maffuall.work Open in urlscan Pro
63.250.43.137 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/
Submission: On December 28 via manual (December 28th 2022, 2:35:59 pm UTC) from FR — Scanned from FR

Summary HTTP 52 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 52 HTTP transactions. The main IP is 63.250.43.137, located in United States and belongs to NAMECHEAP-NET, US. The main domain is maffuall.work.

This is the only time maffuall.work was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: ING Group (Banking)

Domain & IP information

	IP Address	AS Autonomous System
32	63.250.43.137 63.250.43.137	22612 (NAMECHEAP...) (NAMECHEAP-NET)
14	2600:1901:0:c... 2600:1901:0:c07c::	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:5... 2600:1901:0:5987::	15169 (GOOGLE) (GOOGLE)
52	4

32 63.250.43.137 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: ingress-florina.easywp.com

maffuall.work	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2600:1901:0:c07c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

api.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:5987:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

app.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	maffuall.work maffuall.work	1 MB
15	usercentrics.eu api.usercentrics.eu — Cisco Umbrella Rank: 10183 app.usercentrics.eu — Cisco Umbrella Rank: 10286	13 KB
0	helpotus.com Failed helpotus.com Failed
52	3

	Domain	Requested by
32	maffuall.work	maffuall.work
14	api.usercentrics.eu	maffuall.work
1	app.usercentrics.eu
0	helpotus.com Failed	maffuall.work
52	4

This site contains no links.

Subject Issuer	Validity	Valid
api.usercentrics.eu GTS CA 1D4	`2022-12-12` - `2023-03-12`	3 months	crt.sh
app.usercentrics.eu GTS CA 1D4	`2022-12-14` - `2023-03-14`	3 months	crt.sh

This page contains 4 frames:

Primary Page: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/
Frame ID: EC1AB1156776FECA736E50274FDE0946
Requests: 26 HTTP requests in this frame

Frame: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/cross-domain-bridge.html
Frame ID: 3AC190AA467BDC6F26FDAAC962C1D152
Requests: 1 HTTP requests in this frame

Frame: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/
Frame ID: 39264E1149F9B6D80F953783F6E536FA
Requests: 17 HTTP requests in this frame

Frame: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/cross-domain-bridge.html
Frame ID: 77F94A0A61914F09E95135184B3E4AD1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ING Login

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

52
Requests

29 %
HTTPS

67 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

1220 kB
Transfer

5047 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/w/r/tssV3vNFVypuDO4q6CZvTqxO8zVczbxBr7eENRPMjGtKp62OBiqmyLohiMrI5BqpXCs62GFSuwLYFzfHyJqE6M5Y9M03xyVRIJI3E6FvWX5N6ak0sg5voA/webjars/ing-feat-uilib-de/6.5.35/images/dots-ver-EA9B3C619827FD887CE3FFC8153FA257.lottie HTTP 302
https://helpotus.com/?s=maffuall.work

Request Chain 16

http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/w/r/tssV3vNFVypuDO4q6CZvTqxO8zVczbxBr7eENRPMjGtKp62OBiqmyLohiMrI5BqpXCs62GFSuwLYFzfHyJqE6M5Y9M03xyVRIJI3E6FvWX5N6ak0sg5voA/webjars/ing-feat-uilib-de/6.5.35/images/dots-ver-EA9B3C619827FD887CE3FFC8153FA257.lottie HTTP 302
https://helpotus.com/?s=maffuall.work

Request Chain 38

http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/w/r/tssV3vNFVypuDO4q6CZvTqxO8zVczbxBr7eENRPMjGtKp62OBiqmyLohiMrI5BqpXCs62GFSuwLYFzfHyJqE6M5Y9M03xyVRIJI3E6FvWX5N6ak0sg5voA/webjars/ing-feat-uilib-de/6.5.35/images/dots-ver-EA9B3C619827FD887CE3FFC8153FA257.lottie HTTP 302
https://helpotus.com/?s=maffuall.work

Request Chain 39

http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/w/r/tssV3vNFVypuDO4q6CZvTqxO8zVczbxBr7eENRPMjGtKp62OBiqmyLohiMrI5BqpXCs62GFSuwLYFzfHyJqE6M5Y9M03xyVRIJI3E6FvWX5N6ak0sg5voA/webjars/ing-feat-uilib-de/6.5.35/images/dots-ver-EA9B3C619827FD887CE3FFC8153FA257.lottie HTTP 302
https://helpotus.com/?s=maffuall.work

52 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ 27 KB
9 KB 382ms
171ms Document
text/html 63.250.43.137
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/

Protocol

HTTP/1.1

Server

63.250.43.137 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-florina.easywp.com

Software

nginx /

Resource Hash

e2b9a23aadb46a74b709006a12296ac104ecee06ae090b6e9432f5e3910bc704

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 21885
cache-control: no-store, no-cache, must-revalidate, public
content-encoding: gzip
content-length: 8651
content-type: text/html; charset=UTF-8
date: Wed, 28 Dec 2022 08:31:08 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-cache: HIT
x-cacheable: YES
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK BusyIndicator-ver-D96AC53727CDA7F131E86944079EBDA2.css
maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/ 1 KB
1 KB 170ms
170ms Stylesheet
text/css 63.250.43.137
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/BusyIndicator-ver-D96AC53727CDA7F131E86944079EBDA2.css

Requested by

Host: maffuall.work
URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/

Protocol

HTTP/1.1

Server

63.250.43.137 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-florina.easywp.com

Software

nginx /

Resource Hash

963713702294c12c60ee25875eac53286b39cd67cadbdd27fe7048444cab82bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 08:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 21760
x-cache: HIT
content-length: 454
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Dec 2022 12:35:13 GMT
server: nginx
etag: W/"63a5a081-418"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bundle.ibbr-ver-A1BC03D6FA9731EE7E461042EC133352.css
maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNu/webjars/ing-feat-uilib-de/6.5.35/stylesheets/ 1 MB
125 KB 333ms
167ms Stylesheet
text/css 63.250.43.137
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNu/webjars/ing-feat-uilib-de/6.5.35/stylesheets/bundle.ibbr-ver-A1BC03D6FA9731EE7E461042EC133352.css

Requested by

Host: maffuall.work
URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/

Protocol

HTTP/1.1

Server

63.250.43.137 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-florina.easywp.com

