Submitted URL: https://meine-ing.app/
Effective URL: https://meine-ing.app/orra/information/itan
Submission: On December 17 via manual from DE — Scanned from DE

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 13 HTTP transactions. The main IP is 172.67.195.174, located in United States and belongs to CLOUDFLARENET, US. The main domain is meine-ing.app.
TLS certificate: Issued by WE1 on December 16th 2024. Valid for: 3 months.
This is the only time meine-ing.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: ING Group (Banking)

Domain & IP information

IP Address AS Autonomous System
1 5 172.67.195.174 13335 (CLOUDFLAR...)
4 2a02:26f0:480... 20940 (AKAMAI-AS...)
3 104.17.24.14 13335 (CLOUDFLAR...)
13 4
Apex Domain
Subdomains
Transfer
5 meine-ing.app
meine-ing.app
8 KB
4 ing.de
cdn.ing.de — Cisco Umbrella Rank: 330108
166 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
241 KB
0 wikipedia.de Failed
www.wikipedia.de Failed
13 4
Domain Requested by
5 meine-ing.app 1 redirects meine-ing.app
4 cdn.ing.de meine-ing.app
cdn.ing.de
3 cdnjs.cloudflare.com meine-ing.app
cdnjs.cloudflare.com
0 www.wikipedia.de Failed
13 4

This site contains no links.

Subject Issuer Validity Valid
meine-ing.app
WE1
2024-12-16 -
2025-03-16
3 months crt.sh
www.ing-diba.de
HydrantID Server CA O1
2024-09-20 -
2025-10-20
a year crt.sh
cdnjs.cloudflare.com
WE1
2024-11-26 -
2025-02-24
3 months crt.sh

This page contains 1 frames:

Primary Page: https://meine-ing.app/orra/information/itan
Frame ID: B072162210EEA497065C9E73E121FFB0
Requests: 13 HTTP requests in this frame

Screenshot

Page Title

ING Login

Page URL History Show full URLs

  1. https://meine-ing.app/ Page URL
  2. http://meine-ing.app/start/itan HTTP 307
    https://meine-ing.app/start/itan HTTP 302
    http://meine-ing.app/orra/information/itan HTTP 307
    https://meine-ing.app/orra/information/itan Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

13
Requests

85 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

415 kB
Transfer

1097 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://meine-ing.app/ Page URL
  2. http://meine-ing.app/start/itan HTTP 307
    https://meine-ing.app/start/itan HTTP 302
    http://meine-ing.app/orra/information/itan HTTP 307
    https://meine-ing.app/orra/information/itan Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://meine-ing.app/favicon.ico HTTP 302
  • https://www.wikipedia.de/
Request Chain 10
  • https://meine-ing.app/favicon.ico HTTP 302
  • https://www.wikipedia.de/

13 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
meine-ing.app/
164 B
825 B
Document
General
Full URL
https://meine-ing.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.174 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2051bdb87956ea59024d284614de68cb5dd7852deeb3ae8e46f82203d844fc1b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f3590f18da2dbf6-FRA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Tue, 17 Dec 2024 08:33:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=we4Zw7azZM%2BCYi%2FDCPOGiSMFNE6LYtV8RGIXjPcIHRp0nZMU%2FPwptzHYeksXcFbmlmr%2BVLRNT0Jv9Leawz2jRizu9LXGJgQZ2BZF9uGUEX0%2B%2F7sTnYaC3lovemj%2B3UQ%2F"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=6938&min_rtt=6744&rtt_var=1345&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4164&recv_bytes=4509&delivery_rate=865&cwnd=12000&unsent_bytes=0&cid=ffb03a7536a076a2&ts=72&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
Primary Request itan
meine-ing.app/orra/information/
Redirect Chain
  • http://meine-ing.app/start/itan
  • https://meine-ing.app/start/itan
  • http://meine-ing.app/orra/information/itan
  • https://meine-ing.app/orra/information/itan
12 KB
5 KB
Document
General
Full URL
https://meine-ing.app/orra/information/itan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.174 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bcde1fbefc1029ee1f42846b4b2cf6deb261760c28bad57f42a2058b0cfb96b

