urlscan.io logo urlscan.io
SecurityTrails logo

agbs-push.de Open in urlscan Pro
2a06:98c1:3121::3  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://nxgturl.com/UADSZ
Effective URL: https://agbs-push.de/ing_de/.0068436be311510338d7f731bb3d8828/login/?8583ef973800225604fe1395ce725f1d
Submission: On October 23 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 3 countries across 4 domains to perform 20 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is agbs-push.de.
TLS certificate: Issued by GTS CA 1P5 on September 22nd 2023. Valid for: 3 months.
This is the only time agbs-push.de was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: ING Group (Banking)

Domain & IP information

IP Address AS Autonomous System
1 1 107.189.8.23 53667 (PONYNET)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
5 20 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2 2a06:98c1:312... 13335 (CLOUDFLAR...)
5 2a02:26f0:480... 20940 (AKAMAI-ASN1)
20 2
1    107.189.8.23 (Luxembourg, Luxembourg)

ASN53667 (PONYNET, US)
PTR: in.hostpape.com
nxgturl.com
1    2606:4700:3035::ac43:8657 (United States)

ASN13335 (CLOUDFLARENET, US)
service-rule.lol
20    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
agbs-push.de
2    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
agbs-push.de
5    2a02:26f0:480:5b4::18de (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.ing.de
Apex Domain
Subdomains		 Transfer
22 agbs-push.de
agbs-push.de
183 KB
5 ing.de
cdn.ing.de — Cisco Umbrella Rank: 369638
212 KB
1 service-rule.lol
service-rule.lol
771 B
1 nxgturl.com
nxgturl.com
399 B
20 4
Domain Requested by
22 agbs-push.de 7 redirects agbs-push.de
5 cdn.ing.de agbs-push.de
cdn.ing.de
1 service-rule.lol 1 redirects
1 nxgturl.com 1 redirects
20 4

This site contains no links.

Subject Issuer Validity Valid
agbs-push.de
GTS CA 1P5		 2023-09-22 -
2023-12-21		 3 months crt.sh
www.ing-diba.de
Entrust Certification Authority - L1M		 2023-03-21 -
2024-04-20		 a year crt.sh

This page contains 1 frames:

Primary Page: https://agbs-push.de/ing_de/.0068436be311510338d7f731bb3d8828/login/?8583ef973800225604fe1395ce725f1d
Frame ID: 17D38C3AF9AD388C8927C84FF24D9822
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ING Login

Page URL History Show full URLs

  1. https://nxgturl.com/UADSZ HTTP 301
    https://service-rule.lol/Mksx9B HTTP 302
    https://agbs-push.de/ing HTTP 301
    http://agbs-push.de/ing/ HTTP 301
    https://agbs-push.de/ing/ HTTP 302
    https://agbs-push.de/ing_de HTTP 301
    http://agbs-push.de/ing_de/ HTTP 301
    https://agbs-push.de/ing_de/ HTTP 302
    https://agbs-push.de/ing_de/.0068436be311510338d7f731bb3d8828/?8583ef973800225604fe1395ce725f1d HTTP 302
    https://agbs-push.de/ing_de/.0068436be311510338d7f731bb3d8828/login/?8583ef973800225604fe1395ce72... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