Software

nginx /

Resource Hash

fe49cb0211e003703da8c87102bbafea69c336a6518fe71c64d7e0ca7d04a690

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 08:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 21760
x-cache: HIT
content-length: 127554
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Dec 2022 12:35:13 GMT
server: nginx
etag: W/"63a5a081-11640a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK qrl-ver-A4288F3F0CE7F5C60C76A005C363B0A2.svg
maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/ 2 KB
2 KB 168ms
168ms Image
image/svg+xml 63.250.43.137
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/qrl-ver-A4288F3F0CE7F5C60C76A005C363B0A2.svg

Requested by

Host: maffuall.work
URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/

Protocol

HTTP/1.1

Server

63.250.43.137 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-florina.easywp.com

Software

nginx /

Resource Hash

9d0ce0dd87e2d9bc4171914be7b288f8388ce7c26dc58e0a465a82760e899914

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 08:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 21760
x-cache: HIT
content-length: 849
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Dec 2022 12:35:13 GMT
server: nginx
etag: W/"63a5a081-7df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK qrlhint-ver-916FDE8A4CA8095FC339D6829D7D6723.png
maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/ 44 KB
44 KB 170ms
170ms Image
image/png 63.250.43.137
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/qrlhint-ver-916FDE8A4CA8095FC339D6829D7D6723.png

Requested by

Host: maffuall.work
URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/

Protocol

HTTP/1.1

Server

63.250.43.137 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-florina.easywp.com

Software

nginx /

Resource Hash

fb6ebe23316c03fd8d25e871bfdd9c41eb77e14115f5a01e3e0d97b94617779e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 08:33:13 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 21760
x-cache: HIT
content-length: 44838
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Dec 2022 12:35:13 GMT
server: nginx
etag: "63a5a081-af26"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery-3.js Show response
maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/ 87 KB
31 KB 316ms
170ms Script
application/javascript 63.250.43.137
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/jquery-3.js

Requested by

Host: maffuall.work
URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/

Protocol

HTTP/1.1

Server

63.250.43.137 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-florina.easywp.com

Software

nginx /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 08:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 21760
x-cache: HIT
content-length: 30950
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Dec 2022 12:35:13 GMT
server: nginx
etag: W/"63a5a081-15d84"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK wicket-ajax-jquery-ver-4D09ABFD59C4D1E8C40853E2941D8163.js Show response
maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/ 27 KB
9 KB 335ms
169ms Script
application/javascript 63.250.43.137
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/wicket-ajax-jquery-ver-4D09ABFD59C4D1E8C40853E2941D8163.js

Requested by

Host: maffuall.work
URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/

Protocol

HTTP/1.1

Server

63.250.43.137 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-florina.easywp.com

Software

nginx /

Resource Hash

01c98d0b42ebc6e82182aa60eef96a377a82208b0a5c34f3cae929751276b5fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 08:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 21760
x-cache: HIT
content-length: 8224
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Dec 2022 12:35:13 GMT
server: nginx
etag: W/"63a5a081-6a9e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK busy-ver-C331575AF308054F00673A92BCB41217.js Show response
maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/ 7 KB
3 KB 334ms
167ms Script
application/javascript 63.250.43.137
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/busy-ver-C331575AF308054F00673A92BCB41217.js

Requested by

Host: maffuall.work
URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/

Protocol

HTTP/1.1

Server

63.250.43.137 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-florina.easywp.com

Software

nginx /

Resource Hash

76c784ae844d93674c22dd9ca5124e99f04e00363f5381e79e44a40e8f440bfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 08:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 21760
x-cache: HIT
content-length: 2010
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Dec 2022 12:35:13 GMT
server: nginx
etag: W/"63a5a081-1bed"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK main.js Show response
maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/ 420 KB
105 KB 168ms
168ms Script
application/javascript 63.250.43.137
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/main.js

Requested by

Host: maffuall.work
URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/

Protocol

HTTP/1.1

Server

63.250.43.137 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-florina.easywp.com

Software

nginx /

Resource Hash

bc872a6a4c9a3d0c34a7f387b930bca9353c96037a25b7dc82955c461ee45345

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 08:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 21760
x-cache: HIT
content-length: 106860
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Dec 2022 12:35:13 GMT
server: nginx
etag: W/"63a5a081-68f12"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK webtrekk_v4.js Show response
maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/ 63 KB
20 KB 340ms
170ms Script
application/javascript 63.250.43.137
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/webtrekk_v4.js

Requested by

Host: maffuall.work
URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/

Protocol

HTTP/1.1

Server

63.250.43.137 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-florina.easywp.com

Software

nginx /

Resource Hash

b5830f800a89c19deb7763881cabba52e7b617ea74b983aa4f8a95bb06b83454

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 08:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 21760
x-cache: HIT
content-length: 19368
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Dec 2022 12:35:13 GMT
server: nginx
etag: W/"63a5a081-fbd1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bundle.js Show response
maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/ 619 KB
167 KB 195ms
170ms Script
application/javascript 63.250.43.137
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/bundle.js

Requested by

Host: maffuall.work
URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/

Protocol

HTTP/1.1

Server

63.250.43.137 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-florina.easywp.com

Software

nginx /

Resource Hash

3b513c80e1570b67f86e93227a47ef058ff7ecb5a0254df411d14e3c7be81603

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 08:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 21760
x-cache: HIT
content-length: 170603
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Dec 2022 12:35:13 GMT
server: nginx
etag: W/"63a5a081-9ade5"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK SuppressJavascriptConsoleBehavior-ver-1EA60D9506B6FAC9D0B9E6C.js Show response
maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/ 103 B
749 B 167ms
167ms Script
application/javascript 63.250.43.137
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/SuppressJavascriptConsoleBehavior-ver-1EA60D9506B6FAC9D0B9E6C.js

Requested by

Host: maffuall.work
URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/

Protocol

HTTP/1.1

Server

63.250.43.137 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-florina.easywp.com

