web13137.cweb06.gamingcontrol.de Open in urlscan Pro
45.81.232.20 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://web13137.cweb06.gamingcontrol.de/
Submission: On September 27 via automatic, source openphish (September 27th 2024, 1:18:57 pm UTC) — Scanned from DE

Summary HTTP 18 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 18 HTTP transactions. The main IP is 45.81.232.20, located in Germany and belongs to SYNLINQ synlinq.de, DE. The main domain is web13137.cweb06.gamingcontrol.de.
TLS certificate: Issued by R10 on September 26th 2024. Valid for: 3 months.

This is the only time web13137.cweb06.gamingcontrol.de was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: ING Group (Banking)

Domain & IP information

	IP Address	AS Autonomous System
17	45.81.232.20 45.81.232.20	44486 (SYNLINQ s...) (SYNLINQ synlinq.de)
1	145.221.42.211 145.221.42.211	15625 (ING-AS Am...) (ING-AS Amsterdam)
18	3

17 45.81.232.20 (Germany)

ASN44486 (SYNLINQ synlinq.de, DE)
PTR: cweb06.gamingcontrol.de

web13137.cweb06.gamingcontrol.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.221.42.211 (Netherlands)

ASN15625 (ING-AS Amsterdam, NL)

ebanking.ing.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	gamingcontrol.de web13137.cweb06.gamingcontrol.de	142 KB
1	ing.be ebanking.ing.be — Cisco Umbrella Rank: 404445	10 KB
18	2

	Domain	Requested by
17	web13137.cweb06.gamingcontrol.de	web13137.cweb06.gamingcontrol.de
1	ebanking.ing.be
18	2

This site contains links to these domains. Also see Links.

Domain
www.ing.nl
ing.be
undefined
www.ing.be

Subject Issuer	Validity	Valid
web13137.cweb06.gamingcontrol.de R10	`2024-09-26` - `2024-12-25`	3 months	crt.sh
ebanking.ing.be Entrust Certification Authority - L1M	`2024-03-22` - `2025-04-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://web13137.cweb06.gamingcontrol.de/
Frame ID: A1996EC2AF01DE306CC63D184965F32B
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Aanmelden in Home’Bank | ING België

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

152 kB
Transfer

302 kB
Size

0
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ing.nl/

Search URL Search Domain Scan URL

URL: https://ing.be/nl

Search URL Search Domain Scan URL

URL: https://undefined/
Title: Particulier

Search URL Search Domain Scan URL

URL: https://www.ing.be/nl/retail/my-news/online-security/security
Title: Online veiligheid

Search URL Search Domain Scan URL

URL: https://www.ing.be/static/legacy/SiteCollectionDocuments/privacyhomebanknl.pdf
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.ing.be/static/legacy/SiteCollectionDocuments/GeneralRegulationsNewNL.pdf
Title: Algemeen Reglement der Verrichtingen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
web13137.cweb06.gamingcontrol.de/ 158 KB
26 KB 1105ms
27ms Document
text/html 45.81.232.20
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web13137.cweb06.gamingcontrol.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.81.232.20 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: cweb06.gamingcontrol.de
Software: nginx / PleskLin
Resource Hash: 2d0525ca6d900909500bf3f402bd7cedef15f2593370b0ae182e2b5a8c1e0248

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: br
Content-Type: text/html
Date: Fri, 27 Sep 2024 13:19:05 GMT
ETag: W/"66f5b256-27966"
Last-Modified: Thu, 26 Sep 2024 19:13:26 GMT
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PleskLin

GET
H/1.1 200
OK global.css
web13137.cweb06.gamingcontrol.de/file/ 4 KB
1 KB 16ms
13ms Stylesheet
text/css 45.81.232.20
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web13137.cweb06.gamingcontrol.de/file/global.css
Requested by: Host: web13137.cweb06.gamingcontrol.de
URL: https://web13137.cweb06.gamingcontrol.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.81.232.20 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: cweb06.gamingcontrol.de
Software: nginx / PleskLin
Resource Hash: 4962d901d1291eae5d56389c299d251b15f060c20fc267c6532eb604fd8fa6d8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://web13137.cweb06.gamingcontrol.de/

