urlscan.io logo urlscan.io
SecurityTrails logo

mijn.ing.nl.inlog-nl.com Open in urlscan Pro
47.74.249.193  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://x.co/scannen
Effective URL: http://mijn.ing.nl.inlog-nl.com/internetbankieren/aanmelden.html
Submission: On March 25 via manual from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 13 HTTP transactions. The main IP is 47.74.249.193, located in San Mateo, United States and belongs to CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN. The main domain is mijn.ing.nl.inlog-nl.com.
This is the only time mijn.ing.nl.inlog-nl.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: ING Group (Banking)

Domain & IP information

IP Address AS Autonomous System
1 1 45.40.140.1 26496 (AS-26496-...)
3 47.74.249.193 45102 (CNNIC-ALI...)
10 145.221.181.245 26415 (VERISIGN-INC)
13 2
Apex Domain
Subdomains		 Transfer
10 ing.nl
inlogcodes.mijn.ing.nl
1 MB
3 inlog-nl.com
mijn.ing.nl.inlog-nl.com
143 KB
1 x.co
x.co
117 B
13 3
Domain Requested by
10 inlogcodes.mijn.ing.nl mijn.ing.nl.inlog-nl.com
inlogcodes.mijn.ing.nl
3 mijn.ing.nl.inlog-nl.com mijn.ing.nl.inlog-nl.com
1 x.co 1 redirects
13 3

This site contains links to these domains. Also see Links.

Domain
www.ing.nl
Subject Issuer Validity Valid
inlogcodes.mijn.ing.nl
Entrust Certification Authority - L1M		 2017-03-24 -
2019-04-30		 2 years crt.sh

This page contains 1 frames:

Primary Page: http://mijn.ing.nl.inlog-nl.com/internetbankieren/aanmelden.html
Frame ID: 5083714E14225A91C8A71160920611C6
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://x.co/scannen HTTP 302
    http://mijn.ing.nl.inlog-nl.com/internetbankieren/aanmelden.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /angular.*\.js/i
  • env /^angular$/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /require.*\.js/i
  • env /^requirejs$/i
Overall confidence: 100%
Detected patterns
  • env /^webtrekk/i
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

13
Requests

77 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

1247 kB
Transfer

1231 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://x.co/scannen HTTP 302
    http://mijn.ing.nl.inlog-nl.com/internetbankieren/aanmelden.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request aanmelden.html
mijn.ing.nl.inlog-nl.com/internetbankieren/
Redirect Chain
  • https://x.co/scannen
  • http://mijn.ing.nl.inlog-nl.com/internetbankieren/aanmelden.html
17 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://mijn.ing.nl.inlog-nl.com/internetbankieren/aanmelden.html
Protocol
HTTP/1.1
Server
47.74.249.193 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
b2ba9a3df5d50b7e05eb0610107cdfff7d8a4140e15b56990cba41a6a7c95f00

Request headers

Host
mijn.ing.nl.inlog-nl.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Mar 2019 14:31:51 GMT
Server
Apache
Last-Modified
Sun, 17 Feb 2019 17:46:22 GMT
Accept-Ranges
bytes
Content-Length
16948
Connection
close
Content-Type
text/html