Software

nginx /

Resource Hash

73a5f7c390a84dd606e6211a774af311bc3ce5be35ec6bba7f23ad591bc46a11

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 08:33:13 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 21760
x-cache: HIT
content-length: 103
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Dec 2022 12:35:13 GMT
server: nginx
etag: "63a5a081-67"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: application/javascript
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ING_Deutschland_NoClaim.svg
maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNunBPIoxnfDCiDPJIr9jC1vYhMYnVHX3RmFyL-VjUn39Et4Pd5yOOeuOGinSEk/webjars... 16 KB
6 KB 167ms
167ms Image
image/svg+xml 63.250.43.137
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNunBPIoxnfDCiDPJIr9jC1vYhMYnVHX3RmFyL-VjUn39Et4Pd5yOOeuOGinSEk/webjars/ing-feat-uilib-de/6.5.35/images/ING_Deutschland_NoClaim.svg

Requested by

Host: maffuall.work
URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNu/webjars/ing-feat-uilib-de/6.5.35/stylesheets/bundle.ibbr-ver-A1BC03D6FA9731EE7E461042EC133352.css

Protocol

HTTP/1.1

Server

63.250.43.137 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-florina.easywp.com

Software

nginx /

Resource Hash

475f12eb22b72af14086052c4dce2cdd331230ac9041163cfed2f64da530bd42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNu/webjars/ing-feat-uilib-de/6.5.35/stylesheets/bundle.ibbr-ver-A1BC03D6FA9731EE7E461042EC133352.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 08:33:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 21760
x-cache: HIT
content-length: 5615
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Dec 2022 12:35:13 GMT
server: nginx
etag: W/"63a5a081-3faf"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK INGMeWeb-Bold.html
maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNunBPIoxnfDCiDPJIr9jC1vYhMYnVHX3RmFyL-VjUn39Et4Pd5yOOeuOGinSEk/webjars... 30 KB
30 KB 171ms
170ms Font
text/html 63.250.43.137
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Server

63.250.43.137 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-florina.easywp.com

Software

nginx /

Resource Hash

12976fc1470cc894e4cde79b4837efb12fcacfc0442fcc9b4d28dc22b6a22e5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNu/webjars/ing-feat-uilib-de/6.5.35/stylesheets/bundle.ibbr-ver-A1BC03D6FA9731EE7E461042EC133352.css
Origin: http://maffuall.work
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 08:33:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 21760
x-cache: HIT
content-length: 30443
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 23 Dec 2022 12:35:13 GMT
server: nginx
etag: W/"63a5a081-76f5"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
cache-control: public
accept-ranges: bytes

GET
H/1.1 200
OK INGMeWeb-Regular.html
maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNunBPIoxnfDCiDPJIr9jC1vYhMYnVHX3RmFyL-VjUn39Et4Pd5yOOeuOGinSEk/webjars... 29 KB
29 KB 171ms
170ms Font
text/html 63.250.43.137
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Server

63.250.43.137 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-florina.easywp.com

Software

nginx /

Resource Hash

171080b56456b8852b6ed884ac2deac230314d97d82041db16022989942f4f3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNu/webjars/ing-feat-uilib-de/6.5.35/stylesheets/bundle.ibbr-ver-A1BC03D6FA9731EE7E461042EC133352.css
Origin: http://maffuall.work
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 08:33:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 21760
x-cache: HIT
content-length: 29626
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 23 Dec 2022 12:35:13 GMT
server: nginx
etag: W/"63a5a081-73bb"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
cache-control: public
accept-ranges: bytes

GET
H/1.1 200
OK icons.woff
maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNunBPIoxnfDCiDPJIr9jC1vYhMYnVHX3RmFyL-VjUn39Et4Pd5yOOeuOGinSEk/webjars... 32 KB
32 KB 168ms
167ms Font
font/woff 63.250.43.137
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Server

63.250.43.137 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-florina.easywp.com

Software

nginx /

Resource Hash

305948d72ce8577a386f77079dacdb6841f18668f64cc7865a196a0624e5b5a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNu/webjars/ing-feat-uilib-de/6.5.35/stylesheets/bundle.ibbr-ver-A1BC03D6FA9731EE7E461042EC133352.css
Origin: http://maffuall.work
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 08:33:14 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 21760
x-cache: HIT
content-length: 32296
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Dec 2022 12:35:13 GMT
server: nginx
etag: "63a5a081-7e28"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: font/woff
access-control-allow-origin: http://maffuall.work
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET

/
helpotus.com/
Redirect Chain

http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/w/r/tssV3vNFVypuDO4q6CZvTqxO8zVczbxBr7eENRPMjGtKp62OBiqmyLohiMrI5BqpXCs62GFSuwLYFzfHyJqE6M5Y9M03xyVRIJI3E6FvWX5N...
https://helpotus.com/?s=maffuall.work

0
0

GET

/
helpotus.com/
Redirect Chain

http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/w/r/tssV3vNFVypuDO4q6CZvTqxO8zVczbxBr7eENRPMjGtKp62OBiqmyLohiMrI5BqpXCs62GFSuwLYFzfHyJqE6M5Y9M03xyVRIJI3E6FvWX5N...
https://helpotus.com/?s=maffuall.work

0
0

GET
H/1.1 200
OK cross-domain-bridge.html Show response
maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/ Frame 3AC1 6 KB
2 KB 170ms
167ms Document
text/html 63.250.43.137
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/cross-domain-bridge.html

Requested by

Host: maffuall.work
URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/

Protocol

HTTP/1.1

Server

63.250.43.137 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-florina.easywp.com

Software

nginx /

Resource Hash

08ca3eb2d56d2ac4730bcd56fc57fb2d0a661489d16eb3a408232dc70fa02cd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 21760
cache-control: public
content-encoding: gzip
content-length: 1192
content-type: text/html
date: Wed, 28 Dec 2022 08:33:14 GMT
etag: W/"63a5a081-1988"
last-modified: Fri, 23 Dec 2022 12:35:13 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-cache: HIT
x-cacheable: YES
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK INGMeWeb-Bold.woff
maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNunBPIoxnfDCiDPJIr9jC1vYhMYnVHX3RmFyL-VjUn39Et4Pd5yOOeuOGinSEk/webjars... 37 KB
38 KB 170ms
170ms Font
font/woff 63.250.43.137
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Server

63.250.43.137 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-florina.easywp.com