Response headers

Transfer-Encoding: chunked
Content-Encoding: br
ETag: W/"5fa1d486-fb0"
Connection: keep-alive
Date: Fri, 27 Sep 2024 13:19:05 GMT
Content-Type: text/css
Last-Modified: Tue, 03 Nov 2020 22:07:02 GMT
Server: nginx
X-Powered-By: PleskLin

GET
H/1.1 200
OK ing-auth-type-tabs.css
web13137.cweb06.gamingcontrol.de/file/ 583 B
645 B 29ms
13ms Stylesheet
text/css 45.81.232.20
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web13137.cweb06.gamingcontrol.de/file/ing-auth-type-tabs.css
Requested by: Host: web13137.cweb06.gamingcontrol.de
URL: https://web13137.cweb06.gamingcontrol.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.81.232.20 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: cweb06.gamingcontrol.de
Software: nginx / PleskLin
Resource Hash: 6dd286f92103045918f261d2bda10e085b662eaff2c141b6fe66ee55fd5c2dcb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://web13137.cweb06.gamingcontrol.de/

Response headers

X-Powered-By: PleskLin
Content-Encoding: gzip
ETag: "247-5b33aaf2d2600-gzip"
X-Accel-Version: 0.01
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 311
Date: Fri, 27 Sep 2024 13:19:05 GMT
Last-Modified: Tue, 03 Nov 2020 21:38:32 GMT
Content-Type: text/css
Server: nginx
Vary: Accept-Encoding

GET
H/1.1 200
OK hyper-elements.css
web13137.cweb06.gamingcontrol.de/file/ 10 KB
3 KB 43ms
25ms Stylesheet
text/css 45.81.232.20
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web13137.cweb06.gamingcontrol.de/file/hyper-elements.css
Requested by: Host: web13137.cweb06.gamingcontrol.de
URL: https://web13137.cweb06.gamingcontrol.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.81.232.20 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: cweb06.gamingcontrol.de
Software: nginx / PleskLin
Resource Hash: 1104b95c05236b360074079580618ab70c9da040b9ac6adf1f95a81aed0e87b6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://web13137.cweb06.gamingcontrol.de/

Response headers

Transfer-Encoding: chunked
Content-Encoding: br
ETag: W/"5fa1cdd6-2747"
Connection: keep-alive
Date: Fri, 27 Sep 2024 13:19:05 GMT
Content-Type: text/css
Last-Modified: Tue, 03 Nov 2020 21:38:30 GMT
Server: nginx
X-Powered-By: PleskLin

GET
H/1.1 200
OK ing-logo.svg
web13137.cweb06.gamingcontrol.de/file/ 11 KB
12 KB 42ms
25ms Image
image/svg+xml 45.81.232.20
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://web13137.cweb06.gamingcontrol.de/file/ing-logo.svg
Requested by: Host: web13137.cweb06.gamingcontrol.de
URL: https://web13137.cweb06.gamingcontrol.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.81.232.20 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: cweb06.gamingcontrol.de
Software: nginx / PleskLin
Resource Hash: da4638536ea61163947d415fce63a19e4c7be592fe76908e9dac19eb35e5ea8f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://web13137.cweb06.gamingcontrol.de/

Response headers

ETag: "5fa1cdd8-2d3d"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11581
Date: Fri, 27 Sep 2024 13:19:05 GMT
Content-Type: image/svg+xml
Last-Modified: Tue, 03 Nov 2020 21:38:32 GMT
Server: nginx
X-Powered-By: PleskLin

GET
H/1.1 200
OK be-means-cap-ucr-icon.png
web13137.cweb06.gamingcontrol.de/file/ 3 KB
3 KB 45ms
21ms Image
image/png 45.81.232.20
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://web13137.cweb06.gamingcontrol.de/file/be-means-cap-ucr-icon.png
Requested by: Host: web13137.cweb06.gamingcontrol.de
URL: https://web13137.cweb06.gamingcontrol.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.81.232.20 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: cweb06.gamingcontrol.de
Software: nginx / PleskLin
Resource Hash: d86cf7f5bd28cd9c1f25fd2b5e0f6e0a5a1bdbf9253d0252e67072834f0d1e59

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://web13137.cweb06.gamingcontrol.de/

Response headers

ETag: "5fa26be4-b6f"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2927
Date: Fri, 27 Sep 2024 13:19:05 GMT
Content-Type: image/png
Last-Modified: Wed, 04 Nov 2020 08:52:52 GMT
Server: nginx
X-Powered-By: PleskLin