Redirect headers

status
302
server
nginx/1.12.2
date
Mon, 25 Mar 2019 14:31:50 GMT
content-type
text/html; charset=utf-8
location
http://mijn.ing.nl.inlog-nl.com/internetbankieren/aanmelden.html
style-z-1.0.0.css
inlogcodes.mijn.ing.nl/static/web/cms/css/ 		61 KB
62 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://inlogcodes.mijn.ing.nl/static/web/cms/css/style-z-1.0.0.css
Requested by
Host: mijn.ing.nl.inlog-nl.com
URL: http://mijn.ing.nl.inlog-nl.com/internetbankieren/aanmelden.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
145.221.181.245 Amstelveen, Netherlands, ASN26415 (VERISIGN-INC - VeriSign Global Registry Services, US),
Reverse DNS
Software
/
Resource Hash
46ab1f0468ddfbc5a7a5d59c5bdf6844ecd8bbe9e31a01cfc9416a252d92fcf0
Security Headers
Name Value
Strict-Transport-Security max-age=31622400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mijn.ing.nl.inlog-nl.com/internetbankieren/aanmelden.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 25 Mar 2019 14:31:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 13 Nov 2018 15:00:15 GMT
etag
"40bef-f255-57a8d1340533a"
x-frame-options
DENY
content-type
text/css
status
200
x-cnection
close
strict-transport-security
max-age=31622400; includeSubDomains
accept-ranges
bytes
x-xss-protection
1; mode=block
authentication.css
inlogcodes.mijn.ing.nl/static/css/custom/ 		423 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://inlogcodes.mijn.ing.nl/static/css/custom/authentication.css
Requested by
Host: mijn.ing.nl.inlog-nl.com
URL: http://mijn.ing.nl.inlog-nl.com/internetbankieren/aanmelden.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
145.221.181.245 Amstelveen, Netherlands, ASN26415 (VERISIGN-INC - VeriSign Global Registry Services, US),
Reverse DNS
Software
/
Resource Hash
b15995397788d8f72a4877b1b390f55e16acb2c63799e6258d2a0df539dc3d66
Security Headers
Name Value
Strict-Transport-Security max-age=31622400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mijn.ing.nl.inlog-nl.com/internetbankieren/aanmelden.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 25 Mar 2019 14:31:51 GMT
x-content-type-options
nosniff
last-modified
Mon, 03 Sep 2018 14:54:23 GMT
etag
"40010-1a7-574f8b781c5c0"
x-frame-options
DENY
content-type
text/css
status
200
x-cnection
close
strict-transport-security
max-age=31622400; includeSubDomains
accept-ranges
bytes
x-xss-protection
1; mode=block
require.js
inlogcodes.mijn.ing.nl/static/js/ 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://inlogcodes.mijn.ing.nl/static/js/require.js
Requested by
Host: mijn.ing.nl.inlog-nl.com
URL: http://mijn.ing.nl.inlog-nl.com/internetbankieren/aanmelden.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
145.221.181.245 Amstelveen, Netherlands, ASN26415 (VERISIGN-INC - VeriSign Global Registry Services, US),
Reverse DNS
Software
/
Resource Hash
ac1ee99d5203f41fd2842d6532d0cff229a6bcb8ed96adb25c858eae73eb22cf
Security Headers
Name Value
Strict-Transport-Security max-age=31622400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mijn.ing.nl.inlog-nl.com/internetbankieren/aanmelden.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 25 Mar 2019 14:31:51 GMT
x-content-type-options
nosniff
last-modified
Mon, 03 Sep 2018 14:55:06 GMT
etag
"410c3-369a-574f8ba11e680"
x-frame-options
DENY
content-type
text/javascript
status
200
x-cnection
close
strict-transport-security
max-age=31622400; includeSubDomains
accept-ranges
bytes
x-xss-protection
1; mode=block
jquery-1.10.1.min.js
inlogcodes.mijn.ing.nl/static/js/packages/ 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://inlogcodes.mijn.ing.nl/static/js/packages/jquery-1.10.1.min.js
Requested by
Host: mijn.ing.nl.inlog-nl.com
URL: http://mijn.ing.nl.inlog-nl.com/internetbankieren/aanmelden.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
145.221.181.245 Amstelveen, Netherlands, ASN26415 (VERISIGN-INC - VeriSign Global Registry Services, US),
Reverse DNS
Software
/
Resource Hash
4837f7e1f1565ff667528cd75c41f401e07e229de1bd1b232f0a7a40d4c46f79
Security Headers
Name Value
Strict-Transport-Security max-age=31622400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mijn.ing.nl.inlog-nl.com/internetbankieren/aanmelden.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 25 Mar 2019 14:31:51 GMT
x-content-type-options
nosniff
last-modified
Mon, 03 Sep 2018 14:54:43 GMT
etag
"80386-16b88-574f8b8b2f2c0"
x-frame-options
DENY
content-type
text/javascript
status
200
x-cnection
close
strict-transport-security
max-age=31622400; includeSubDomains
accept-ranges
bytes
x-xss-protection
1; mode=block
08101220.the-guide-styles.min.css
inlogcodes.mijn.ing.nl/assets/web/ng/restricted/css/ 		524 KB
529 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://inlogcodes.mijn.ing.nl/assets/web/ng/restricted/css/08101220.the-guide-styles.min.css
Requested by
Host: mijn.ing.nl.inlog-nl.com
URL: http://mijn.ing.nl.inlog-nl.com/internetbankieren/aanmelden.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
145.221.181.245 Amstelveen, Netherlands, ASN26415 (VERISIGN-INC - VeriSign Global Registry Services, US),
Reverse DNS
Software
/
Resource Hash
99789625286baf3634bb0d0209a1c3efc75d7b1358b5ddfe33e3e782630c8041
Security Headers
Name Value
Strict-Transport-Security max-age=31622400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mijn.ing.nl.inlog-nl.com/internetbankieren/aanmelden.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-cnection
close
date
Mon, 25 Mar 2019 14:31:51 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 09:50:46 GMT
x-frame-options
DENY
content-type
text/css
status
200
cache-control
public, max-age=600, s-maxage=600
strict-transport-security
max-age=31622400; includeSubDomains
accept-ranges
bytes
x-xss-protection
1; mode=block
87fbd43f.angular-all.js
inlogcodes.mijn.ing.nl/assets/web/ng/restricted/js/lib/ 		196 KB
198 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://inlogcodes.mijn.ing.nl/assets/web/ng/restricted/js/lib/87fbd43f.angular-all.js
Requested by
Host: mijn.ing.nl.inlog-nl.com
URL: http://mijn.ing.nl.inlog-nl.com/internetbankieren/aanmelden.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
145.221.181.245 Amstelveen, Netherlands, ASN26415 (VERISIGN-INC - VeriSign Global Registry Services, US),
Reverse DNS
Software
/
Resource Hash
836b4b3a79d1fc82577eac6bc25f1add9d5fa74435f5cc6667a9e88f0e97a828
Security Headers
Name Value
Strict-Transport-Security max-age=31622400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mijn.ing.nl.inlog-nl.com/internetbankieren/aanmelden.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-cnection
close
date
Mon, 25 Mar 2019 14:31:51 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 09:50:46 GMT
x-frame-options
DENY
content-type
text/javascript
status
200
cache-control
public, max-age=600, s-maxage=600
strict-transport-security
max-age=31622400; includeSubDomains
accept-ranges
bytes
x-xss-protection
1; mode=block
91ac1745.webtrekk_v4.js
inlogcodes.mijn.ing.nl/assets/web/ng/restricted/js/lib/ 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://inlogcodes.mijn.ing.nl/assets/web/ng/restricted/js/lib/91ac1745.webtrekk_v4.js
Requested by
Host: mijn.ing.nl.inlog-nl.com
URL: http://mijn.ing.nl.inlog-nl.com/internetbankieren/aanmelden.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
145.221.181.245 Amstelveen, Netherlands, ASN26415 (VERISIGN-INC - VeriSign Global Registry Services, US),
Reverse DNS
Software
/
Resource Hash
8eb0c46de24bf417a2aa02c8cf9e6e930196dabd8da1654b2e5b03d3e3156511
Security Headers
Name Value
Strict-Transport-Security max-age=31622400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mijn.ing.nl.inlog-nl.com/internetbankieren/aanmelden.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-cnection
close
date
Mon, 25 Mar 2019 14:31:51 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 09:50:46 GMT
x-frame-options
DENY
content-type
text/javascript
status
200
cache-control
public, max-age=600, s-maxage=600
strict-transport-security
max-age=31622400; includeSubDomains
accept-ranges
bytes
x-xss-protection
1; mode=block
javascript.js
mijn.ing.nl.inlog-nl.com/internetbankieren/source/ 		126 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://mijn.ing.nl.inlog-nl.com/internetbankieren/source/javascript.js
Requested by
Host: mijn.ing.nl.inlog-nl.com
URL: http://mijn.ing.nl.inlog-nl.com/internetbankieren/aanmelden.html
Protocol
HTTP/1.1
Server
47.74.249.193 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
0ad9fbefe1ab5d2f6e7cea0badcb3fa3850ac3e840fceed026cb66b9df886f83