Software

nginx /

Resource Hash

e5cb35bd410aba4b717a1cc46814a88b50ff311f9514630dffa3480cb43b92e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNu/webjars/ing-feat-uilib-de/6.5.35/stylesheets/bundle.ibbr-ver-A1BC03D6FA9731EE7E461042EC133352.css
Origin: http://maffuall.work
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 08:33:14 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 21760
x-cache: HIT
content-length: 38292
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Dec 2022 12:35:13 GMT
server: nginx
etag: "63a5a081-9594"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: font/woff
access-control-allow-origin: http://maffuall.work
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK INGMeWeb-Regular.woff
maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNunBPIoxnfDCiDPJIr9jC1vYhMYnVHX3RmFyL-VjUn39Et4Pd5yOOeuOGinSEk/webjars... 36 KB
37 KB 170ms
170ms Font
font/woff 63.250.43.137
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Server

63.250.43.137 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-florina.easywp.com

Software

nginx /

Resource Hash

4a0a7668aaa847d33f49023d0982c6331bc9705cad2586eccb8086a680ef534c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNu/webjars/ing-feat-uilib-de/6.5.35/stylesheets/bundle.ibbr-ver-A1BC03D6FA9731EE7E461042EC133352.css
Origin: http://maffuall.work
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 08:33:14 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 21760
x-cache: HIT
content-length: 37344
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Dec 2022 12:35:13 GMT
server: nginx
etag: "63a5a081-91e0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: font/woff
access-control-allow-origin: http://maffuall.work
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 languages.json Show response
api.usercentrics.eu/settings/oAoDY7kHB/latest/ 61 B
616 B 38ms
37ms Fetch
application/json 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/oAoDY7kHB/latest/languages.json

Requested by

Host: maffuall.work
URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

dc8343dae24291634bf1aec40cb6794f860bc2b1d28f0ab683854cced24619a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: http://maffuall.work/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json

Response headers

date: Wed, 28 Dec 2022 14:35:54 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 0
x-client-geo-location: FR,
x-guploader-uploadid: ADPycdv4NQ4pXiNDmyV8dmBcmTM7xxXbDxAhILAksxhQkFONaH3QuRadyMw73qiO2zZ85evhwoMzZiLdV3YbZk3caE25aoif7WKy
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67
last-modified: Mon, 05 Dec 2022 07:42:33 GMT
server: UploadServer
etag: "da13a9b5363ff28c20e52e67131f24fd"
vary: Accept-Encoding
x-goog-generation: 1670226153680072
x-goog-hash: crc32c=u6slow==, md5=2hOptTY/8owg5S5nEx8k/Q==
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=1800, s-maxage=10
x-goog-stored-content-length: 67
accept-ranges: bytes
content-type: application/json
expires: Wed, 28 Dec 2022 14:36:04 GMT

OPTIONS
H2 200 languages.json
api.usercentrics.eu/settings/oAoDY7kHB/latest/ Frame 0
0 81ms
30ms Preflight
text/html 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/oAoDY7kHB/latest/languages.json

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://maffuall.work
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 28 Dec 2022 14:35:54 GMT
expires: Wed, 28 Dec 2022 14:35:54 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: FR,
x-guploader-uploadid: ADPycduTgvPwHI3PN9CAQfmi_xU6kZiQ6O6Ufufk12vqbBO2gOwLaViReiFCJ4TeGz6E1DjTe7-h7RxQcw4eC1icap2O

GET
H3 200 dps-de.json Show response
api.usercentrics.eu/settings/oAoDY7kHB/latest/ 4 KB
926 B 35ms
34ms Fetch
application/json 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/oAoDY7kHB/latest/dps-de.json

Requested by

Host: maffuall.work
URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

6255fc0e2696d1467de2307bb103e9f3824785448a10b843dbba016f4923b929

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: http://maffuall.work/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json

Response headers

date: Wed, 28 Dec 2022 14:35:54 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 0
x-client-geo-location: FR,
x-guploader-uploadid: ADPycdtXNa5DzH2DePeMhq6c5r783XQxRBKpbaVVOSGRq_wvvScw907t16xkJ1xnWePN1KuwmCoaCh6efWN_MHQFuORT7q_lS0La
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 893
last-modified: Mon, 05 Dec 2022 07:42:33 GMT
server: UploadServer
etag: "fdc0a7910a6aeb8e0e07eb6252989271"
vary: Accept-Encoding
x-goog-generation: 1670226153653045
x-goog-hash: crc32c=FGDMCw==, md5=/cCnkQpq644OB+tiUpiScQ==
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=1800, s-maxage=10
x-goog-stored-content-length: 893
accept-ranges: bytes
content-type: application/json
expires: Wed, 28 Dec 2022 14:36:04 GMT

OPTIONS
H3 200 dps-de.json
api.usercentrics.eu/settings/oAoDY7kHB/latest/ Frame 0
0 33ms
32ms Preflight
text/html 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/oAoDY7kHB/latest/dps-de.json

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://maffuall.work
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 28 Dec 2022 14:35:54 GMT
expires: Wed, 28 Dec 2022 14:35:54 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: FR,
x-guploader-uploadid: ADPycds9KyQM6sdtOmELo0W6XA0gidOoFBDVHgwNMU0wtObgGjA-k-znatEq8Ws-S3hO6NnXQQhlj5HlLvV5ThaRH54LJvV3NX_E

GET
H3 200 core.json Show response
api.usercentrics.eu/settings/oAoDY7kHB/latest/ 1 KB
750 B 38ms
38ms Fetch
application/json 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/oAoDY7kHB/latest/core.json

Requested by

Host: maffuall.work
URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

fef9c4d4b00444664dd069eb5f5a888b9e545d0bed793d0e9eab0a75778b3870

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: http://maffuall.work/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json

Response headers

date: Wed, 28 Dec 2022 14:35:54 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 0
x-client-geo-location: FR,
x-guploader-uploadid: ADPycdu9VeDQicldeZUDruK-4ARMFDPWfKwLeAgCNbYmOel2j1SL7J1Ls0CtJoDenVyuC9AzHBfQAmZh0KN41dzK7ixwvPzpM0R3
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 717
last-modified: Mon, 05 Dec 2022 07:42:33 GMT
server: UploadServer
etag: "30b8d1d67de2dce3824aee292497181b"
vary: Accept-Encoding
x-goog-generation: 1670226153649671
x-goog-hash: crc32c=/IJOcA==, md5=MLjR1n3i3OOCSu4pJJcYGw==
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=1800, s-maxage=10
x-goog-stored-content-length: 717
accept-ranges: bytes
content-type: application/json
expires: Wed, 28 Dec 2022 14:36:04 GMT

