mijning-pas.top Open in urlscan Pro
47.254.158.195  Malicious Activity! Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request inloggen.html Show response mijning-pas.top/servlet/	16 KB 4 KB	1143ms 70ms	Document text/html	47.254.158.195 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://mijning-pas.top/servlet/inloggen.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.254.158.195 Frankfurt am Main, Germany, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx / Resource Hash f538bd56ac8a9173e623c5a4e1dfa06ca258945645ecdccbf29b05c7134c7376 Request headers Host mijning-pas.top Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site none Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Response headers Server nginx Date Tue, 22 Oct 2019 09:22:48 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Accept-Encoding Last-Modified Tue, 22 Oct 2019 07:38:09 GMT ETag W/"5daeb1e1-4082" Expires Thu, 31 Dec 2037 23:55:55 GMT Cache-Control max-age=315360000 Content-Encoding gzip
GET H2	200	style-z-1.0.0.css inlogcodes.mijn.ing.nl/static/web/cms/css/	61 KB 62 KB	84ms 16ms	Stylesheet text/css	145.221.213.245 ING-AS Amsterdam
General Check archive.org Show headers Download Go to Full URL https://inlogcodes.mijn.ing.nl/static/web/cms/css/style-z-1.0.0.css Requested by Host: mijning-pas.top URL: https://mijning-pas.top/servlet/inloggen.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 145.221.213.245 , Netherlands, ASN15625 (ING-AS Amsterdam, NL), Reverse DNS Software / Resource Hash 7db71d94629ea96dfd3466b81cb7c9cd11567fc3ee4b68bdb22045655a219c22 Security Headers Name Value Strict-Transport-Security max-age=31622400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://mijning-pas.top/servlet/inloggen.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 22 Oct 2019 09:22:48 GMT x-content-type-options nosniff last-modified Wed, 14 Aug 2019 10:07:55 GMT x-frame-options deny etag "20839-f245-59010ee5115b5" content-security-policy-report-only default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.inlogcodes.mijn.ing.nl; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' content-type text/css status 200 x-cnection close strict-transport-security max-age=31622400; includeSubDomains accept-ranges bytes x-xss-protection 1; mode=block
GET H2	200	authentication.css inlogcodes.mijn.ing.nl/static/css/custom/	423 B 1 KB	97ms 30ms	Stylesheet text/css	145.221.213.245 ING-AS Amsterdam
General Check archive.org Show headers Download Go to Full URL https://inlogcodes.mijn.ing.nl/static/css/custom/authentication.css Requested by Host: mijning-pas.top URL: https://mijning-pas.top/servlet/inloggen.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 145.221.213.245 , Netherlands, ASN15625 (ING-AS Amsterdam, NL), Reverse DNS Software / Resource Hash b15995397788d8f72a4877b1b390f55e16acb2c63799e6258d2a0df539dc3d66 Security Headers Name Value Strict-Transport-Security max-age=31622400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://mijning-pas.top/servlet/inloggen.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 22 Oct 2019 09:22:48 GMT x-content-type-options nosniff last-modified Mon, 03 Sep 2018 14:54:23 GMT x-frame-options deny etag "80363-1a7-574f8b781c5c0" content-security-policy-report-only default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.inlogcodes.mijn.ing.nl; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' content-type text/css status 200 x-cnection close strict-transport-security max-age=31622400; includeSubDomains accept-ranges bytes x-xss-protection 1; mode=block
GET H2	200	require.js Show response inlogcodes.mijn.ing.nl/static/js/	14 KB 15 KB	98ms 30ms	Script text/javascript	145.221.213.245 ING-AS Amsterdam
General Check archive.org Show headers Download Go to Full URL https://inlogcodes.mijn.ing.nl/static/js/require.js Requested by Host: mijning-pas.top URL: https://mijning-pas.top/servlet/inloggen.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 145.221.213.245 , Netherlands, ASN15625 (ING-AS Amsterdam, NL), Reverse DNS Software / Resource Hash ac1ee99d5203f41fd2842d6532d0cff229a6bcb8ed96adb25c858eae73eb22cf Security Headers Name Value Strict-Transport-Security max-age=31622400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://mijning-pas.top/servlet/inloggen.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 22 Oct 2019 09:22:48 GMT x-content-type-options nosniff last-modified Mon, 03 Sep 2018 14:55:06 GMT x-frame-options deny etag "803cc-369a-574f8ba11e680" content-security-policy-report-only default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.inlogcodes.mijn.ing.nl; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' content-type text/javascript status 200 x-cnection close strict-transport-security max-age=31622400; includeSubDomains accept-ranges bytes x-xss-protection 1; mode=block