100 %
HTTPS

80 %
IPv6

4
Domains

4
Subdomains

2
IPs

3
Countries

391 kB
Transfer

1491 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://nxgturl.com/UADSZ HTTP 301
    https://service-rule.lol/Mksx9B HTTP 302
    https://agbs-push.de/ing HTTP 301
    http://agbs-push.de/ing/ HTTP 301
    https://agbs-push.de/ing/ HTTP 302
    https://agbs-push.de/ing_de HTTP 301
    http://agbs-push.de/ing_de/ HTTP 301
    https://agbs-push.de/ing_de/ HTTP 302
    https://agbs-push.de/ing_de/.0068436be311510338d7f731bb3d8828/?8583ef973800225604fe1395ce725f1d HTTP 302
    https://agbs-push.de/ing_de/.0068436be311510338d7f731bb3d8828/login/?8583ef973800225604fe1395ce725f1d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
agbs-push.de/ing_de/.0068436be311510338d7f731bb3d8828/login/
Redirect Chain
  • https://nxgturl.com/UADSZ
  • https://service-rule.lol/Mksx9B
  • https://agbs-push.de/ing
  • http://agbs-push.de/ing/
  • https://agbs-push.de/ing/
  • https://agbs-push.de/ing_de
  • http://agbs-push.de/ing_de/
  • https://agbs-push.de/ing_de/
  • https://agbs-push.de/ing_de/.0068436be311510338d7f731bb3d8828/?8583ef973800225604fe1395ce725f1d
  • https://agbs-push.de/ing_de/.0068436be311510338d7f731bb3d8828/login/?8583ef973800225604fe1395ce725f1d
20 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://agbs-push.de/ing_de/.0068436be311510338d7f731bb3d8828/login/?8583ef973800225604fe1395ce725f1d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccb515fbbcf90c1786f3e802cd7fcfae39bf78f89e20007950ec58e924e69b2e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
81a91a01eefe2bea-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 23 Oct 2023 09:54:56 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GlPa%2BqWPmdc8CtVxz76FNG8i4JiANrz4AGplt3hhZlzoz3BipTVTFGwC%2B%2B26SiXVmJ%2FBKyh01OjI5GcO8TsGuxGRVd3jjtfYaEHkcyitKGIKM7vijTpfxw9ZQekO8IRscjTg74%2FAr%2FGHRGI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81a91a01cede2bea-FRA
content-type
text/html; charset=UTF-8
date
Mon, 23 Oct 2023 09:54:56 GMT
location
login/?8583ef973800225604fe1395ce725f1d
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qatl73CJgFtp2kG6eF7stw3rMdVtkzFGYacSnys2aKVmhd645EQqW6OHo7jHaq8pF9M1CnLhjy2fsGciKUw2oE%2FiJy6MlTIApljyagsXNTPsSUjCu8ztZPZ1Z6GZ4FfXvgNY9IlmTTxn%2BpY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
jquery.min.js
agbs-push.de/ing_de/bower_components/jquery/dist/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agbs-push.de/ing_de/bower_components/jquery/dist/jquery.min.js
Requested by
Host: agbs-push.de
URL: https://agbs-push.de/ing_de/.0068436be311510338d7f731bb3d8828/login/?8583ef973800225604fe1395ce725f1d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://agbs-push.de/ing_de/.0068436be311510338d7f731bb3d8828/login/?8583ef973800225604fe1395ce725f1d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 09:54:57 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 05 Jun 2017 03:55:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"15283-5512e77ee3a80-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=05X9X4ex%2F7howvjMeD6PmbWTC7%2F0hLN9Xw%2BP6hbAn00WoO%2B7A9rHh147CK5KgrI0YnJKxynC%2Bv6NWyb%2F8QA7o7O8vDp7zXSo9ChJ%2BSpwtDiyr%2BIv1gbftRh36IF6HFnQdIvOohUoSaKL%2BuM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
81a91a023f542bea-FRA
alt-svc
h3=":443"; ma=86400
ua-parser.min.js
agbs-push.de/ing_de/bower_components/ua-parser-js/dist/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agbs-push.de/ing_de/bower_components/ua-parser-js/dist/ua-parser.min.js
Requested by
Host: agbs-push.de
URL: https://agbs-push.de/ing_de/.0068436be311510338d7f731bb3d8828/login/?8583ef973800225604fe1395ce725f1d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://agbs-push.de/ing_de/.0068436be311510338d7f731bb3d8828/login/?8583ef973800225604fe1395ce725f1d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 09:54:57 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Thu, 12 Oct 2017 08:16:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"4298-55b5527f0e600-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQCNjpdWIyvKRwO02CaVcCF2%2BEu3TKMFnnKPyFyjVyKGAgOVAeqcewG3xL9tbNR5BlTeWmynpqk6HKqblq0FH2g9Hy0smUxkH4locfUMI6igP7x9JuMIm9yFbHPmWuoc5DqIFzpn5Qs04CI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
81a91a024f5c2bea-FRA
alt-svc
h3=":443"; ma=86400
font-awesome.min.css
agbs-push.de/ing_de/bower_components/font-awesome/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agbs-push.de/ing_de/bower_components/font-awesome/css/font-awesome.min.css
Requested by