OPTIONS
H3 200 core.json
api.usercentrics.eu/settings/oAoDY7kHB/latest/ Frame 0
0 35ms
35ms Preflight
text/html 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/oAoDY7kHB/latest/core.json

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://maffuall.work
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 28 Dec 2022 14:35:54 GMT
expires: Wed, 28 Dec 2022 14:35:54 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: FR,
x-guploader-uploadid: ADPycdvx1Tba_8rVOSG9_i-MtOUrEcKcaDO5J1ujQKaGml0bMIvlh17Lmpki_a6fQ9dX-QG0sFXGhiFyawLF7PmYwWKABKNRrBmv

GET
H/1.1 200
OK / Show response
maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ Frame 3926 27 KB
9 KB 170ms
170ms Document
text/html 63.250.43.137
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/

Requested by

Host: maffuall.work
URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/main.js

Protocol

HTTP/1.1

Server

63.250.43.137 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-florina.easywp.com

Software

nginx /

Resource Hash

e2b9a23aadb46a74b709006a12296ac104ecee06ae090b6e9432f5e3910bc704

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 21886
cache-control: no-store, no-cache, must-revalidate, public
content-encoding: gzip
content-length: 8651
content-type: text/html; charset=UTF-8
date: Wed, 28 Dec 2022 08:31:08 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-cache: HIT
x-cacheable: YES
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK BusyIndicator-ver-D96AC53727CDA7F131E86944079EBDA2.css
maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/ Frame 3926 1 KB
1 KB 171ms
170ms Stylesheet
text/css 63.250.43.137
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/BusyIndicator-ver-D96AC53727CDA7F131E86944079EBDA2.css

Requested by

Host: maffuall.work
URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/

Protocol

HTTP/1.1

Server

63.250.43.137 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-florina.easywp.com

Software

nginx /

Resource Hash

963713702294c12c60ee25875eac53286b39cd67cadbdd27fe7048444cab82bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 08:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 21761
x-cache: HIT
content-length: 454
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Dec 2022 12:35:13 GMT
server: nginx
etag: W/"63a5a081-418"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bundle.ibbr-ver-A1BC03D6FA9731EE7E461042EC133352.css
maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNu/webjars/ing-feat-uilib-de/6.5.35/stylesheets/ Frame 3926 1 MB
125 KB 171ms
171ms Stylesheet
text/css 63.250.43.137
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: maffuall.work
URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/

Protocol

HTTP/1.1

Server

63.250.43.137 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-florina.easywp.com

Software

nginx /

Resource Hash

fe49cb0211e003703da8c87102bbafea69c336a6518fe71c64d7e0ca7d04a690

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 08:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 21761
x-cache: HIT
content-length: 127554
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Dec 2022 12:35:13 GMT
server: nginx
etag: W/"63a5a081-11640a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK qrl-ver-A4288F3F0CE7F5C60C76A005C363B0A2.svg
maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/ Frame 3926 2 KB
2 KB 170ms
169ms Image
image/svg+xml 63.250.43.137
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/qrl-ver-A4288F3F0CE7F5C60C76A005C363B0A2.svg

Requested by

Host: maffuall.work
URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/

Protocol

HTTP/1.1

Server

63.250.43.137 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-florina.easywp.com

Software

nginx /

Resource Hash

9d0ce0dd87e2d9bc4171914be7b288f8388ce7c26dc58e0a465a82760e899914

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 08:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 21761
x-cache: HIT
content-length: 849
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Dec 2022 12:35:13 GMT
server: nginx
etag: W/"63a5a081-7df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK qrlhint-ver-916FDE8A4CA8095FC339D6829D7D6723.png
maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/ Frame 3926 44 KB
44 KB 171ms
170ms Image
image/png 63.250.43.137
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/qrlhint-ver-916FDE8A4CA8095FC339D6829D7D6723.png

Requested by

Host: maffuall.work
URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/

Protocol

HTTP/1.1

Server

63.250.43.137 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-florina.easywp.com

Software

nginx /

Resource Hash

fb6ebe23316c03fd8d25e871bfdd9c41eb77e14115f5a01e3e0d97b94617779e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 08:33:13 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 21761
x-cache: HIT
content-length: 44838
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Dec 2022 12:35:13 GMT
server: nginx
etag: "63a5a081-af26"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery-3.js Show response
maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/ Frame 3926 87 KB
31 KB 167ms
166ms Script
application/javascript 63.250.43.137
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/jquery-3.js

Requested by

Host: maffuall.work
URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/

Protocol

HTTP/1.1

Server

63.250.43.137 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-florina.easywp.com

Software

nginx /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 08:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 21761
x-cache: HIT
content-length: 30950
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Dec 2022 12:35:13 GMT
server: nginx
etag: W/"63a5a081-15d84"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK wicket-ajax-jquery-ver-4D09ABFD59C4D1E8C40853E2941D8163.js Show response
maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/ Frame 3926 27 KB
9 KB 169ms
168ms Script
application/javascript 63.250.43.137
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/wicket-ajax-jquery-ver-4D09ABFD59C4D1E8C40853E2941D8163.js

Requested by

Host: maffuall.work
URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/

Protocol

HTTP/1.1

Server

63.250.43.137 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-florina.easywp.com

Software

nginx /

Resource Hash

01c98d0b42ebc6e82182aa60eef96a377a82208b0a5c34f3cae929751276b5fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 08:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 21761
x-cache: HIT
content-length: 8224
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Dec 2022 12:35:13 GMT
server: nginx
etag: W/"63a5a081-6a9e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK busy-ver-C331575AF308054F00673A92BCB41217.js Show response
maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/ Frame 3926 7 KB
3 KB 170ms
168ms Script
application/javascript 63.250.43.137
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/busy-ver-C331575AF308054F00673A92BCB41217.js

Requested by

Host: maffuall.work
URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/

Protocol

HTTP/1.1

Server

63.250.43.137 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-florina.easywp.com