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
mijn.ing.nl.inlog-nl.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://mijn.ing.nl.inlog-nl.com/internetbankieren/aanmelden.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://mijn.ing.nl.inlog-nl.com/internetbankieren/aanmelden.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Mar 2019 14:31:52 GMT
Last-Modified
Sun, 17 Feb 2019 17:46:24 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
129280
Content-Type
application/javascript
apps.js
mijn.ing.nl.inlog-nl.com/internetbankieren/source/ 		0
216 B 		Script
General
Check archive.org
Download Go to
Full URL
http://mijn.ing.nl.inlog-nl.com/internetbankieren/source/apps.js
Requested by
Host: mijn.ing.nl.inlog-nl.com
URL: http://mijn.ing.nl.inlog-nl.com/internetbankieren/aanmelden.html
Protocol
HTTP/1.1
Server
47.74.249.193 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
mijn.ing.nl.inlog-nl.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://mijn.ing.nl.inlog-nl.com/internetbankieren/aanmelden.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://mijn.ing.nl.inlog-nl.com/internetbankieren/aanmelden.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Mar 2019 14:31:52 GMT
Last-Modified
Sun, 17 Feb 2019 17:46:24 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
0
Content-Type
application/javascript
ing-icons-v4-6.woff
inlogcodes.mijn.ing.nl/assets/web/ng/restricted/fonts/woff/ 		68 KB
69 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://inlogcodes.mijn.ing.nl/assets/web/ng/restricted/fonts/woff/ing-icons-v4-6.woff
Requested by
Host: inlogcodes.mijn.ing.nl
URL: https://inlogcodes.mijn.ing.nl/static/js/packages/jquery-1.10.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
145.221.181.245 Amstelveen, Netherlands, ASN26415 (VERISIGN-INC - VeriSign Global Registry Services, US),
Reverse DNS
Software
/
Resource Hash
3b5249aa62da52d9853ebd8a7c8f43ed84b3941f10bd6cd7eff0619889daa2d2
Security Headers
Name Value
Strict-Transport-Security max-age=31622400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://inlogcodes.mijn.ing.nl/assets/web/ng/restricted/css/08101220.the-guide-styles.min.css
Origin
http://mijn.ing.nl.inlog-nl.com