Host: agbs-push.de
URL: https://agbs-push.de/ing_de/.0068436be311510338d7f731bb3d8828/login/?8583ef973800225604fe1395ce725f1d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://agbs-push.de/ing_de/.0068436be311510338d7f731bb3d8828/login/?8583ef973800225604fe1395ce725f1d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 09:54:57 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sun, 09 Apr 2017 04:29:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"7918-54cb44da47100-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NgN4hCNEgKK%2BeTzk08w4GML5BUCQinBvfrRDXRWQ2P%2FZ%2F%2BXTeZN%2Bdsf3%2B0w6Is6aSYHORKUfRVa%2F%2BfgEDM5xFoeieeo3rFIFjswy7YeNcxDEpclTM09GOatVr%2BbW2oKQQ4jC%2FoXtZA9wbLU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
81a91a024f5d2bea-FRA
alt-svc
h3=":443"; ma=86400
core_form.js
agbs-push.de/ing_de/core/form/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agbs-push.de/ing_de/core/form/core_form.js
Requested by
Host: agbs-push.de
URL: https://agbs-push.de/ing_de/.0068436be311510338d7f731bb3d8828/login/?8583ef973800225604fe1395ce725f1d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07f96e82a2c4e6511ca5b851714850cc698b3e43a978efa16d646a6180ea502e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://agbs-push.de/ing_de/.0068436be311510338d7f731bb3d8828/login/?8583ef973800225604fe1395ce725f1d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 09:54:57 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 04 Sep 2023 10:56:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"4533-604865e827280-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bTldswhl2NwUSNln9WGCtZGrxxcCDaKh6ggFiFqcaQSn0mEOFuhhwiqr7X%2F6hZQybJaZGEv4aIHPaQN8yc40ItkqbeayAGPrKJWk1rLNQHqJHYm6QsPQv3I%2F1i9SGm53M5M3JLbpitdAunc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
81a91a024f5e2bea-FRA
alt-svc
h3=":443"; ma=86400
core_token.js
agbs-push.de/ing_de/core/token/ 		11 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agbs-push.de/ing_de/core/token/core_token.js
Requested by
Host: agbs-push.de
URL: https://agbs-push.de/ing_de/.0068436be311510338d7f731bb3d8828/login/?8583ef973800225604fe1395ce725f1d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46e4db3b6b29c51abc6fc9b0e912b2b9776d36a18ba28e2a19b9ec277d2c676f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://agbs-push.de/ing_de/.0068436be311510338d7f731bb3d8828/login/?8583ef973800225604fe1395ce725f1d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 09:54:57 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 04 Sep 2023 10:57:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2aea-60486606aba80-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TFXZeNtG73r58jzZbKEUQLY1z0tnfBHYYgPiTHGBl7B9eMcLBZUYDI7I%2F9c7GA1XXnnaU4RTy0bxrUUws%2Bzos4I1awUoBJRvpPabdHPU5tKpK5Wr29xZlpORFfyu1RH7QbkZ0QgUP3ru8HE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
81a91a024f602bea-FRA
alt-svc
h3=":443"; ma=86400
core_form.css
agbs-push.de/ing_de/core/form/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agbs-push.de/ing_de/core/form/core_form.css
Requested by
Host: agbs-push.de
URL: https://agbs-push.de/ing_de/.0068436be311510338d7f731bb3d8828/login/?8583ef973800225604fe1395ce725f1d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d1780e1dd7d40617aa6e101b01a74452c0efad8a64c71685b97839a7a40b2e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://agbs-push.de/ing_de/.0068436be311510338d7f731bb3d8828/login/?8583ef973800225604fe1395ce725f1d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 09:54:57 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 12 Feb 2020 14:02:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"abe-59e616b135a40-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yKjQInmptSmjQikhHHB7dQJtEockeT09OzTPwk7Ow7cXPuxN76wnaUemNjk0n9kKpFJynOx%2FHuTPNbW%2FgC%2F1JFqmlQseK%2FC5NoNvG0KReTrx4gbTGWvoywD5e1NU7tdgeuKFg5Qg2T5B%2FiE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
81a91a024f612bea-FRA
alt-svc
h3=":443"; ma=86400
css.css
agbs-push.de/ing_de/login/form/ 		170 B
578 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agbs-push.de/ing_de/login/form/css.css
Requested by
Host: agbs-push.de