GET
H/1.1 200
OK RichIcons_CardReader%20-%20SCR.svg
web13137.cweb06.gamingcontrol.de/file/ 12 KB
12 KB 12ms
11ms Image
image/svg+xml 45.81.232.20
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://web13137.cweb06.gamingcontrol.de/file/RichIcons_CardReader%20-%20SCR.svg
Requested by: Host: web13137.cweb06.gamingcontrol.de
URL: https://web13137.cweb06.gamingcontrol.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.81.232.20 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: cweb06.gamingcontrol.de
Software: nginx / PleskLin
Resource Hash: 651d90d1602614797adbbf2cf30f36ffa7e416a0d197b56b94b581a9e4fb58a8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://web13137.cweb06.gamingcontrol.de/

Response headers

ETag: "5fa26c74-3029"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12329
Date: Fri, 27 Sep 2024 13:19:05 GMT
Content-Type: image/svg+xml
Last-Modified: Wed, 04 Nov 2020 08:55:16 GMT
Server: nginx
X-Powered-By: PleskLin

GET
H/1.1 200
OK ing-logo.svg
web13137.cweb06.gamingcontrol.de/file/ 11 KB
0 0ms
0ms Image
image/svg+xml 45.81.232.20
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://web13137.cweb06.gamingcontrol.de/file/ing-logo.svg
Requested by: Host: web13137.cweb06.gamingcontrol.de
URL: https://web13137.cweb06.gamingcontrol.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.81.232.20 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: cweb06.gamingcontrol.de
Software: nginx / PleskLin
Resource Hash: da4638536ea61163947d415fce63a19e4c7be592fe76908e9dac19eb35e5ea8f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://web13137.cweb06.gamingcontrol.de/

Response headers

ETag: "5fa1cdd8-2d3d"
Accept-Ranges: bytes
Content-Length: 11581
Date: Fri, 27 Sep 2024 13:19:05 GMT
Content-Type: image/svg+xml
Last-Modified: Tue, 03 Nov 2020 21:38:32 GMT
Server: nginx
X-Powered-By: PleskLin

GET
H/1.1 200
OK ING_Lion_Reversed.svg
web13137.cweb06.gamingcontrol.de/file/ 25 KB
26 KB 12ms
12ms Image
image/svg+xml 45.81.232.20
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://web13137.cweb06.gamingcontrol.de/file/ING_Lion_Reversed.svg
Requested by: Host: web13137.cweb06.gamingcontrol.de
URL: https://web13137.cweb06.gamingcontrol.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.81.232.20 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: cweb06.gamingcontrol.de
Software: nginx / PleskLin
Resource Hash: 73631982420d832d6c978e527ae58ff765b91eeb1d9a16e30c44bc00a03e2e91

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://web13137.cweb06.gamingcontrol.de/

Response headers

ETag: "5fa264a4-6567"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25959
Date: Fri, 27 Sep 2024 13:19:05 GMT
Content-Type: image/svg+xml
Last-Modified: Wed, 04 Nov 2020 08:21:56 GMT
Server: nginx
X-Powered-By: PleskLin

GET
H/1.1 404
Not Found INGMeWeb-Regular.woff2
web13137.cweb06.gamingcontrol.de/bower_components/ing-uif-styles/assets/INGMe/Regular/ 0
0 12ms
12ms Font
text/html 45.81.232.20
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web13137.cweb06.gamingcontrol.de/bower_components/ing-uif-styles/assets/INGMe/Regular/INGMeWeb-Regular.woff2
Requested by: Host: web13137.cweb06.gamingcontrol.de
URL: https://web13137.cweb06.gamingcontrol.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.81.232.20 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: cweb06.gamingcontrol.de
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://web13137.cweb06.gamingcontrol.de
Referer: https://web13137.cweb06.gamingcontrol.de/

Response headers

Transfer-Encoding: chunked
Content-Encoding: br
ETag: W/"328-6230e14c04860"
Connection: keep-alive
Date: Fri, 27 Sep 2024 13:19:05 GMT
Content-Type: text/html
Last-Modified: Thu, 26 Sep 2024 23:27:24 GMT
Server: nginx