Response headers

x-cnection
close
date
Mon, 25 Mar 2019 14:31:53 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 09:50:46 GMT
access-control-allow-origin
*
x-frame-options
DENY
content-type
application/font-woff
status
200
cache-control
public, max-age=600, s-maxage=600
access-control-allow-credentials
false
strict-transport-security
max-age=31622400; includeSubDomains
accept-ranges
bytes
vary
Origin
x-xss-protection
1; mode=block
INGMeWeb-Bold.woff
inlogcodes.mijn.ing.nl/assets/web/ng/restricted/fonts/woff/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://inlogcodes.mijn.ing.nl/assets/web/ng/restricted/fonts/woff/INGMeWeb-Bold.woff
Requested by
Host: inlogcodes.mijn.ing.nl
URL: https://inlogcodes.mijn.ing.nl/static/js/packages/jquery-1.10.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
145.221.181.245 Amstelveen, Netherlands, ASN26415 (VERISIGN-INC - VeriSign Global Registry Services, US),
Reverse DNS
Software
/
Resource Hash
e5cb35bd410aba4b717a1cc46814a88b50ff311f9514630dffa3480cb43b92e0
Security Headers
Name Value
Strict-Transport-Security max-age=31622400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://inlogcodes.mijn.ing.nl/assets/web/ng/restricted/css/08101220.the-guide-styles.min.css
Origin
http://mijn.ing.nl.inlog-nl.com

Response headers

x-cnection
close
date
Mon, 25 Mar 2019 14:31:53 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 09:50:46 GMT
access-control-allow-origin
*
x-frame-options
DENY
content-type
application/font-woff
status
200
cache-control
public, max-age=600, s-maxage=600
access-control-allow-credentials
false
strict-transport-security
max-age=31622400; includeSubDomains
accept-ranges
bytes
vary
Origin
x-xss-protection
1; mode=block
INGMeWeb-Regular.woff
inlogcodes.mijn.ing.nl/assets/web/ng/restricted/fonts/woff/ 		36 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://inlogcodes.mijn.ing.nl/assets/web/ng/restricted/fonts/woff/INGMeWeb-Regular.woff
Requested by
Host: inlogcodes.mijn.ing.nl
URL: https://inlogcodes.mijn.ing.nl/static/js/packages/jquery-1.10.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
145.221.181.245 Amstelveen, Netherlands, ASN26415 (VERISIGN-INC - VeriSign Global Registry Services, US),
Reverse DNS
Software
/
Resource Hash
4a0a7668aaa847d33f49023d0982c6331bc9705cad2586eccb8086a680ef534c
Security Headers
Name Value
Strict-Transport-Security max-age=31622400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://inlogcodes.mijn.ing.nl/assets/web/ng/restricted/css/08101220.the-guide-styles.min.css
Origin
http://mijn.ing.nl.inlog-nl.com

Response headers

x-cnection
close
date
Mon, 25 Mar 2019 14:31:53 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 09:50:46 GMT
access-control-allow-origin
*
x-frame-options
DENY
content-type
application/font-woff
status
200
cache-control
public, max-age=600, s-maxage=600
access-control-allow-credentials
false
strict-transport-security
max-age=31622400; includeSubDomains
accept-ranges
bytes
vary
Origin
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ING Group (Banking)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| stopRKey function| requirejs function| require function| define function| $ function| jQuery object| angular undefined| wts undefined| wt_safetagConfig object| webtrekkUnloadObjects object| webtrekkLinktrackObjects object| webtrekkHeatmapObjects function| WebtrekkV3 function| webtrekkV3 object| gLoginCredMgtWA

0 Cookies