my.ing-es.one Open in urlscan Pro
2606:4700:3037::6815:474  Malicious Activity! Public Scan

Submitted URL: http://europe-southwest1-decent-being-423303-g1.cloudfunctions.net/atualizaciontelefono/087643815/
Effective URL: https://my.ing-es.one/
Submission: On May 17 via api from NL — Scanned from NL

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 12 HTTP transactions. The main IP is 2606:4700:3037::6815:474, located in United States and belongs to CLOUDFLARENET, US. The main domain is my.ing-es.one.
TLS certificate: Issued by GTS CA 1P5 on May 17th 2024. Valid for: 3 months.
This is the only time my.ing-es.one was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: ING Group (Banking)

Live information

Domain & IP information

IP Address AS Autonomous System
1 2001:4860:480... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a04:4e42::649 54113 (FASTLY)
9 172.67.132.9 13335 (CLOUDFLAR...)
12 4
Apex Domain
Subdomains
Transfer
10 ing-es.one
my.ing-es.one
69 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 776
30 KB
1 cloudfunctions.net
europe-southwest1-decent-being-423303-g1.cloudfunctions.net
202 B
12 3
Domain Requested by
10 my.ing-es.one my.ing-es.one
1 code.jquery.com my.ing-es.one
1 europe-southwest1-decent-being-423303-g1.cloudfunctions.net
12 3

This site contains no links.

Subject Issuer Validity Valid
misc.google.com
GTS CA 1C3
2024-05-06 -
2024-07-29
3 months crt.sh
ing-es.one
GTS CA 1P5
2024-05-17 -
2024-08-15
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh

This page contains 1 frames:

Primary Page: https://my.ing-es.one/
Frame ID: 1818EAB8C0802CE1D2880DC1391F8B05
Requests: 12 HTTP requests in this frame

Screenshot

Page Title

ING - Acesso Clientes

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

3
Subdomains

4
IPs

1
Countries

100 kB
Transfer

249 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://europe-southwest1-decent-being-423303-g1.cloudfunctions.net/atualizaciontelefono/087643815/ HTTP 307
  • https://europe-southwest1-decent-being-423303-g1.cloudfunctions.net/atualizaciontelefono/087643815/

12 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
europe-southwest1-decent-being-423303-g1.cloudfunctions.net/atualizaciontelefono/087643815/
Redirect Chain
  • http://europe-southwest1-decent-being-423303-g1.cloudfunctions.net/atualizaciontelefono/087643815/
  • https://europe-southwest1-decent-being-423303-g1.cloudfunctions.net/atualizaciontelefono/087643815/
0
202 B
Document
General
Full URL
https://europe-southwest1-decent-being-423303-g1.cloudfunctions.net/atualizaciontelefono/087643815/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 17 May 2024 16:33:24 GMT
refresh
0; URL=https://my.ing-es.one/
server
Google Frontend
vary
Accept-Encoding

Redirect headers

Location
https://europe-southwest1-decent-being-423303-g1.cloudfunctions.net/atualizaciontelefono/087643815/
Non-Authoritative-Reason
HttpsUpgrades
Primary Request /
my.ing-es.one/
3 KB
2 KB
Document
General
Full URL
https://my.ing-es.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:474 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed2d083453ac7e194d0eb8717b1011b5f55a24e7b8a8ac93338bdd1e5d58645b

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://europe-southwest1-decent-being-423303-g1.cloudfunctions.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
88550254d9660bdc-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 17 May 2024 16:33:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xq0lE%2BaJQkmS%2FNQtlf2RAhtuSx7QD4DjaJ3B8lXamy63VpCQHJ%2BAMqtsqIi2hYw7ln6hNlpTJEBnVFXJdgCZ2WRh1jaCfwktEgDx6LWS357PO2rmifHPt%2FTrus%2FrJwiZb4IAtTGvbRQZobja"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Cookie
jquery-3.6.0.min.js
code.jquery.com/
87 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: my.ing-es.one
URL: https://my.ing-es.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my.ing-es.one/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 16:33:25 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1819787
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-mad22042-MAD
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1715963606.896537,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
67, 42918
app.js
my.ing-es.one/static/js/
9 KB
2 KB
Script
General
Full URL
https://my.ing-es.one/static/js/app.js
Requested by
Host: my.ing-es.one
URL: https://my.ing-es.one/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd2ff8320e28bc589578b9e0da39077842de0d536bb89077da549ed42a96c5ab

