mijn.ingappactivatie.nl Open in urlscan Pro
185.201.10.61 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mijn.ingappactivatie.nl/
Effective URL:
https://mijn.ingappactivatie.nl/portal/login
Submission: On May 31 via manual (May 31st 2019, 4:53:26 pm UTC) from NL

Summary HTTP 23 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 23 HTTP transactions. The main IP is 185.201.10.61, located in United States and belongs to AS-HOSTINGER, LT. The main domain is mijn.ingappactivatie.nl.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 31st 2019. Valid for: 3 months.

This is the only time mijn.ingappactivatie.nl was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: ING Group (Banking)

Domain & IP information

	IP Address	AS Autonomous System
4 24	185.201.10.61 185.201.10.61	47583 (AS-HOSTINGER) (AS-HOSTINGER)
3 6	184.31.87.127 184.31.87.127	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
23	2

24 185.201.10.61 (United States) 4 redirects

ASN47583 (AS-HOSTINGER, LT)

mijn.ingappactivatie.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 184.31.87.127 (Netherlands) 3 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a184-31-87-127.deploy.static.akamaitechnologies.com

www.ing.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	ingappactivatie.nl 4 redirects mijn.ingappactivatie.nl	109 KB
6	ing.nl 3 redirects www.ing.nl	1 KB
23	2

	Domain	Requested by
24	mijn.ingappactivatie.nl	4 redirects mijn.ingappactivatie.nl
6	www.ing.nl	3 redirects mijn.ingappactivatie.nl
23	2

This site contains links to these domains. Also see Links.

Domain
inlogcodes.mijn.ing.nl
aanvragen.ing.nl
www.ing.nl

Subject Issuer	Validity	Valid
mijn.ingappactivatie.nl Let's Encrypt Authority X3	`2019-05-31` - `2019-08-29`	3 months	crt.sh
www.ing.nl Entrust Certification Authority - L1M	`2019-03-29` - `2021-04-30`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://mijn.ingappactivatie.nl/portal/login
Frame ID: ABE598BA0FE4CD620D47B35FD6776B07
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://mijn.ingappactivatie.nl/ HTTP 302
https://mijn.ingappactivatie.nl/portal/login Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

23
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

109 kB
Transfer

203 kB
Size

1
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://inlogcodes.mijn.ing.nl/particulier/zelf-regelen/instellen/inlogcodes/index.jsp
Title: Wachtwoord en/of gebruikersnaam vergeten?

Search URL Search Domain Scan URL

URL: https://aanvragen.ing.nl/particulier/aanvragen/aanvraagframe.html
Title: Mijn ING Particulier aanvragen

Search URL Search Domain Scan URL

URL: https://www.ing.nl/zakelijk/internetbankieren/internetbankieren/mijn-ing-zakelijk/mijn-ing-zakelijk-aanvragen/index.html
Title: Mijn ING Zakelijk aanvragen

Search URL Search Domain Scan URL

URL: https://www.ing.nl/particulier/klantenservice/index.html
Title: Contact met ING Particulier

Search URL Search Domain Scan URL

URL: https://www.ing.nl/zakelijk/klantenservice/contact/index.html
Title: Contact met ING Zakelijk

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mijn.ingappactivatie.nl/ HTTP 302
https://mijn.ingappactivatie.nl/portal/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://mijn.ingappactivatie.nl/login/assets/images/icons/menu-close.svg HTTP 302
https://www.ing.nl/ HTTP 301
https://www.ing.nl/particulier/index.html

Request Chain 3

https://mijn.ingappactivatie.nl/login/assets/images/illustratie_algemenestoring.png HTTP 302
https://www.ing.nl/ HTTP 301
https://www.ing.nl/particulier/index.html

Request Chain 4

https://mijn.ingappactivatie.nl/login/assets/images/icons/arrow-chevron-open-right.svg HTTP 302
https://www.ing.nl/ HTTP 301
https://www.ing.nl/particulier/index.html