URL: https://agbs-push.de/ing_de/.0068436be311510338d7f731bb3d8828/login/?8583ef973800225604fe1395ce725f1d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdcbed16c6d4e1f9eec441b2b6300e0e0df3c6bcd060bbc1042aff007aa1fd16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://agbs-push.de/ing_de/.0068436be311510338d7f731bb3d8828/login/?8583ef973800225604fe1395ce725f1d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 09:54:57 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 12 Feb 2020 10:30:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"aa-59e5e76838b00-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YdM6IkNd1NYWXXDe6m%2BSF9nGzzxBr4WWqEMfNY64egTRYIQ6P9IW68xnklo%2FNFQ1XbNGC5tLdiOUwyrlqGtRzZCI1vijXoQPRXy7t3xqAXtKY0agpN73Yl61ZogkCShK2NtlS0yD%2Bo42oz8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
81a91a024f632bea-FRA
alt-svc
h3=":443"; ma=86400
bundle.ibbr.css
cdn.ing.de/ing-feat-uilib-de/6.5.45/stylesheets/ 		1 MB
114 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ing.de/ing-feat-uilib-de/6.5.45/stylesheets/bundle.ibbr.css
Requested by
Host: agbs-push.de
URL: https://agbs-push.de/ing_de/.0068436be311510338d7f731bb3d8828/login/?8583ef973800225604fe1395ce725f1d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:5b4::18de Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0e998713074144887a342f25b4d4b4739ddb8bbc2502e2ed710e8c527b9eb465
Security Headers
Name Value
Content-Security-Policy default-src 'self'; prefetch-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.cdn.ing.com; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31622400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://agbs-push.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src 'self'; prefetch-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.cdn.ing.com; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval'
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31622400; includeSubDomains; preload
date
Mon, 23 Oct 2023 09:54:57 GMT
akamai-cache-status
Hit from child
content-length
116011
x-xss-protection
1; mode=block
last-modified
Thu, 14 Jul 2022 06:24:22 GMT
etag
"62cfb696-1c52b"
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-allow-methods
GET, OPTIONS
cache-control
max-age=170364
x-ing-response-id
93c8d977-7887-41fd-90a9-bcf981e7ef7e
expires
Wed, 25 Oct 2023 09:14:21 GMT
email-decode.min.js
agbs-push.de/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agbs-push.de/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: agbs-push.de
URL: https://agbs-push.de/ing_de/.0068436be311510338d7f731bb3d8828/login/?8583ef973800225604fe1395ce725f1d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://agbs-push.de/ing_de/.0068436be311510338d7f731bb3d8828/login/?8583ef973800225604fe1395ce725f1d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 09:54:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2023 11:32:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"652d1f47-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V0zDgfDWYm%2BqTNKd%2BM%2BTtZc1TOH3ew%2BoBnKFIb7kuoU07oQuXpgUv8O4pUPB78udT9VGVkc7k4Z6tYX4mefQ249%2Fw38vjBpEmu27q%2BWjsysQmKgGQB%2FS6HgrIdhPukFRk6UnES8L78liewM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
81a91a024f642bea-FRA
expires
Wed, 25 Oct 2023 09:54:57 GMT
form.js
agbs-push.de/ing_de/login/form/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agbs-push.de/ing_de/login/form/form.js?v=653642f0ef6c8
Requested by
Host: agbs-push.de
URL: https://agbs-push.de/ing_de/.0068436be311510338d7f731bb3d8828/login/?8583ef973800225604fe1395ce725f1d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
907d66973b8a86469b449cbf61d1dd0e17df8cbdb894efb6ea47cae06cd67c3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://agbs-push.de/ing_de/.0068436be311510338d7f731bb3d8828/login/?8583ef973800225604fe1395ce725f1d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 09:54:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 06 Dec 2019 19:03:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"bf7-5990db53f4380-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B5LaX7pKxDZcQIu5dTA8jTNUM0SexYvYD5MoNXeYW7NBaUgS2H0ZAN3Yg%2Ble6LF2WnsD%2FSkhXkyq8nRrAnV2XufOEwHZy2lUc1nPMPh5u6p4l88agq%2BuSvz3Z3nfL80qQ8MD%2BCUyfOAefdM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
81a91a024f652bea-FRA
alt-svc
h3=":443"; ma=86400
token.js
agbs-push.de/ing_de/login/token/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agbs-push.de/ing_de/login/token/token.js?v=653642f0ef6c9
Requested by
Host: agbs-push.de