Request headers

Referer
https://meine-ing.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8f3590f30955dbf6-FRA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Tue, 17 Dec 2024 08:33:04 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=brSN1KQ%2FbOBVALF3tP3uCXN9DTkwhjhJi%2BI1WGf5hVlR2JeEdsly1tB5QdRREwXcCASJZeHCi%2B2xwa4vdEUN95tMrmnCJfCfEMjHKNtbMGs0BarLiCNxGYitQlNzYwIW"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=8383&min_rtt=6744&rtt_var=2421&sent=19&recv=15&lost=0&retrans=0&sent_bytes=6657&recv_bytes=5817&delivery_rate=91228&cwnd=12000&unsent_bytes=0&cid=ffb03a7536a076a2&ts=308&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://meine-ing.app/orra/information/itan
Non-Authoritative-Reason
HSTS
/
www.wikipedia.de/
Redirect Chain
  • https://meine-ing.app/favicon.ico
  • https://www.wikipedia.de/
0
0

bundle.ibbr.css
cdn.ing.de/ing-feat-uilib-de/7.10.1/stylesheets/
698 KB
100 KB
Stylesheet
General
Full URL
https://cdn.ing.de/ing-feat-uilib-de/7.10.1/stylesheets/bundle.ibbr.css
Requested by
Host: meine-ing.app
URL: https://meine-ing.app/orra/information/itan
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:ba2::18de Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
7e66d580dc7ffe48ccaa8c3209508ed993e50ff0376d6757803266c02fce8753
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self' https://*.ing.de https://*.ing.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.cdn.ing.com; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31622400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/604.1
Referer
https://meine-ing.app/

Response headers

content-encoding
gzip
etag
"6604071a-18dae"
x-ing-response-id
db5e73d6d5d0a1b87f254273e69795f2
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Wed, 18 Dec 2024 14:51:07 GMT
akamai-cache-status
Hit from child
date
Tue, 17 Dec 2024 08:33:04 GMT
content-type
text/css
last-modified
Wed, 27 Mar 2024 11:46:34 GMT
vary
Accept-Encoding
x-frame-options
sameorigin
access-control-allow-headers
*
strict-transport-security
max-age=31622400; includeSubDomains; preload
content-security-policy
default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self' https://*.ing.de https://*.ing.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.cdn.ing.com; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval'
cache-control
max-age=109083
access-control-allow-credentials
false
access-control-allow-origin
*
content-length
101806
x-xss-protection
1; mode=block
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/
82 KB
15 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
Requested by
Host: meine-ing.app
URL: https://meine-ing.app/orra/information/itan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/604.1
Referer
https://meine-ing.app/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"619c057b-3a02"
age
373877
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GSLNPdccjOsrJIQS4qw6Dh30G0AI0jzz7UJvG4vdvYd6bPSgUCEqr4zOflSd8Al55vDO5Ti9laxx6X77ozNIRHzUjvvizJ3kXFGav9jzzD76Jhwg9%2FsEis712nLMA0Q5H%2BshaUho"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 07 Dec 2025 08:33:04 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 17 Dec 2024 08:33:04 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 22 Nov 2021 21:02:51 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f3590f38f99d348-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
14850
server
cloudflare
info.js
meine-ing.app/js/orra/
5 KB
2 KB
Script
General
Full URL
https://meine-ing.app/js/orra/info.js
Requested by
Host: meine-ing.app
URL: https://meine-ing.app/orra/information/itan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.174 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af45cc4896081793ba38201196efc6a768277c5cb9b72c6f6fcc21fcb2184914

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/604.1
Referer
https://meine-ing.app/orra/information/itan

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"1409-626891f31db00-gzip"
age
46
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7TT9QpOxizn6KQ0XyTIRZ3SZR8Jmi6ihPGtuETGlYVnVexbngUMVUUz3mmEMOmNj8fKDNxIgaFHX%2FD8qny%2BbUJqqdgP%2Bc%2BSSFS1zw%2B97kGbNwbdXeoWyn6hCnazrbpXD"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=10687&min_rtt=6744&rtt_var=4496&sent=26&recv=19&lost=0&retrans=0&sent_bytes=11591&recv_bytes=6305&delivery_rate=80900&cwnd=12000&unsent_bytes=0&cid=ffb03a7536a076a2&ts=334&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 17 Dec 2024 08:33:04 GMT
content-type
application/javascript
last-modified
Sun, 10 Nov 2024 06:30:36 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3590f37a1adbf6-FRA
accept-ranges
bytes
content-length
1257
server
cloudflare
ING_Deutschland_NoClaim.svg
cdn.ing.de/ing-feat-uilib-de/7.10.1/images/
16 KB
6 KB
Image
General
Full URL
https://cdn.ing.de/ing-feat-uilib-de/7.10.1/images/ING_Deutschland_NoClaim.svg
Requested by
Host: cdn.ing.de
URL: https://cdn.ing.de/ing-feat-uilib-de/7.10.1/stylesheets/bundle.ibbr.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:ba2::18de Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
9a214e9df938fbc09d96e47ae4dbe031d7a581647a87c38ec371bc2a2d4dc7cf
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self' https://*.ing.de https://*.ing.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.os.cdn.ing.com; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31622400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/604.1
Referer
https://cdn.ing.de/ing-feat-uilib-de/7.10.1/stylesheets/bundle.ibbr.css