GET
DATA 200
OK truncated
/ 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H/1.1 404
Not Found INGMeWeb-Bold.woff2
web13137.cweb06.gamingcontrol.de/bower_components/ing-uif-styles/assets/INGMe/Bold/ 0
0 12ms
12ms Font
text/html 45.81.232.20
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web13137.cweb06.gamingcontrol.de/bower_components/ing-uif-styles/assets/INGMe/Bold/INGMeWeb-Bold.woff2
Requested by: Host: web13137.cweb06.gamingcontrol.de
URL: https://web13137.cweb06.gamingcontrol.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.81.232.20 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: cweb06.gamingcontrol.de
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://web13137.cweb06.gamingcontrol.de
Referer: https://web13137.cweb06.gamingcontrol.de/

Response headers

Transfer-Encoding: chunked
Content-Encoding: br
ETag: W/"328-6230e14c04860"
Connection: keep-alive
Date: Fri, 27 Sep 2024 13:19:05 GMT
Content-Type: text/html
Last-Modified: Thu, 26 Sep 2024 23:27:24 GMT
Server: nginx

GET
H/1.1 404
Not Found INGMeWeb-Regular.woff
web13137.cweb06.gamingcontrol.de/bower_components/ing-uif-styles/assets/INGMe/Regular/ 0
0 12ms
11ms Font
text/html 45.81.232.20
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web13137.cweb06.gamingcontrol.de/bower_components/ing-uif-styles/assets/INGMe/Regular/INGMeWeb-Regular.woff
Requested by: Host: web13137.cweb06.gamingcontrol.de
URL: https://web13137.cweb06.gamingcontrol.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.81.232.20 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: cweb06.gamingcontrol.de
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://web13137.cweb06.gamingcontrol.de
Referer: https://web13137.cweb06.gamingcontrol.de/

Response headers

Transfer-Encoding: chunked
Content-Encoding: br
ETag: W/"328-6230e14c04860"
Connection: keep-alive
Date: Fri, 27 Sep 2024 13:19:05 GMT
Content-Type: text/html
Last-Modified: Thu, 26 Sep 2024 23:27:24 GMT
Server: nginx

GET
H/1.1 404
Not Found INGMeWeb-Bold.woff
web13137.cweb06.gamingcontrol.de/bower_components/ing-uif-styles/assets/INGMe/Bold/ 0
0 18ms
14ms Font
text/html 45.81.232.20
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web13137.cweb06.gamingcontrol.de/bower_components/ing-uif-styles/assets/INGMe/Bold/INGMeWeb-Bold.woff
Requested by: Host: web13137.cweb06.gamingcontrol.de
URL: https://web13137.cweb06.gamingcontrol.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.81.232.20 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: cweb06.gamingcontrol.de
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://web13137.cweb06.gamingcontrol.de
Referer: https://web13137.cweb06.gamingcontrol.de/

Response headers

Transfer-Encoding: chunked
Content-Encoding: br
ETag: W/"328-6230e14c04860"
Connection: keep-alive
Date: Fri, 27 Sep 2024 13:19:05 GMT
Content-Type: text/html
Last-Modified: Thu, 26 Sep 2024 23:27:24 GMT
Server: nginx

GET
H/1.1 404
Not Found INGMeWeb-Regular.ttf
web13137.cweb06.gamingcontrol.de/bower_components/ing-uif-styles/assets/INGMe/Regular/ 0
0 25ms
23ms Font
text/html 45.81.232.20
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web13137.cweb06.gamingcontrol.de/bower_components/ing-uif-styles/assets/INGMe/Regular/INGMeWeb-Regular.ttf
Requested by: Host: web13137.cweb06.gamingcontrol.de
URL: https://web13137.cweb06.gamingcontrol.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.81.232.20 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: cweb06.gamingcontrol.de
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://web13137.cweb06.gamingcontrol.de
Referer: https://web13137.cweb06.gamingcontrol.de/

Response headers

Transfer-Encoding: chunked
Content-Encoding: br
ETag: W/"328-6230e14c04860"
Connection: keep-alive
Date: Fri, 27 Sep 2024 13:19:05 GMT
Content-Type: text/html
Last-Modified: Thu, 26 Sep 2024 23:27:24 GMT
Server: nginx