23 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login Show response mijn.ingappactivatie.nl/portal/ Redirect Chain https://mijn.ingappactivatie.nl/ https://mijn.ingappactivatie.nl/portal/login	10 KB 2 KB	131ms 131ms	Document text/html	185.201.10.61 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://mijn.ingappactivatie.nl/portal/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.201.10.61 , United States, ASN47583 (AS-HOSTINGER, LT), Reverse DNS Software / PHP/7.2.17 Resource Hash `a5e8dd3f52835047245467bcc00fc9147d1b65355774e82596b65e2dff61ff1b` Request headers :method GET :authority mijn.ingappactivatie.nl :scheme https :path /portal/login pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 accept-encoding gzip, deflate, br cookie PHPSESSID=6d32b4b62fa34a00ea758c69b011978e Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 x-powered-by PHP/7.2.17 expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache content-type text/html; charset=UTF-8 content-encoding br vary Accept-Encoding date Fri, 31 May 2019 16:53:06 GMT alt-svc quic=":443"; ma=2592000; v="35,39,43,44" Redirect headers status 302 x-powered-by PHP/7.2.17 set-cookie PHPSESSID=6d32b4b62fa34a00ea758c69b011978e; path=/ expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-cache, no-store, must-revalidate, max-age=0 pragma no-cache location /portal/login content-type text/html; charset=UTF-8 content-length 0 date Fri, 31 May 2019 16:53:06 GMT alt-svc quic=":443"; ma=2592000; v="35,39,43,44"
GET H2	200	ing-logo.svg mijn.ingappactivatie.nl/public/iznzg/images/svg/	11 KB 5 KB	120ms 118ms	Image image/svg+xml	185.201.10.61 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://mijn.ingappactivatie.nl/public/iznzg/images/svg/ing-logo.svg Requested by Host: mijn.ingappactivatie.nl URL: https://mijn.ingappactivatie.nl/portal/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.201.10.61 , United States, ASN47583 (AS-HOSTINGER, LT), Reverse DNS Software / Resource Hash `0112b42c9e5b4fd46836aad6ad032bb82cc80af2f4236eaeb39dca8f441e4a87` Request headers Referer https://mijn.ingappactivatie.nl/portal/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 31 May 2019 16:53:06 GMT content-encoding br last-modified Fri, 31 May 2019 11:26:48 GMT etag "2ddf-5cf10f78-d9121e8615be88ae;br" vary Accept-Encoding content-type image/svg+xml status 200 cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 4613 expires Fri, 07 Jun 2019 16:53:06 GMT
GET H/1.1	200 OK	index.html www.ing.nl/particulier/ Redirect Chain https://mijn.ingappactivatie.nl/login/assets/images/icons/menu-close.svg https://www.ing.nl/ https://www.ing.nl/particulier/index.html	0 0	58ms 57ms	Image text/html	184.31.87.127 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.ing.nl/particulier/index.html Requested by Host: mijn.ingappactivatie.nl URL: https://mijn.ingappactivatie.nl/portal/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 184.31.87.127 , Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a184-31-87-127.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://mijn.ingappactivatie.nl/portal/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Redirect headers Date Fri, 31 May 2019 16:53:06 GMT X-Content-Type-Options nosniff Server AkamaiGHost X-Frame-Options SAMEORIGIN Location https://www.ing.nl/particulier/index.html Connection keep-alive Strict-Transport-Security max-age=31622400; includeSubDomains Content-Length 0 X-XSS-Protection 1; mode=block