GET H2	200	jquery-1.10.1.min.js Show response inlogcodes.mijn.ing.nl/static/js/packages/	91 KB 92 KB	98ms 31ms	Script text/javascript	145.221.213.245 ING-AS Amsterdam
General Check archive.org Show headers Download Go to Full URL https://inlogcodes.mijn.ing.nl/static/js/packages/jquery-1.10.1.min.js Requested by Host: mijning-pas.top URL: https://mijning-pas.top/servlet/inloggen.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 145.221.213.245 , Netherlands, ASN15625 (ING-AS Amsterdam, NL), Reverse DNS Software / Resource Hash 4837f7e1f1565ff667528cd75c41f401e07e229de1bd1b232f0a7a40d4c46f79 Security Headers Name Value Strict-Transport-Security max-age=31622400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://mijning-pas.top/servlet/inloggen.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 22 Oct 2019 09:22:48 GMT x-content-type-options nosniff last-modified Mon, 03 Sep 2018 14:54:43 GMT x-frame-options deny etag "200cd-16b88-574f8b8b2f2c0" content-security-policy-report-only default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.inlogcodes.mijn.ing.nl; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' content-type text/javascript status 200 x-cnection close strict-transport-security max-age=31622400; includeSubDomains accept-ranges bytes x-xss-protection 1; mode=block
GET H2	200	08101220.the-guide-styles.min.css inlogcodes.mijn.ing.nl/assets/web/ng/restricted/css/	524 KB 529 KB	110ms 43ms	Stylesheet text/css	145.221.213.245 ING-AS Amsterdam
General Check archive.org Show headers Download Go to Full URL https://inlogcodes.mijn.ing.nl/assets/web/ng/restricted/css/08101220.the-guide-styles.min.css Requested by Host: mijning-pas.top URL: https://mijning-pas.top/servlet/inloggen.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 145.221.213.245 , Netherlands, ASN15625 (ING-AS Amsterdam, NL), Reverse DNS Software / Resource Hash 99789625286baf3634bb0d0209a1c3efc75d7b1358b5ddfe33e3e782630c8041 Security Headers Name Value Strict-Transport-Security max-age=31622400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://mijning-pas.top/servlet/inloggen.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 22 Oct 2019 09:22:48 GMT x-content-type-options nosniff last-modified Tue, 22 Oct 2019 08:22:02 GMT cache-control public, max-age=600, s-maxage=600 x-frame-options deny content-type text/css status 200 x-cnection close strict-transport-security max-age=31622400; includeSubDomains accept-ranges bytes content-security-policy-report-only default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.inlogcodes.mijn.ing.nl; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' x-xss-protection 1; mode=block
GET H2	200	87fbd43f.angular-all.js Show response inlogcodes.mijn.ing.nl/assets/web/ng/restricted/js/lib/	196 KB 198 KB	98ms 31ms	Script text/javascript	145.221.213.245 ING-AS Amsterdam
General Check archive.org Show headers Download Go to Full URL https://inlogcodes.mijn.ing.nl/assets/web/ng/restricted/js/lib/87fbd43f.angular-all.js Requested by Host: mijning-pas.top URL: https://mijning-pas.top/servlet/inloggen.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 145.221.213.245 , Netherlands, ASN15625 (ING-AS Amsterdam, NL), Reverse DNS Software / Resource Hash 836b4b3a79d1fc82577eac6bc25f1add9d5fa74435f5cc6667a9e88f0e97a828 Security Headers Name Value Strict-Transport-Security max-age=31622400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://mijning-pas.top/servlet/inloggen.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 22 Oct 2019 09:22:48 GMT x-content-type-options nosniff last-modified Tue, 22 Oct 2019 08:22:02 GMT cache-control public, max-age=600, s-maxage=600 x-frame-options deny content-type text/javascript status 200 x-cnection close strict-transport-security max-age=31622400; includeSubDomains accept-ranges bytes content-security-policy-report-only default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.inlogcodes.mijn.ing.nl; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' x-xss-protection 1; mode=block
GET H2	200	91ac1745.webtrekk_v4.js Show response inlogcodes.mijn.ing.nl/assets/web/ng/restricted/js/lib/	61 KB 62 KB	97ms 31ms	Script text/javascript	145.221.213.245 ING-AS Amsterdam