GET
H/1.1 404
Not Found INGMeWeb-Bold.ttf
web13137.cweb06.gamingcontrol.de/bower_components/ing-uif-styles/assets/INGMe/Bold/ 0
0 12ms
11ms Font
text/html 45.81.232.20
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web13137.cweb06.gamingcontrol.de/bower_components/ing-uif-styles/assets/INGMe/Bold/INGMeWeb-Bold.ttf
Requested by: Host: web13137.cweb06.gamingcontrol.de
URL: https://web13137.cweb06.gamingcontrol.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.81.232.20 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: cweb06.gamingcontrol.de
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://web13137.cweb06.gamingcontrol.de
Referer: https://web13137.cweb06.gamingcontrol.de/

Response headers

Transfer-Encoding: chunked
Content-Encoding: br
ETag: W/"328-6230e14c04860"
Connection: keep-alive
Date: Fri, 27 Sep 2024 13:19:05 GMT
Content-Type: text/html
Last-Modified: Thu, 26 Sep 2024 23:27:24 GMT
Server: nginx

GET
H/1.1 200
OK INGMeWeb-Regular.woff2
web13137.cweb06.gamingcontrol.de/font/ 29 KB
29 KB 25ms
25ms Font
font/woff2 45.81.232.20
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web13137.cweb06.gamingcontrol.de/font/INGMeWeb-Regular.woff2
Requested by: Host: web13137.cweb06.gamingcontrol.de
URL: https://web13137.cweb06.gamingcontrol.de/file/global.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.81.232.20 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: cweb06.gamingcontrol.de
Software: nginx / PleskLin
Resource Hash: f74c344733a85af20d2754b208f12309e2a30c591795d0881cb0ad94c4be6155

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://web13137.cweb06.gamingcontrol.de
Referer: https://web13137.cweb06.gamingcontrol.de/file/global.css

Response headers

ETag: "5fa1d3f6-73b0"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29616
Date: Fri, 27 Sep 2024 13:19:05 GMT
Content-Type: font/woff2
Last-Modified: Tue, 03 Nov 2020 22:04:38 GMT
Server: nginx
X-Powered-By: PleskLin

GET
H/1.1 200
OK INGMeWeb-Bold.woff2
web13137.cweb06.gamingcontrol.de/font/ 30 KB
30 KB 11ms
10ms Font
font/woff2 45.81.232.20
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web13137.cweb06.gamingcontrol.de/font/INGMeWeb-Bold.woff2
Requested by: Host: web13137.cweb06.gamingcontrol.de
URL: https://web13137.cweb06.gamingcontrol.de/file/global.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.81.232.20 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: cweb06.gamingcontrol.de
Software: nginx / PleskLin
Resource Hash: 3a135f82b209a59959b162a1fbc9b0b38856d1332af286f86046b06357b3811e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://web13137.cweb06.gamingcontrol.de
Referer: https://web13137.cweb06.gamingcontrol.de/file/global.css

Response headers

ETag: "5fa1d422-76f8"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30456
Date: Fri, 27 Sep 2024 13:19:05 GMT
Content-Type: font/woff2
Last-Modified: Tue, 03 Nov 2020 22:05:22 GMT
Server: nginx
X-Powered-By: PleskLin

GET
H/1.1 200
OK favicon.ico
ebanking.ing.be/login/assets/images/favicons/ 7 KB
10 KB 228ms
70ms Other
image/x-icon 145.221.42.211
ING-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL

https://ebanking.ing.be/login/assets/images/favicons/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.221.42.211 , Netherlands, ASN15625 (ING-AS Amsterdam, NL),

Reverse DNS

Software

Resource Hash

cf7fa75dfa95e4cdff567a10c10186d7a5bf7bba10e6022b8669e76594a150aa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src 'self' data: https://cdn.ing.com; base-uri 'self'; object-src blob:; frame-ancestors 'self' api.ebanking.ing.be; form-action 'self' api.ebanking.ing.be; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.ebanking.ing.be https://.ing.be https://.twilio.com wss://.twilio.com https://jsmon.ingbank.nl https://.jsmon.ingbank.nl https://cdn.ing.com https://storage.googleapis.com https://assets.ing.com; style-src 'self' 'unsafe-inline' data:; img-src https: data: https://cdn.ing.com https://*.dealwise.app; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' api.ebanking.ing.be data: https://cdn.ing.com; frame-src 'self' blob: api.ebanking.ing.be https://cdn.ing.com https://aweucn1-3.advanced-web-analytics.com; media-src data: https://cdn.ing.com https://assets.ing.com;
Strict-Transport-Security	max-age=31622400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://web13137.cweb06.gamingcontrol.de/