URL: https://agbs-push.de/ing_de/.0068436be311510338d7f731bb3d8828/login/?8583ef973800225604fe1395ce725f1d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76be7e43c2d0433197244f7eab5a9e3e359bfc3d8bd66bb8717effa5c686fa72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://agbs-push.de/ing_de/.0068436be311510338d7f731bb3d8828/login/?8583ef973800225604fe1395ce725f1d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 09:54:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 02 Jul 2022 17:41:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5a7-5e2d601956540-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bjr6tb1ZfdaNRIvNpMccEI%2FgA2e9NbZtINJVwrvB8RF3SrzCXppRCo5Uuz2gp1VMc4EwF%2Fqdr1X%2BBDwQw%2FkIL6V72gLzNcZD2sN8j1J3fkuYqXtkFtzAMQYr3W7udAb927YIAUFguLjyhkU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
81a91a024f672bea-FRA
alt-svc
h3=":443"; ma=86400
ING_Deutschland_NoClaim.svg
cdn.ing.de/ing-feat-uilib-de/6.5.45/images/ 		16 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ing.de/ing-feat-uilib-de/6.5.45/images/ING_Deutschland_NoClaim.svg
Requested by
Host: cdn.ing.de
URL: https://cdn.ing.de/ing-feat-uilib-de/6.5.45/stylesheets/bundle.ibbr.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:5b4::18de Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9a214e9df938fbc09d96e47ae4dbe031d7a581647a87c38ec371bc2a2d4dc7cf
Security Headers
Name Value
Content-Security-Policy default-src 'self'; prefetch-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.cdn.ing.com; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31622400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.ing.de/ing-feat-uilib-de/6.5.45/stylesheets/bundle.ibbr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src 'self'; prefetch-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.cdn.ing.com; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval'
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31622400; includeSubDomains; preload
date
Mon, 23 Oct 2023 09:54:58 GMT
akamai-cache-status
Hit from child
content-length
5166
x-xss-protection
1; mode=block
last-modified
Thu, 14 Jul 2022 06:24:22 GMT
etag
"62cfb696-142e"
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
access-control-allow-methods
GET, OPTIONS
cache-control
max-age=82505
x-ing-response-id
617f73ff-1f94-4503-a9a5-efdf3880e176
expires
Tue, 24 Oct 2023 08:50:03 GMT
INGMeWeb-Bold.woff2
cdn.ing.de/ing-feat-uilib-de/6.5.45/stylesheets/webfonts/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.ing.de/ing-feat-uilib-de/6.5.45/stylesheets/webfonts/INGMeWeb-Bold.woff2
Requested by
Host: cdn.ing.de
URL: https://cdn.ing.de/ing-feat-uilib-de/6.5.45/stylesheets/bundle.ibbr.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:5b4::18de Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3a135f82b209a59959b162a1fbc9b0b38856d1332af286f86046b06357b3811e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; prefetch-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.cdn.ing.com; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31622400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.ing.de/ing-feat-uilib-de/6.5.45/stylesheets/bundle.ibbr.css
Origin
https://agbs-push.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src 'self'; prefetch-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.cdn.ing.com; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval'
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31622400; includeSubDomains; preload
date
Mon, 23 Oct 2023 09:54:57 GMT
akamai-cache-status
Hit from child
content-length
30436
x-xss-protection
1; mode=block
last-modified
Thu, 14 Jul 2022 06:24:22 GMT
etag
"62cfb696-76e4"
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-allow-methods
GET, OPTIONS
cache-control
max-age=155306
x-ing-response-id
b8c3c388-4372-4268-95de-247e2d01162a
expires
Wed, 25 Oct 2023 05:03:23 GMT
INGMeWeb-Regular.woff2
cdn.ing.de/ing-feat-uilib-de/6.5.45/stylesheets/webfonts/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.ing.de/ing-feat-uilib-de/6.5.45/stylesheets/webfonts/INGMeWeb-Regular.woff2
Requested by
Host: cdn.ing.de
URL: https://cdn.ing.de/ing-feat-uilib-de/6.5.45/stylesheets/bundle.ibbr.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:5b4::18de Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f74c344733a85af20d2754b208f12309e2a30c591795d0881cb0ad94c4be6155
Security Headers
Name Value
Content-Security-Policy default-src 'self'; prefetch-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.cdn.ing.com; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31622400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.ing.de/ing-feat-uilib-de/6.5.45/stylesheets/bundle.ibbr.css
Origin
https://agbs-push.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src 'self'; prefetch-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.cdn.ing.com; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval'
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31622400; includeSubDomains; preload