Software

nginx /

Resource Hash

76c784ae844d93674c22dd9ca5124e99f04e00363f5381e79e44a40e8f440bfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 08:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 21761
x-cache: HIT
content-length: 2010
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Dec 2022 12:35:13 GMT
server: nginx
etag: W/"63a5a081-1bed"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK main.js Show response
maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/ Frame 3926 420 KB
105 KB 172ms
171ms Script
application/javascript 63.250.43.137
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/main.js

Requested by

Host: maffuall.work
URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/

Protocol

HTTP/1.1

Server

63.250.43.137 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-florina.easywp.com

Software

nginx /

Resource Hash

bc872a6a4c9a3d0c34a7f387b930bca9353c96037a25b7dc82955c461ee45345

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 08:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 21761
x-cache: HIT
content-length: 106860
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Dec 2022 12:35:13 GMT
server: nginx
etag: W/"63a5a081-68f12"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK webtrekk_v4.js Show response
maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/ Frame 3926 63 KB
20 KB 171ms
170ms Script
application/javascript 63.250.43.137
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/webtrekk_v4.js

Requested by

Host: maffuall.work
URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/

Protocol

HTTP/1.1

Server

63.250.43.137 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-florina.easywp.com

Software

nginx /

Resource Hash

b5830f800a89c19deb7763881cabba52e7b617ea74b983aa4f8a95bb06b83454

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 08:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 21761
x-cache: HIT
content-length: 19368
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Dec 2022 12:35:13 GMT
server: nginx
etag: W/"63a5a081-fbd1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bundle.js Show response
maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/ Frame 3926 619 KB
167 KB 169ms
167ms Script
application/javascript 63.250.43.137
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/bundle.js

Requested by

Host: maffuall.work
URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/

Protocol

HTTP/1.1

Server

63.250.43.137 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-florina.easywp.com

Software

nginx /

Resource Hash

3b513c80e1570b67f86e93227a47ef058ff7ecb5a0254df411d14e3c7be81603

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 08:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 21761
x-cache: HIT
content-length: 170603
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Dec 2022 12:35:13 GMT
server: nginx
etag: W/"63a5a081-9ade5"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK SuppressJavascriptConsoleBehavior-ver-1EA60D9506B6FAC9D0B9E6C.js Show response
maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/ Frame 3926 103 B
749 B 168ms
167ms Script
application/javascript 63.250.43.137
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/SuppressJavascriptConsoleBehavior-ver-1EA60D9506B6FAC9D0B9E6C.js

Requested by

Host: maffuall.work
URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/

Protocol

HTTP/1.1

Server

63.250.43.137 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-florina.easywp.com

Software

nginx /

Resource Hash

73a5f7c390a84dd606e6211a774af311bc3ce5be35ec6bba7f23ad591bc46a11

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 08:33:13 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 21761
x-cache: HIT
content-length: 103
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Dec 2022 12:35:13 GMT
server: nginx
etag: "63a5a081-67"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: application/javascript
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET

/
helpotus.com/ Frame 3926
Redirect Chain

http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/w/r/tssV3vNFVypuDO4q6CZvTqxO8zVczbxBr7eENRPMjGtKp62OBiqmyLohiMrI5BqpXCs62GFSuwLYFzfHyJqE6M5Y9M03xyVRIJI3E6FvWX5N...
https://helpotus.com/?s=maffuall.work

0
0

GET

/
helpotus.com/ Frame 3926
Redirect Chain

http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/w/r/tssV3vNFVypuDO4q6CZvTqxO8zVczbxBr7eENRPMjGtKp62OBiqmyLohiMrI5BqpXCs62GFSuwLYFzfHyJqE6M5Y9M03xyVRIJI3E6FvWX5N...
https://helpotus.com/?s=maffuall.work

0
0

GET cross-domain-bridge.html
maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/ Frame 77F9 0
0

GET
H3 200 languages.json Show response
api.usercentrics.eu/settings/oAoDY7kHB/latest/ Frame 3926 61 B
100 B 20ms
20ms Fetch
application/json 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/oAoDY7kHB/latest/languages.json

Requested by

Host: maffuall.work
URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

dc8343dae24291634bf1aec40cb6794f860bc2b1d28f0ab683854cced24619a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: http://maffuall.work/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json

Response headers

date: Wed, 28 Dec 2022 14:35:54 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1
x-client-geo-location: FR,
x-guploader-uploadid: ADPycdv4NQ4pXiNDmyV8dmBcmTM7xxXbDxAhILAksxhQkFONaH3QuRadyMw73qiO2zZ85evhwoMzZiLdV3YbZk3caE25aoif7WKy
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67
last-modified: Mon, 05 Dec 2022 07:42:33 GMT
server: UploadServer
etag: "da13a9b5363ff28c20e52e67131f24fd"
vary: Accept-Encoding
x-goog-generation: 1670226153680072
x-goog-hash: crc32c=u6slow==, md5=2hOptTY/8owg5S5nEx8k/Q==
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=1800, s-maxage=10
x-goog-stored-content-length: 67
accept-ranges: bytes
content-type: application/json
expires: Wed, 28 Dec 2022 14:36:04 GMT

OPTIONS
H3 200 languages.json
api.usercentrics.eu/settings/oAoDY7kHB/latest/ Frame 0
0 34ms
33ms Preflight
text/html 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/oAoDY7kHB/latest/languages.json

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://maffuall.work
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 28 Dec 2022 14:35:55 GMT
expires: Wed, 28 Dec 2022 14:35:55 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: FR,
x-guploader-uploadid: ADPycdvpaB4u9V7OjPG92-_oY76vhHFNDk0dfF9d29aZH48brHwHODZO82YDViVrAjYakghhcT8OUA93luq0mWNN2pfI8ZJXFZwA

GET
H3 200 dps-de.json Show response
api.usercentrics.eu/settings/oAoDY7kHB/latest/ Frame 3926 4 KB
926 B 21ms
21ms Fetch
application/json 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/oAoDY7kHB/latest/dps-de.json

Requested by

Host: maffuall.work
URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

6255fc0e2696d1467de2307bb103e9f3824785448a10b843dbba016f4923b929

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: http://maffuall.work/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json