Response headers

Strict-Transport-Security: max-age=31622400; includeSubDomains
Content-Security-Policy: default-src 'self'; font-src 'self' data: https://cdn.ing.com; base-uri 'self'; object-src blob:; frame-ancestors 'self' api.ebanking.ing.be; form-action 'self' api.ebanking.ing.be; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.ebanking.ing.be https://*.ing.be https://*.twilio.com wss://*.twilio.com https://jsmon.ingbank.nl https://*.jsmon.ingbank.nl https://cdn.ing.com https://storage.googleapis.com https://assets.ing.com; style-src 'self' 'unsafe-inline' data:; img-src https: data: https://cdn.ing.com https://*.dealwise.app; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' api.ebanking.ing.be data: https://cdn.ing.com; frame-src 'self' blob: api.ebanking.ing.be https://cdn.ing.com https://aweucn1-3.advanced-web-analytics.com; media-src data: https://cdn.ing.com https://assets.ing.com;
Cache-Control: no-cache
ETag: "FC5A71057AFF405E"
Connection: keep-alive
X-Content-Type-Options: nosniff
X-ING-Response-ID: 69b5884b2336787cc00531675e5eee0c
Document-Policy: js-profiling
Content-Length: 7406
Date: Fri, 27 Sep 2024 13:18:51 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/x-icon
Last-Modified: Tue, 24 Sep 2024 10:17:17 GMT
X-Frame-Options: sameorigin

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ING Group (Banking)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://web13137.cweb06.gamingcontrol.de/bower_components/ing-uif-styles/assets/INGMe/Regular/INGMeWeb-Regular.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://web13137.cweb06.gamingcontrol.de/bower_components/ing-uif-styles/assets/INGMe/Bold/INGMeWeb-Bold.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://web13137.cweb06.gamingcontrol.de/bower_components/ing-uif-styles/assets/INGMe/Regular/INGMeWeb-Regular.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://web13137.cweb06.gamingcontrol.de/bower_components/ing-uif-styles/assets/INGMe/Bold/INGMeWeb-Bold.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://web13137.cweb06.gamingcontrol.de/bower_components/ing-uif-styles/assets/INGMe/Regular/INGMeWeb-Regular.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://web13137.cweb06.gamingcontrol.de/bower_components/ing-uif-styles/assets/INGMe/Bold/INGMeWeb-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ebanking.ing.be
web13137.cweb06.gamingcontrol.de
145.221.42.211
45.81.232.20
1104b95c05236b360074079580618ab70c9da040b9ac6adf1f95a81aed0e87b6
2d0525ca6d900909500bf3f402bd7cedef15f2593370b0ae182e2b5a8c1e0248
3a135f82b209a59959b162a1fbc9b0b38856d1332af286f86046b06357b3811e
4962d901d1291eae5d56389c299d251b15f060c20fc267c6532eb604fd8fa6d8
651d90d1602614797adbbf2cf30f36ffa7e416a0d197b56b94b581a9e4fb58a8
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
6dd286f92103045918f261d2bda10e085b662eaff2c141b6fe66ee55fd5c2dcb
73631982420d832d6c978e527ae58ff765b91eeb1d9a16e30c44bc00a03e2e91
cf7fa75dfa95e4cdff567a10c10186d7a5bf7bba10e6022b8669e76594a150aa
d86cf7f5bd28cd9c1f25fd2b5e0f6e0a5a1bdbf9253d0252e67072834f0d1e59
da4638536ea61163947d415fce63a19e4c7be592fe76908e9dac19eb35e5ea8f
f74c344733a85af20d2754b208f12309e2a30c591795d0881cb0ad94c4be6155

web13137.cweb06.gamingcontrol.de Open in urlscan Pro 45.81.232.20 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

18 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

152 kBTransfer

302 kBSize

0 Cookies

6 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

6 Console Messages

Indicators

web13137.cweb06.gamingcontrol.de Open in urlscan Pro
45.81.232.20 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

152 kB
Transfer

302 kB
Size

0
Cookies

18 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!