeg
ing-id-security.net/ Name: 3cGsfyVQj_C7gmaIK9YSfikQurs
Value: M6vQvKTShzyONKldVy_kihWAaEk
ing-id-security.net/ Name: Nw5aSifenv6pDtThJ1aFCFxpB_k
Value: 1712783674
ing-id-security.net/ Name: pYFAZGXaMkb376myv8KgaYBdrqc
Value: 1712870074
ing-id-security.net/ Name: E-QCgUBk9qKzW23A37rQ55546rw
Value: UuIsMfQH8XUzcVxTiXfDkcdhrkw
ing-id-security.net/ Name: _EiklCf2ZVyvkTGmwzswQRPd-CY
Value: CTG0u9pJx5rMa_A_a1qU7Ha3FEw
ing-id-security.net/ Name: 3UTeRTf4kTGmtoo3KIaT4qjKD2I
Value: 1712783675
ing-id-security.net/ Name: 3ZRHjLEFVxbp-SJ_YASFwI3z5M8
Value: 1712870075
ing-id-security.net/ Name: bpM8O61nilMNJ169A4VFdQUbX3E
Value: 9Zp3Ay7Mm2ghTfAF_9ftwhmyTdU
ing-id-security.net/ Name: PHPSESSID
Value: b0ccad2b2a5828b05f49d40928cab6f7

5 Console Messages

Source Level URL
Text
network error URL: https://ing-id-security.net/global/login.php?acc=un7surcb7yapfttfijmbwjvuzsh9iqg1cd38yyiubqaqc9xcomnbfbuuk5ktqz929iwv5biedix4mq3v2sf8zcutirdfrss9avuz3a6is25eld7vxba4swnah7rt
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://ing-id-security.net/global/login.php?acc=un7surcb7yapfttfijmbwjvuzsh9iqg1cd38yyiubqaqc9xcomnbfbuuk5ktqz929iwv5biedix4mq3v2sf8zcutirdfrss9avuz3a6is25eld7vxba4swnah7rt
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://ing-id-security.net/global/login.php?acc=un7surcb7yapfttfijmbwjvuzsh9iqg1cd38yyiubqaqc9xcomnbfbuuk5ktqz929iwv5biedix4mq3v2sf8zcutirdfrss9avuz3a6is25eld7vxba4swnah7rt
Message:
Failed to load resource: the server responded with a status of 503 ()
recommendation verbose URL: https://ing-id-security.net/global/login.php?acc=dHgnfJL69oVAeT5IYIUPQ4wzt0EbMjtHGamHB9XDm0kql0ukKnxPSreSSDXNxJS8vlnXMDT53igYPhyf8ycWzYam8rh5dm4AgeBLsMlxITFogdAkel0o4DfHmhGm
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://ing-id-security.net/global/login.php?acc=dHgnfJL69oVAeT5IYIUPQ4wzt0EbMjtHGamHB9XDm0kql0ukKnxPSreSSDXNxJS8vlnXMDT53igYPhyf8ycWzYam8rh5dm4AgeBLsMlxITFogdAkel0o4DfHmhGm
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ing-id-security.net
172.67.180.126
2606:4700:3036::6815:53b6
2383ddee021928b39d403a80c1a658c8c44e25ca1f142f1c9e69d409e0163cf7
29f23729c180042e6a5043cfa7aefb11cb972dad4ea5f5a21aa5e1cc6c796b41
2a5dcb11702a8f849ec2a0051acf4a3861c6a0c08d29d6bd064cb0ed10ba4609
2f3b5b1003b11e6865afa7179d190d82f8a774b52920b745c873b2d412956f75
3b9e29a1c4ca17f5be5155103d94e3944ae8d1da221db629cde0a963a59ac29c
3df5c5dec6d29dbdc93f7744e6f52cb4f985aa25d9824e2730e3b7a8c82f9b03
412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb
4a0a7668aaa847d33f49023d0982c6331bc9705cad2586eccb8086a680ef534c
4e654abfa657a2744f263e28a18fb627e38255db60bcb250827dbb4d35eb263c
4ef800acf044f7375b3fc4c212918a51cc479f2a288b3e33b0b9be8e83f0d7dc
589bcf0a66f7b2c6c5915a5cab6df25f483ba127efdb7a8fa00fdda3969a2a75
5d532a843218d92d93c7187f0797f3e5aa78c0b10cef5e4d7fb81b38e18c7f5f
614a027b8cd0bea1683b943046c689ffde84368adcbd1fae4ccda7c69bdb7789
68a2a0a5c64a1db4728fdbab9865a05e112aceb73b6530d5352047a3c93d6095
7331f5021f02d6917341ef54413c89d3eebcac7dbcdc2c8f2fdda1f605c08b1a
7f61a1d17a23098dc105814179d444e39b1bf567d6a4bc2292fb63b21ed20997
9ebb414e7f7e5beaac0086de794e3b97c01017abcbdf96a775e1dcd754326196
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8
a45ebf28139bdbada821c201ec140c45959d10c017e054886cc641b64b0ddc12
b8074872912ecf763ea36a40e7e360c03bb1490098166cbb7cb0f4684df58947
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c85b89d8bbb35d3359a92c22d1194e8f6ad284a9524d9a34c037278f46c63073
db86be10b749c701b569e189682c34cfd564fffccf20ac73eeac34f2fdddcbb3
de66c298342d6307fa117c6ba9e72c713fcef7a9c9caab4f6bf1c1952d1bb37b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5cb35bd410aba4b717a1cc46814a88b50ff311f9514630dffa3480cb43b92e0
f37c7a03ba5af9eb40a852e051d94a259bc84ce907fdd834e811efea05351482
fb0b349c967acc71d980a7c353deeead5b21ba6859ed3f140f12b94a674319f1