General Check archive.org Show headers Download Go to Full URL https://inlogcodes.mijn.ing.nl/assets/web/ng/restricted/js/lib/91ac1745.webtrekk_v4.js Requested by Host: mijning-pas.top URL: https://mijning-pas.top/servlet/inloggen.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 145.221.213.245 , Netherlands, ASN15625 (ING-AS Amsterdam, NL), Reverse DNS Software / Resource Hash 8eb0c46de24bf417a2aa02c8cf9e6e930196dabd8da1654b2e5b03d3e3156511 Security Headers Name Value Strict-Transport-Security max-age=31622400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://mijning-pas.top/servlet/inloggen.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 22 Oct 2019 09:22:48 GMT x-content-type-options nosniff last-modified Tue, 22 Oct 2019 08:22:02 GMT cache-control public, max-age=600, s-maxage=600 x-frame-options deny content-type text/javascript status 200 x-cnection close strict-transport-security max-age=31622400; includeSubDomains accept-ranges bytes content-security-policy-report-only default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.inlogcodes.mijn.ing.nl; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' x-xss-protection 1; mode=block
GET H/1.1	200 OK	javascript.js Show response mijning-pas.top/servlet/source/	126 KB 34 KB	134ms 134ms	Script application/javascript	47.254.158.195 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://mijning-pas.top/servlet/source/javascript.js Requested by Host: mijning-pas.top URL: https://mijning-pas.top/servlet/inloggen.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.254.158.195 Frankfurt am Main, Germany, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx / Resource Hash 2ca5dab11de60360b8e8c4f2762f5ecb1b0862607c0f936b88912c6ba34d971f Request headers Sec-Fetch-Mode no-cors Referer https://mijning-pas.top/servlet/inloggen.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 22 Oct 2019 09:22:48 GMT Content-Encoding gzip Last-Modified Tue, 22 Oct 2019 07:38:11 GMT Server nginx ETag W/"5daeb1e3-1f8fc" Vary Accept-Encoding, Accept-Encoding Content-Type application/javascript Cache-Control max-age=315360000 Transfer-Encoding chunked Connection keep-alive Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	apps.js Show response mijning-pas.top/servlet/source/	0 314 B	66ms 54ms	Script application/javascript	47.254.158.195 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://mijning-pas.top/servlet/source/apps.js Requested by Host: mijning-pas.top URL: https://mijning-pas.top/servlet/inloggen.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.254.158.195 Frankfurt am Main, Germany, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Sec-Fetch-Mode no-cors Referer https://mijning-pas.top/servlet/inloggen.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 22 Oct 2019 09:22:48 GMT Last-Modified Tue, 22 Oct 2019 07:38:11 GMT Server nginx ETag "5daeb1e3-0" Content-Type application/javascript Cache-Control max-age=315360000 Connection keep-alive Accept-Ranges bytes Content-Length 0 Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	ing-icons-v4-6.woff inlogcodes.mijn.ing.nl/assets/web/ng/restricted/fonts/woff/	68 KB 70 KB	47ms 17ms	Font application/font-woff	145.221.213.245 ING-AS Amsterdam
General Check archive.org Show headers Download Go to Full URL https://inlogcodes.mijn.ing.nl/assets/web/ng/restricted/fonts/woff/ing-icons-v4-6.woff Requested by Host: mijning-pas.top URL: https://mijning-pas.top/servlet/inloggen.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 145.221.213.245 , Netherlands, ASN15625 (ING-AS Amsterdam, NL), Reverse DNS Software / Resource Hash 3b5249aa62da52d9853ebd8a7c8f43ed84b3941f10bd6cd7eff0619889daa2d2 Security Headers Name Value Strict-Transport-Security max-age=31622400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode cors Referer https://inlogcodes.mijn.ing.nl/assets/web/ng/restricted/css/08101220.the-guide-styles.min.css Origin https://mijning-pas.top User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 22 Oct 2019 09:22:49 GMT content-security-policy-report-only default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.inlogcodes.mijn.ing.nl; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' last-modified Tue, 22 Oct 2019 08:22:02 GMT status 200 cache-control public, max-age=600, s-maxage=600 x-frame-options deny vary Origin content-type application/font-woff access-control-allow-origin * x-cnection close access-control-allow-credentials false x-content-type-options nosniff strict-transport-security max-age=31622400; includeSubDomains accept-ranges bytes x-xss-protection 1; mode=block