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my.ing-es.one/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 16:33:25 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 17 May 2024 15:46:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8uhWHHq598t6zYtR4W9Cniw7XkbWWRkDjEutig7obxXl77lkoZtVaYo5ZND9lNYl98hB66pEolk4e1%2BASm7AB94R8sSMDijjGpjT1gAqsM80HnousOVF9SuvzSPTSUg6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
content-disposition
inline; filename=app.js
cf-ray
88550257ed3e0b8c-AMS
alt-svc
h3=":443"; ma=86400
main.css
my.ing-es.one/static/css/
11 KB
3 KB
Stylesheet
General
Full URL
https://my.ing-es.one/static/css/main.css
Requested by
Host: my.ing-es.one
URL: https://my.ing-es.one/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4776253b113849490ce80f896b27c42b1ababdbda439c26c9b7b5adb8ab97ee7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my.ing-es.one/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 16:33:25 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 17 May 2024 16:33:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HnHjT9oA7GzKWHYR%2Bzokq6QT2vHVUuGhSU1maiWql2w8xcJ2ra5Buly0pIZg%2FM9Pu4RXIPfNrtSVf%2FGzTWHii%2Bz%2F5omeEQ0ULB4DoLJdD4QkAdLUI5wnn%2Fj%2BfFj8nHQ8"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=14400
content-disposition
inline; filename=main.css
cf-ray
88550257ed410b8c-AMS
alt-svc
h3=":443"; ma=86400
e3f40009f3551a33351ee943b8654cbb.svg
my.ing-es.one/static/img/
37 KB
9 KB
Image
General
Full URL
https://my.ing-es.one/static/img/e3f40009f3551a33351ee943b8654cbb.svg
Requested by
Host: my.ing-es.one
URL: https://my.ing-es.one/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a77d762d62e1948dd5c2346672422e68cea346657fe350c42a30705721100cf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my.ing-es.one/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 16:33:25 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 15 May 2024 13:52:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dLdqJcalDB%2F8JSQqeRRTtLgPLzgd6hDIWuJWO8Ao1GdedHeQu3S1j7z1P4fHvRPeoUlpakqZShNEr6yzjQrSHoVjqzkm1X08wYKB8NVxQYAxbCeQtG%2B5YoibgnSPR2aq"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml; charset=utf-8
cache-control
max-age=14400
content-disposition
inline; filename=e3f40009f3551a33351ee943b8654cbb.svg
cf-ray
88550257ed450b8c-AMS
alt-svc
h3=":443"; ma=86400
phone.png
my.ing-es.one/static/img/
2 KB
3 KB
Image
General
Full URL
https://my.ing-es.one/static/img/phone.png
Requested by
Host: my.ing-es.one
URL: https://my.ing-es.one/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e1a37b95093d60f23028c3698d8f8d7c0591211add4d854ac1925a75a0ca006

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my.ing-es.one/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 16:33:25 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 15 May 2024 13:52:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rRSbybIpnV2HKOq9JVVAk6CbspM2btZsNelVu5kyCYj5ODuH03KdFWArPFiSJ0YiAagaanfv6Y2FjtJobXVYvp3C22LeQ8hs%2F9eF6HQLXEbODnm1dSHn%2FpH550817SI7"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
content-disposition
inline; filename=phone.png
accept-ranges
bytes
cf-ray
88550257ed480b8c-AMS
alt-svc
h3=":443"; ma=86400
content-length
2290
ing-lion-reversed.svg
my.ing-es.one/static/img/
27 KB
12 KB
Image
General
Full URL
https://my.ing-es.one/static/img/ing-lion-reversed.svg
Requested by
Host: my.ing-es.one
URL: https://my.ing-es.one/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b3c4d3e255d73ca9e57959f5860c8357dbfad51249a6ee5a969c0d75f38f462

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my.ing-es.one/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 16:33:25 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 15 May 2024 13:52:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FcnCdqx%2Flo11NaU0dO83G4DQ%2Fi2QU3EFRupBYqiY98zwRqPcCvKNP9QwtEm2l1PvxIr6f6pzjNkGFr6UM%2BTSwcLPFPBVulJ7Pg%2B9FkTEEWu2pTWlANqdj4%2ByHj1tzldo"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml; charset=utf-8
cache-control
max-age=14400
content-disposition
inline; filename=ing-lion-reversed.svg
cf-ray
88550258be270b8c-AMS
alt-svc
h3=":443"; ma=86400
question-solid.svg
my.ing-es.one/static/img/
610 B
877 B
Image
General
Full URL
https://my.ing-es.one/static/img/question-solid.svg
Requested by
Host: my.ing-es.one
URL: https://my.ing-es.one/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691d574b1fbc16bd826f86b816019ac47370a0a0c4a3265399ec6264f8287979