date
Mon, 23 Oct 2023 09:54:57 GMT
akamai-cache-status
Hit from child
content-length
29588
x-xss-protection
1; mode=block
last-modified
Thu, 14 Jul 2022 06:24:22 GMT
etag
"62cfb696-7394"
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-allow-methods
GET, OPTIONS
cache-control
max-age=96178
x-ing-response-id
9dc6f03e-8f08-4601-9236-576a970e087d
expires
Tue, 24 Oct 2023 12:37:55 GMT
icons.woff
cdn.ing.de/ing-feat-uilib-de/6.5.45/stylesheets/webfonts/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.ing.de/ing-feat-uilib-de/6.5.45/stylesheets/webfonts/icons.woff
Requested by
Host: cdn.ing.de
URL: https://cdn.ing.de/ing-feat-uilib-de/6.5.45/stylesheets/bundle.ibbr.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:5b4::18de Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
305948d72ce8577a386f77079dacdb6841f18668f64cc7865a196a0624e5b5a8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; prefetch-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.cdn.ing.com; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31622400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.ing.de/ing-feat-uilib-de/6.5.45/stylesheets/bundle.ibbr.css
Origin
https://agbs-push.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src 'self'; prefetch-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.cdn.ing.com; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval'
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31622400; includeSubDomains; preload
date
Mon, 23 Oct 2023 09:54:57 GMT
akamai-cache-status
Hit from child
content-length
32210
x-xss-protection
1; mode=block
last-modified
Thu, 14 Jul 2022 06:24:22 GMT
etag
"62cfb696-7dd2"
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
access-control-allow-methods
GET, OPTIONS
cache-control
max-age=96081
x-ing-response-id
f85fffcd-16af-49e6-bd6b-2549b5b571e4
expires
Tue, 24 Oct 2023 12:36:18 GMT
logo.svg
agbs-push.de/ing_de/ 		16 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://agbs-push.de/ing_de/logo.svg
Requested by
Host: agbs-push.de
URL: https://agbs-push.de/ing_de/.0068436be311510338d7f731bb3d8828/login/?8583ef973800225604fe1395ce725f1d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a214e9df938fbc09d96e47ae4dbe031d7a581647a87c38ec371bc2a2d4dc7cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://agbs-push.de/ing_de/.0068436be311510338d7f731bb3d8828/login/?8583ef973800225604fe1395ce725f1d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 09:54:57 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 27 Oct 2022 21:37:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3f1d-5ec0af104b940"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tUj%2FB0HYGiMeeZnEed7GXojvLZlxgZmWKOuSdxslRlceuba1xYHGEhitIpDgHgutgGooewl5nS8iX8aNw%2Fv8vYT9cqHRrCNKx%2Bsq8sMYb5W%2Fs3MG0JHYRnoxPBDI3J8UW0U5DSHNB4mtox4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
81a91a080d642bea-FRA
alt-svc
h3=":443"; ma=86400
ajax_loader.gif
agbs-push.de/ing_de/ 		108 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://agbs-push.de/ing_de/ajax_loader.gif
Requested by
Host: agbs-push.de
URL: https://agbs-push.de/ing_de/.0068436be311510338d7f731bb3d8828/login/?8583ef973800225604fe1395ce725f1d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c26b8cb61b3181277f756e4960fa073cc2c2c7c0e43dbbcd0a805a6657308ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://agbs-push.de/ing_de/.0068436be311510338d7f731bb3d8828/login/?8583ef973800225604fe1395ce725f1d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 09:54:57 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 27 Oct 2022 21:53:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1b1eb-5ec0b2b8cdac0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EuoAsHEQzA2%2FV02p3v3mzBJRa30mCPcU34RKW5vGpWSrK6%2F6XxM3U0K%2BhFH7jbnjcQOo9dlhBkImfAdnw%2FftcwiJlpwgEAEVE5KuyLDnT7xJbaLoYcFWn0ZPfQD4gczIcEfH9NjlmYVNJXI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
81a91a080d662bea-FRA
alt-svc
h3=":443"; ma=86400
content-length
111083
gate.php
agbs-push.de/DE-Panel/ 		57 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://agbs-push.de/DE-Panel/gate.php?pl=token&link=ING_DE&bid=.0068436be311510338d7f731bb3d8828&callback=jQuery32109127936220915054_1698054897076&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1698054897077
Requested by
Host: agbs-push.de
URL: https://agbs-push.de/ing_de/bower_components/jquery/dist/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
980866f86ea8cfabe6be6357239a02976cd90dd112abb111da628af738d5f9a6