GET H2	200	INGMeWeb-Bold.woff inlogcodes.mijn.ing.nl/assets/web/ng/restricted/fonts/woff/	37 KB 39 KB	74ms 44ms	Font application/font-woff	145.221.213.245 ING-AS Amsterdam
General Check archive.org Show headers Download Go to Full URL https://inlogcodes.mijn.ing.nl/assets/web/ng/restricted/fonts/woff/INGMeWeb-Bold.woff Requested by Host: mijning-pas.top URL: https://mijning-pas.top/servlet/inloggen.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 145.221.213.245 , Netherlands, ASN15625 (ING-AS Amsterdam, NL), Reverse DNS Software / Resource Hash e5cb35bd410aba4b717a1cc46814a88b50ff311f9514630dffa3480cb43b92e0 Security Headers Name Value Strict-Transport-Security max-age=31622400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode cors Referer https://inlogcodes.mijn.ing.nl/assets/web/ng/restricted/css/08101220.the-guide-styles.min.css Origin https://mijning-pas.top User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 22 Oct 2019 09:22:49 GMT content-security-policy-report-only default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.inlogcodes.mijn.ing.nl; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' last-modified Tue, 22 Oct 2019 08:22:02 GMT status 200 cache-control public, max-age=600, s-maxage=600 x-frame-options deny vary Origin content-type application/font-woff access-control-allow-origin * x-cnection close access-control-allow-credentials false x-content-type-options nosniff strict-transport-security max-age=31622400; includeSubDomains accept-ranges bytes x-xss-protection 1; mode=block
GET H2	200	INGMeWeb-Regular.woff inlogcodes.mijn.ing.nl/assets/web/ng/restricted/fonts/woff/	36 KB 38 KB	47ms 18ms	Font application/font-woff	145.221.213.245 ING-AS Amsterdam
General Check archive.org Show headers Download Go to Full URL https://inlogcodes.mijn.ing.nl/assets/web/ng/restricted/fonts/woff/INGMeWeb-Regular.woff Requested by Host: mijning-pas.top URL: https://mijning-pas.top/servlet/inloggen.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 145.221.213.245 , Netherlands, ASN15625 (ING-AS Amsterdam, NL), Reverse DNS Software / Resource Hash 4a0a7668aaa847d33f49023d0982c6331bc9705cad2586eccb8086a680ef534c Security Headers Name Value Strict-Transport-Security max-age=31622400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode cors Referer https://inlogcodes.mijn.ing.nl/assets/web/ng/restricted/css/08101220.the-guide-styles.min.css Origin https://mijning-pas.top User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 22 Oct 2019 09:22:49 GMT content-security-policy-report-only default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.inlogcodes.mijn.ing.nl; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' last-modified Tue, 22 Oct 2019 08:22:02 GMT status 200 cache-control public, max-age=600, s-maxage=600 x-frame-options deny vary Origin content-type application/font-woff access-control-allow-origin * x-cnection close access-control-allow-credentials false x-content-type-options nosniff strict-transport-security max-age=31622400; includeSubDomains accept-ranges bytes x-xss-protection 1; mode=block

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ING Group (Banking)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| stopRKey function| requirejs function| require function| define function| $ function| jQuery object| angular undefined| wts undefined| wt_safetagConfig object| webtrekkUnloadObjects object| webtrekkLinktrackObjects object| webtrekkHeatmapObjects function| WebtrekkV3 function| webtrekkV3 object| gLoginCredMgtWA

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

inlogcodes.mijn.ing.nl
mijning-pas.top
145.221.213.245
47.254.158.195
2ca5dab11de60360b8e8c4f2762f5ecb1b0862607c0f936b88912c6ba34d971f
3b5249aa62da52d9853ebd8a7c8f43ed84b3941f10bd6cd7eff0619889daa2d2
4837f7e1f1565ff667528cd75c41f401e07e229de1bd1b232f0a7a40d4c46f79
4a0a7668aaa847d33f49023d0982c6331bc9705cad2586eccb8086a680ef534c
7db71d94629ea96dfd3466b81cb7c9cd11567fc3ee4b68bdb22045655a219c22
836b4b3a79d1fc82577eac6bc25f1add9d5fa74435f5cc6667a9e88f0e97a828
8eb0c46de24bf417a2aa02c8cf9e6e930196dabd8da1654b2e5b03d3e3156511
99789625286baf3634bb0d0209a1c3efc75d7b1358b5ddfe33e3e782630c8041
ac1ee99d5203f41fd2842d6532d0cff229a6bcb8ed96adb25c858eae73eb22cf
b15995397788d8f72a4877b1b390f55e16acb2c63799e6258d2a0df539dc3d66
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5cb35bd410aba4b717a1cc46814a88b50ff311f9514630dffa3480cb43b92e0
f538bd56ac8a9173e623c5a4e1dfa06ca258945645ecdccbf29b05c7134c7376