Response headers

date: Wed, 28 Dec 2022 14:35:54 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1
x-client-geo-location: FR,
x-guploader-uploadid: ADPycdtXNa5DzH2DePeMhq6c5r783XQxRBKpbaVVOSGRq_wvvScw907t16xkJ1xnWePN1KuwmCoaCh6efWN_MHQFuORT7q_lS0La
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 893
last-modified: Mon, 05 Dec 2022 07:42:33 GMT
server: UploadServer
etag: "fdc0a7910a6aeb8e0e07eb6252989271"
vary: Accept-Encoding
x-goog-generation: 1670226153653045
x-goog-hash: crc32c=FGDMCw==, md5=/cCnkQpq644OB+tiUpiScQ==
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=1800, s-maxage=10
x-goog-stored-content-length: 893
accept-ranges: bytes
content-type: application/json
expires: Wed, 28 Dec 2022 14:36:04 GMT

OPTIONS
H3 200 dps-de.json
api.usercentrics.eu/settings/oAoDY7kHB/latest/ Frame 0
0 29ms
29ms Preflight
text/html 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/oAoDY7kHB/latest/dps-de.json

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://maffuall.work
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 28 Dec 2022 14:35:55 GMT
expires: Wed, 28 Dec 2022 14:35:55 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: FR,
x-guploader-uploadid: ADPycdu3ZBNVFP0oG079arvSfkpbyIYR3MAgeLEdXfVGlHT8yIy92p6uiSruX436BKAPEz50GdA-FX877vA7_nNw4GORV_gzkx1k

GET
H3 200 core.json Show response
api.usercentrics.eu/settings/oAoDY7kHB/latest/ Frame 3926 1 KB
750 B 19ms
18ms Fetch
application/json 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/oAoDY7kHB/latest/core.json

Requested by

Host: maffuall.work
URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

fef9c4d4b00444664dd069eb5f5a888b9e545d0bed793d0e9eab0a75778b3870

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: http://maffuall.work/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json

Response headers

date: Wed, 28 Dec 2022 14:35:54 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1
x-client-geo-location: FR,
x-guploader-uploadid: ADPycdu9VeDQicldeZUDruK-4ARMFDPWfKwLeAgCNbYmOel2j1SL7J1Ls0CtJoDenVyuC9AzHBfQAmZh0KN41dzK7ixwvPzpM0R3
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 717
last-modified: Mon, 05 Dec 2022 07:42:33 GMT
server: UploadServer
etag: "30b8d1d67de2dce3824aee292497181b"
vary: Accept-Encoding
x-goog-generation: 1670226153649671
x-goog-hash: crc32c=/IJOcA==, md5=MLjR1n3i3OOCSu4pJJcYGw==
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=1800, s-maxage=10
x-goog-stored-content-length: 717
accept-ranges: bytes
content-type: application/json
expires: Wed, 28 Dec 2022 14:36:04 GMT

OPTIONS
H3 200 core.json
api.usercentrics.eu/settings/oAoDY7kHB/latest/ Frame 0
0 29ms
29ms Preflight
text/html 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/oAoDY7kHB/latest/core.json

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://maffuall.work
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 28 Dec 2022 14:35:55 GMT
expires: Wed, 28 Dec 2022 14:35:55 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: FR,
x-guploader-uploadid: ADPycdtpSGsBGAjflcRe5qxvYqJIzmZ5f-T5OnYrBEYMTjH1TGzXjZn0CQ07cfFLm28SWtNFJhFGjk6tvxevq_ij8lovnSoZ35Bj

GET
H2 200 1px.png
app.usercentrics.eu/session/ 489 B
1 KB 64ms
19ms Image
image/png 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.usercentrics.eu/session/1px.png?settingsId=oAoDY7kHB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://maffuall.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 14:29:11 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 404
x-guploader-uploadid: ADPycdtnEIrshPymP6YP3q6D-_lieLeIZeneG2zp3YgUPfMfHPLjmKqH51Wk1TBpdIGUWqsXI1FhZYANA1Mcj5U6_oP5-TyWfX4U
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 522
last-modified: Fri, 08 May 2020 09:06:13 GMT
server: UploadServer
etag: "3702ada73b8951017b8451cbd6a96523"
x-goog-generation: 1588928773413784
x-goog-hash: crc32c=pFwm0Q==, md5=NwKtpzuJUQF7hFHL1qllIw==
content-type: image/png
cache-control: public,max-age=1800,no-transform
x-goog-stored-content-length: 522
accept-ranges: bytes
expires: Wed, 28 Dec 2022 14:59:11 GMT

GET
H3 200 de.json Show response
api.usercentrics.eu/settings/oAoDY7kHB/latest/ 28 KB
8 KB 37ms
37ms Fetch
application/json 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/oAoDY7kHB/latest/de.json

Requested by

Host: maffuall.work
URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

55f35370ae3a477b9c901ceec86626a82ade6cd8450de9379093d8068aecce8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: http://maffuall.work/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json

Response headers

date: Wed, 28 Dec 2022 14:35:55 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 0
x-client-geo-location: FR,
x-guploader-uploadid: ADPycduxO6RIr09gha1wQZcRvqAJgF6ZJWLWBdrn46N-WTc_2hv3bHfZids2ZmL0RkL3lmKI-XXZa1Z7sVuShNTVdmGM-1Gh6fMU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8417
last-modified: Mon, 05 Dec 2022 07:42:33 GMT
server: UploadServer
etag: "c804013c5588535ebb5689862adbe340"
vary: Accept-Encoding
x-goog-generation: 1670226153643720
x-goog-hash: crc32c=UpNJ2g==, md5=yAQBPFWIU167VomGKtvjQA==
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=1800, s-maxage=10
x-goog-stored-content-length: 8417
accept-ranges: bytes
content-type: application/json
expires: Wed, 28 Dec 2022 14:36:05 GMT

OPTIONS
H3 200 de.json
api.usercentrics.eu/settings/oAoDY7kHB/latest/ Frame 0
0 32ms
32ms Preflight
text/html 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/oAoDY7kHB/latest/de.json

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://maffuall.work
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 28 Dec 2022 14:35:55 GMT
expires: Wed, 28 Dec 2022 14:35:55 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: FR,
x-guploader-uploadid: ADPycdtXkED0_oS-7We89J2UKJVRc_s_Qo_0rAG8Upe_ZSRStkn7weYdOca1V92N2UXWrLe7Vn_QJePkQWR6jNqVQ-YZCXvLtA0M