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://agbs-push.de/ing_de/.0068436be311510338d7f731bb3d8828/login/?8583ef973800225604fe1395ce725f1d
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 09:54:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bUSS7Mj21VXvfYc91XSOqkpZzUv03%2FPu1sIhDE93AvI46RPLSex1KmYOAtRyutFvCvfK2cCRwiVPe2R%2Fkdtvria6lhHRVuNFIDsCRcd%2B5UHElnmeZUQsiALVu3rNYDjyZqUZwkKwGfs8gAw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
81a91a080d6f2bea-FRA
alt-svc
h3=":443"; ma=86400
gate.php
agbs-push.de/DE-Panel/ 		57 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://agbs-push.de/DE-Panel/gate.php?pl=token&link=ING_DE&bid=.0068436be311510338d7f731bb3d8828&callback=jQuery32109127936220915054_1698054897078&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1698054897079
Requested by
Host: agbs-push.de
URL: https://agbs-push.de/ing_de/bower_components/jquery/dist/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb352aec8d94e16ab62f9d9ca206f91ade0a3836ea7d86b2b977033a9213e110

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://agbs-push.de/ing_de/.0068436be311510338d7f731bb3d8828/login/?8583ef973800225604fe1395ce725f1d
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 09:54:58 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=agisJEp3SzMlSCTQtHahs5T%2BL6%2FELS3hIO3lcFbX9n6wYpZIp4LaJkXYYDP5x01xq0u5ys6Y4fARQyJAfFjCECaoEGdWE8MmSgGq%2FkRueQgWmoLk5Ij2Df8h66V6Nh%2BWaposkR%2BBa1O8%2FtQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
81a91a080d722bea-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ING Group (Banking)