Response headers

content-encoding
gzip
etag
"6604071a-15e6"
x-ing-response-id
484fb67cc0e15ae1e070f89cc9ab23e0
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Wed, 18 Dec 2024 01:35:13 GMT
akamai-cache-status
Hit from child
date
Tue, 17 Dec 2024 08:33:04 GMT
content-type
image/svg+xml
last-modified
Wed, 27 Mar 2024 11:46:34 GMT
vary
Accept-Encoding
x-frame-options
sameorigin
access-control-allow-headers
*
strict-transport-security
max-age=31622400; includeSubDomains; preload
content-security-policy
default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self' https://*.ing.de https://*.ing.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.os.cdn.ing.com; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval'
cache-control
max-age=61329
access-control-allow-credentials
false
access-control-allow-origin
*
content-length
5606
x-xss-protection
1; mode=block
INGMeWeb-Bold.woff2
cdn.ing.de/ing-feat-uilib-de/7.10.1/stylesheets/webfonts/
30 KB
30 KB
Font
General
Full URL
https://cdn.ing.de/ing-feat-uilib-de/7.10.1/stylesheets/webfonts/INGMeWeb-Bold.woff2
Requested by
Host: cdn.ing.de
URL: https://cdn.ing.de/ing-feat-uilib-de/7.10.1/stylesheets/bundle.ibbr.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:ba2::18de Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
3a135f82b209a59959b162a1fbc9b0b38856d1332af286f86046b06357b3811e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self' https://*.ing.de https://*.ing.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.os.cdn.ing.com; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31622400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/604.1
Origin
https://meine-ing.app
Referer
https://cdn.ing.de/ing-feat-uilib-de/7.10.1/stylesheets/bundle.ibbr.css

Response headers

content-encoding
gzip
etag
"6604071a-76ef"
x-ing-response-id
958875db762a98d6e66d90b5ffb0283d
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Wed, 18 Dec 2024 15:20:32 GMT
akamai-cache-status
Hit from child
date
Tue, 17 Dec 2024 08:33:04 GMT
content-type
font/woff2
last-modified
Wed, 27 Mar 2024 11:46:34 GMT
vary
Accept-Encoding
x-frame-options
sameorigin
access-control-allow-headers
*
strict-transport-security
max-age=31622400; includeSubDomains; preload
content-security-policy
default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self' https://*.ing.de https://*.ing.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.os.cdn.ing.com; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval'
cache-control
max-age=110848
access-control-allow-credentials
false
access-control-allow-origin
*
content-length
30447
x-xss-protection
1; mode=block
INGMeWeb-Regular.woff2
cdn.ing.de/ing-feat-uilib-de/7.10.1/stylesheets/webfonts/
29 KB
30 KB
Font
General
Full URL
https://cdn.ing.de/ing-feat-uilib-de/7.10.1/stylesheets/webfonts/INGMeWeb-Regular.woff2
Requested by
Host: cdn.ing.de
URL: https://cdn.ing.de/ing-feat-uilib-de/7.10.1/stylesheets/bundle.ibbr.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:ba2::18de Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
f74c344733a85af20d2754b208f12309e2a30c591795d0881cb0ad94c4be6155
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self' https://*.ing.de https://*.ing.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.os.cdn.ing.com; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31622400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/604.1
Origin
https://meine-ing.app
Referer
https://cdn.ing.de/ing-feat-uilib-de/7.10.1/stylesheets/bundle.ibbr.css