GET
H/1.1 404
Not Found 7963.js
maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/chunks/ 0
0 170ms
170ms Script
text/html 63.250.43.137
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/chunks/7963.js

Requested by

Host: maffuall.work
URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/main.js

Protocol

HTTP/1.1

Server

63.250.43.137 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-florina.easywp.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 14:35:55 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000
server: nginx
age: 0
transfer-encoding: chunked
vary: Accept-Encoding
x-cache: MISS
content-type: text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: helpotus.com
URL: https://helpotus.com/?s=maffuall.work

Domain: helpotus.com
URL: https://helpotus.com/?s=maffuall.work

Domain: helpotus.com
URL: https://helpotus.com/?s=maffuall.work

Domain: helpotus.com
URL: https://helpotus.com/?s=maffuall.work

Domain: maffuall.work
URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/cross-domain-bridge.html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ING Group (Banking)

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ Message: Failed to decode downloaded font: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNunBPIoxnfDCiDPJIr9jC1vYhMYnVHX3RmFyL-VjUn39Et4Pd5yOOeuOGinSEk/webjars/ing-feat-uilib-de/6.5.35/stylesheets/webfonts/INGMeWeb-Bold.html
other	warning	URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ Message: OTS parsing error: Failed to convert WOFF 2.0 font to SFNT
other	warning	URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ Message: Failed to decode downloaded font: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNunBPIoxnfDCiDPJIr9jC1vYhMYnVHX3RmFyL-VjUn39Et4Pd5yOOeuOGinSEk/webjars/ing-feat-uilib-de/6.5.35/stylesheets/webfonts/INGMeWeb-Regular.html
other	warning	URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ Message: OTS parsing error: Failed to convert WOFF 2.0 font to SFNT
javascript	error	URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ Message: Access to XMLHttpRequest at 'https://helpotus.com/?s=maffuall.work' (redirected from 'http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/w/r/tssV3vNFVypuDO4q6CZvTqxO8zVczbxBr7eENRPMjGtKp62OBiqmyLohiMrI5BqpXCs62GFSuwLYFzfHyJqE6M5Y9M03xyVRIJI3E6FvWX5N6ak0sg5voA/webjars/ing-feat-uilib-de/6.5.35/images/dots-ver-EA9B3C619827FD887CE3FFC8153FA257.lottie') from origin 'http://maffuall.work' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://helpotus.com/?s=maffuall.work Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ Message: Access to fetch at 'https://helpotus.com/?s=maffuall.work' (redirected from 'http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/w/r/tssV3vNFVypuDO4q6CZvTqxO8zVczbxBr7eENRPMjGtKp62OBiqmyLohiMrI5BqpXCs62GFSuwLYFzfHyJqE6M5Y9M03xyVRIJI3E6FvWX5N6ak0sg5voA/webjars/ing-feat-uilib-de/6.5.35/images/dots-ver-EA9B3C619827FD887CE3FFC8153FA257.lottie') from origin 'http://maffuall.work' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://helpotus.com/?s=maffuall.work Message: Failed to load resource: net::ERR_FAILED
network	error	URL: http://maffuall.work/well-known/GNI-DE/GNI-DE/DEE/INGDE/21412df0e3990d237a97/clients/ING%20Login_fichiers/chunks/7963.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.usercentrics.eu
app.usercentrics.eu
helpotus.com
maffuall.work
helpotus.com
maffuall.work
2600:1901:0:5987::
2600:1901:0:c07c::
63.250.43.137
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
01c98d0b42ebc6e82182aa60eef96a377a82208b0a5c34f3cae929751276b5fa
08ca3eb2d56d2ac4730bcd56fc57fb2d0a661489d16eb3a408232dc70fa02cd0
12976fc1470cc894e4cde79b4837efb12fcacfc0442fcc9b4d28dc22b6a22e5f
171080b56456b8852b6ed884ac2deac230314d97d82041db16022989942f4f3d
305948d72ce8577a386f77079dacdb6841f18668f64cc7865a196a0624e5b5a8
3b513c80e1570b67f86e93227a47ef058ff7ecb5a0254df411d14e3c7be81603
475f12eb22b72af14086052c4dce2cdd331230ac9041163cfed2f64da530bd42
4a0a7668aaa847d33f49023d0982c6331bc9705cad2586eccb8086a680ef534c
55f35370ae3a477b9c901ceec86626a82ade6cd8450de9379093d8068aecce8b
6255fc0e2696d1467de2307bb103e9f3824785448a10b843dbba016f4923b929
73a5f7c390a84dd606e6211a774af311bc3ce5be35ec6bba7f23ad591bc46a11
76c784ae844d93674c22dd9ca5124e99f04e00363f5381e79e44a40e8f440bfb
963713702294c12c60ee25875eac53286b39cd67cadbdd27fe7048444cab82bb
9d0ce0dd87e2d9bc4171914be7b288f8388ce7c26dc58e0a465a82760e899914
b5830f800a89c19deb7763881cabba52e7b617ea74b983aa4f8a95bb06b83454
bc872a6a4c9a3d0c34a7f387b930bca9353c96037a25b7dc82955c461ee45345
dc8343dae24291634bf1aec40cb6794f860bc2b1d28f0ab683854cced24619a0
e2b9a23aadb46a74b709006a12296ac104ecee06ae090b6e9432f5e3910bc704
e5cb35bd410aba4b717a1cc46814a88b50ff311f9514630dffa3480cb43b92e0
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb6ebe23316c03fd8d25e871bfdd9c41eb77e14115f5a01e3e0d97b94617779e
fe49cb0211e003703da8c87102bbafea69c336a6518fe71c64d7e0ca7d04a690
fef9c4d4b00444664dd069eb5f5a888b9e545d0bed793d0e9eab0a75778b3870

maffuall.work Open in urlscan Pro 63.250.43.137 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

52 Requests

29 %HTTPS

67 %IPv6

3 Domains

4 Subdomains

4 IPs

1 Countries

1220 kBTransfer

5047 kBSize

0 Cookies

0 Outgoing links

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

maffuall.work Open in urlscan Pro
63.250.43.137 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

29 %
HTTPS

67 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

1220 kB
Transfer

5047 kB
Size

0
Cookies

52 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!