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my.ing-es.one/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 16:33:26 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 15 May 2024 13:52:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BIaEcwyMT20pzfze%2Bh5pdJeopOgol5Nqd5ubfNx3%2B%2FkTlSJC%2FIYn8Uyh7IbszLKAFoDGI1YJFQlm%2BY25VXPnKjBG1xSEPwuVR%2FsQYYZ1vmZqGwyuZ5eSt3zSeqvWJds4"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml; charset=utf-8
cache-control
max-age=14400
content-disposition
inline; filename=question-solid.svg
cf-ray
88550258de560b8c-AMS
alt-svc
h3=":443"; ma=86400
arrow.png
my.ing-es.one/static/img/
442 B
903 B
Image
General
Full URL
https://my.ing-es.one/static/img/arrow.png
Requested by
Host: my.ing-es.one
URL: https://my.ing-es.one/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d5b3041f54d40189f7d2460558f4be41571d4540d41a69a15dcca00868c2d3d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my.ing-es.one/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 16:33:26 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 15 May 2024 13:52:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QRxTuWeBiWQ9rqYMwyD9c0qwAafGgIl3mPNaSshU9Udxt%2FhNTjaZe29Pj%2BQvdZ%2FNyX6hGUfmL1qrXqJwucNqnsiUmuPDf53XabjP6xTZsDI5t3IBSlH%2BE%2Bf%2BNkE8SvNI"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
content-disposition
inline; filename=arrow.png
accept-ranges
bytes
cf-ray
885502595ecb0b8c-AMS
alt-svc
h3=":443"; ma=86400
content-length
442
INGMeWeb-Regular.woff2.ttf
my.ing-es.one/static/fonts/
70 KB
36 KB
Font
General
Full URL
https://my.ing-es.one/static/fonts/INGMeWeb-Regular.woff2.ttf
Requested by
Host: my.ing-es.one
URL: https://my.ing-es.one/static/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7122373b0c91db1bd50e34a6709c47d26010ad37e8230d10e1cab5b72da00d4f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my.ing-es.one/static/css/main.css
Origin
https://my.ing-es.one
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 16:33:26 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 15 May 2024 13:51:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JDxtziuChmA4AKYhhfysSKkG1X6Lb%2FqHla0bb7bc9ajEjogdHYMCM0hiWojdjHfgSQiepFTNeMeWl70LfzRy6UW5QgvbYPVvAbzrp%2BG8VLRsxoXQgtGiU43bDKkUH22G"}],"group":"cf-nel","max_age":604800}
content-type
font/ttf
cache-control
max-age=14400
content-disposition
inline; filename=INGMeWeb-Regular.woff2.ttf
cf-ray
885502597ed80b8c-AMS
alt-svc
h3=":443"; ma=86400
favicon16.png
my.ing-es.one/static/img/
467 B
927 B
Other
General
Full URL
https://my.ing-es.one/static/img/favicon16.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1062898ee90d706d4c2da807ae0c8f1662a3c73b956e7ed8254b2cd4220ac194

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my.ing-es.one/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 16:33:26 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 17 May 2024 10:37:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4eJVg6GUieUcdwovi73iaSjU3qWj469IBpXpVzNorr%2FvCj0C5FISSzYlMqbZ2LuHoJKr%2BjsUKj31f97DK1QxX%2Bsvw2QUHpwgr1%2FqwYToTa8kkKqqGeYTpDStvsb7LcTP"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
content-disposition
inline; filename=favicon16.png
accept-ranges
bytes
cf-ray
8855025a7fdf0b8c-AMS
alt-svc
h3=":443"; ma=86400
content-length
467

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ING Group (Banking)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| bolinhas function| verificarCamposPreenchidos function| verificarEAlternar undefined| socket function| iniciarVerificacao function| atualizarStatusCmd

1 Cookies

Domain/Path Name / Value
my.ing-es.one/ Name: session
Value: .eJw9T9luwjAQ_JWVn0AiyfrIUfPUUpUiCqpEKh6RE5zWShqjHOql_juLemhfZmdnRrNf7Kbzb73tmGaLl86_WjZjCzd8MN2OTUPYj-3Q_a-3ZrC5I5VmPI0wjgQKBRFwqaXUIib3nakv59V2ScvqkaBA5JqbKtMKBWqDUumrLE20liTZDZT5l_9EVQ7m2bYD-Tb-0zWNieIQYbJ37ZGawjYHjiHOgYhEzeE9UVO4Pp0au7fF2g1RLNNQJjBZ3-ebhxk0rrawtGXtp_DzYcSFCvEysDOV6dyvhbr0tu-NP4z9SLSnCsizwlRVEaCMy0AJrILMFDwQiTzGPE25TUv2fQaBLFyO.ZkeG1Q.6AW5-ePq3r1nuVXGcm0R_nD-axw