Response headers

content-encoding
gzip
etag
"6604071a-73ae"
x-ing-response-id
f770710d0d275facc5796a1fcc3c1067
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Wed, 18 Dec 2024 22:12:45 GMT
akamai-cache-status
RefreshHit from child, Hit from parent
date
Tue, 17 Dec 2024 08:33:04 GMT
content-type
font/woff2
last-modified
Wed, 27 Mar 2024 11:46:34 GMT
vary
Accept-Encoding
x-frame-options
sameorigin
access-control-allow-headers
*
strict-transport-security
max-age=31622400; includeSubDomains; preload
content-security-policy
default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self' https://*.ing.de https://*.ing.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.os.cdn.ing.com; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval'
cache-control
max-age=135581
access-control-allow-credentials
false
access-control-allow-origin
*
content-length
29614
x-xss-protection
1; mode=block
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/
122 KB
123 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94e1bbc1c2a41ebc73fa5253fd563256c0035b4d69181e48f9aef9e474a11251
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/604.1
Origin
https://meine-ing.app
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css

Response headers

cf-cdnjs-via
cfworker/kv
cf-cache-status
HIT
etag
"619c057b-1e888"
age
552443
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H0PNu%2BSKkwm833MdzG7ClbjAly8NV2UPWBvsi6yTpxqOxgqYozpz9QHPalZso5RBZljB7bBKuQSRbQbQK9urlEs%2FjIn9UOfxkzXZgvK2svYiBOWdf8GqP4dBpMJo5bODbvMT9TG5"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 07 Dec 2025 08:33:04 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 17 Dec 2024 08:33:04 GMT
content-type
application/octet-stream; charset=utf-8
last-modified
Mon, 22 Nov 2021 21:02:51 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f3590f41b49dbbb-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
125064
server
cloudflare
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/
103 KB
103 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33a252d6393cbd6debe0ac517229c7aa258a0ee68fc0253f8be6a7cee8b65ee9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/604.1
Origin
https://meine-ing.app
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css

Response headers

cf-cdnjs-via
cfworker/kv
cf-cache-status
HIT
etag
"619c057b-19af4"
age
1148502
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FvY%2BHo2TmS1IhfALHnP2v%2B8v%2FSLnCR8%2BxsQq%2F5zy7auOpA17ZBlj%2BC2345fnhdsV%2FeEqTa5JjtjbQkRboW%2B6Tua26YeXv3Rm2N%2BumR%2BoZbZeBOxA%2Bp66yGrT532jrQ5peA8xMxGJ"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 07 Dec 2025 08:33:04 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 17 Dec 2024 08:33:04 GMT
content-type
application/octet-stream; charset=utf-8
last-modified
Mon, 22 Nov 2021 21:02:51 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f3590f41b4ddbbb-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
105204
server
cloudflare
/
www.wikipedia.de/
Redirect Chain
  • https://meine-ing.app/favicon.ico
  • https://www.wikipedia.de/
0
0

online
meine-ing.app/user/
0
0
Fetch
General
Full URL
https://meine-ing.app/user/online
Requested by
Host: meine-ing.app
URL: https://meine-ing.app/orra/information/itan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.174 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Mobile/15E148 Safari/604.1
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryO1odbysRENraBi1w
Referer
https://meine-ing.app/orra/information/itan

Response headers

cache-control
no-store, no-cache, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qiHtjUfHtDjQgiTGzSsTOLLwnf19UroSxKTLv3eXaS2oNDuuIdj27gk%2Bq0JBO91NEMlEe43HOXG%2BdUslGqDpb%2FdqZqLv%2BH0OFH%2BvdvFSHluz2aC1SKWt3qAMCsCyURBl"}],"group":"cf-nel","max_age":604800}
cf-ray
8f359106cbbcdbf6-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=10037&min_rtt=6744&rtt_var=3660&sent=32&recv=24&lost=0&retrans=0&sent_bytes=14389&recv_bytes=7431&delivery_rate=10600&cwnd=12000&unsent_bytes=0&cid=ffb03a7536a076a2&ts=3466&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 17 Dec 2024 08:33:07 GMT
content-type
text/html; charset=UTF-8
server
cloudflare
priority
u=1,i

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.wikipedia.de
URL
https://www.wikipedia.de/
Domain
www.wikipedia.de
URL
https://www.wikipedia.de/

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ING Group (Banking)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
meine-ing.app/ Name: PHPSESSID
Value: 142as1q7c4jircbnm4qnrcrhae