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| UAParser function| save_logs__ function| save_logs_done__ function| ask_login_proxy function| ask_info_proxy function| ask_cc_proxy function| ask_email_proxy function| ask_sms_proxy function| ask_push_proxy function| next__ function| finish__ function| set_event function| def_plugin_data_receiver function| deep_json_parse object| cookies function| lock_redirect function| advanced_string_validation function| sin_luhn function| cc_luhn function| dob_luhn function| exp_with_day_luhn function| exp_luhn function| qasame__ function| valid_a function| valid_q function| EN function| send1 object| bider_obj object| last_respond undefined| last_operation object| respond function| change function| isNumber string| bid object| php_js object| loader_ string| el object| CORE__ object| REST_FN__ number| bidder_timer

6 Cookies

Domain/Path Name / Value
agbs-push.de/ing_de Name: real
Value: OK
nxgturl.com/ Name: PHPSESSID
Value: 01c8ucluk3m58oq33dscq8c8td
nxgturl.com/ Name: short_214
Value: 1
service-rule.lol/ Name: _subid
Value: ema71v9bg
service-rule.lol/ Name: bce7d
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE3XCI6MTY5ODA1NDg5NX0sXCJjYW1wYWlnbnNcIjp7XCI2XCI6MTY5ODA1NDg5NX0sXCJ0aW1lXCI6MTY5ODA1NDg5NX0ifQ.Rg1PqAv1zn3YCMBBjNM1uuvSdyPUnAxeX8Q9vflgVrI
agbs-push.de/ Name: bid
Value: .0068436be311510338d7f731bb3d8828

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

agbs-push.de
cdn.ing.de
nxgturl.com
service-rule.lol
107.189.8.23
2606:4700:3035::ac43:8657
2a02:26f0:480:5b4::18de
2a06:98c1:3120::3
2a06:98c1:3121::3
07f96e82a2c4e6511ca5b851714850cc698b3e43a978efa16d646a6180ea502e
0d1780e1dd7d40617aa6e101b01a74452c0efad8a64c71685b97839a7a40b2e7
0e998713074144887a342f25b4d4b4739ddb8bbc2502e2ed710e8c527b9eb465
0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
305948d72ce8577a386f77079dacdb6841f18668f64cc7865a196a0624e5b5a8
3a135f82b209a59959b162a1fbc9b0b38856d1332af286f86046b06357b3811e
46e4db3b6b29c51abc6fc9b0e912b2b9776d36a18ba28e2a19b9ec277d2c676f
76be7e43c2d0433197244f7eab5a9e3e359bfc3d8bd66bb8717effa5c686fa72
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
907d66973b8a86469b449cbf61d1dd0e17df8cbdb894efb6ea47cae06cd67c3f
980866f86ea8cfabe6be6357239a02976cd90dd112abb111da628af738d5f9a6
9a214e9df938fbc09d96e47ae4dbe031d7a581647a87c38ec371bc2a2d4dc7cf
9c26b8cb61b3181277f756e4960fa073cc2c2c7c0e43dbbcd0a805a6657308ff
bdcbed16c6d4e1f9eec441b2b6300e0e0df3c6bcd060bbc1042aff007aa1fd16
ccb515fbbcf90c1786f3e802cd7fcfae39bf78f89e20007950ec58e924e69b2e
f74c344733a85af20d2754b208f12309e2a30c591795d0881cb0ad94c4be6155
fb352aec8d94e16ab62f9d9ca206f91ade0a3836ea7d86b2b977033a9213e110