GET H2	200	arrow-chevron-open-right.svg mijn.ingappactivatie.nl/public/iznzg/images/	366 B 308 B	132ms 131ms	Image image/svg+xml	185.201.10.61 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://mijn.ingappactivatie.nl/public/iznzg/images/arrow-chevron-open-right.svg Requested by Host: mijn.ingappactivatie.nl URL: https://mijn.ingappactivatie.nl/portal/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.201.10.61 , United States, ASN47583 (AS-HOSTINGER, LT), Reverse DNS Software / Resource Hash `c40c32284db736cf15432a4da1684b391bb82d244589b2001f83a4cbd8e984bb` Request headers Referer https://mijn.ingappactivatie.nl/portal/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 31 May 2019 16:53:06 GMT content-encoding br last-modified Fri, 31 May 2019 11:23:39 GMT etag "16e-5cf10ebb-8e4a7b251535d6e3;br" vary Accept-Encoding content-type image/svg+xml status 200 cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 225 expires Fri, 07 Jun 2019 16:53:06 GMT
GET H/1.1	200 OK	index.html www.ing.nl/particulier/ Redirect Chain https://mijn.ingappactivatie.nl/login/assets/images/illustratie_algemenestoring.png https://www.ing.nl/ https://www.ing.nl/particulier/index.html	0 0	60ms 60ms	Image text/html	184.31.87.127 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.ing.nl/particulier/index.html Requested by Host: mijn.ingappactivatie.nl URL: https://mijn.ingappactivatie.nl/portal/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 184.31.87.127 , Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a184-31-87-127.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://mijn.ingappactivatie.nl/portal/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Redirect headers Date Fri, 31 May 2019 16:53:06 GMT X-Content-Type-Options nosniff Server AkamaiGHost X-Frame-Options SAMEORIGIN Location https://www.ing.nl/particulier/index.html Connection keep-alive Strict-Transport-Security max-age=31622400; includeSubDomains Content-Length 0 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	index.html www.ing.nl/particulier/ Redirect Chain https://mijn.ingappactivatie.nl/login/assets/images/icons/arrow-chevron-open-right.svg https://www.ing.nl/ https://www.ing.nl/particulier/index.html	0 0	59ms 59ms	Image text/html	184.31.87.127 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.ing.nl/particulier/index.html Requested by Host: mijn.ingappactivatie.nl URL: https://mijn.ingappactivatie.nl/portal/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 184.31.87.127 , Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a184-31-87-127.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://mijn.ingappactivatie.nl/portal/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Redirect headers Date Fri, 31 May 2019 16:53:06 GMT X-Content-Type-Options nosniff Server AkamaiGHost X-Frame-Options SAMEORIGIN Location https://www.ing.nl/particulier/index.html Connection keep-alive Strict-Transport-Security max-age=31622400; includeSubDomains Content-Length 0 X-XSS-Protection 1; mode=block
GET H2	200	main.css mijn.ingappactivatie.nl/public/iznzg/css/	17 KB 4 KB	132ms 130ms	Stylesheet text/css	185.201.10.61 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://mijn.ingappactivatie.nl/public/iznzg/css/main.css?rev=0.7.0 Requested by Host: mijn.ingappactivatie.nl URL: https://mijn.ingappactivatie.nl/portal/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.201.10.61 , United States, ASN47583 (AS-HOSTINGER, LT), Reverse DNS Software / Resource Hash `705807587659d130661a614c622c2ce3de64412979e83daaaf7ac49a7d913b4a` Request headers Referer https://mijn.ingappactivatie.nl/portal/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 31 May 2019 16:53:06 GMT content-encoding br last-modified Fri, 31 May 2019 11:23:29 GMT etag "42fe-5cf10eb1-3399557d98177419;br" vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 3747 expires Fri, 07 Jun 2019 16:53:06 GMT
GET H2	200	jquery-3.3.1.min.js Show response mijn.ingappactivatie.nl/public/iznzg/js/	85 KB 29 KB	132ms 131ms	Script application/x-javascript	185.201.10.61 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://mijn.ingappactivatie.nl/public/iznzg/js/jquery-3.3.1.min.js Requested by Host: mijn.ingappactivatie.nl URL: https://mijn.ingappactivatie.nl/portal/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.201.10.61 , United States, ASN47583 (AS-HOSTINGER, LT), Reverse DNS Software / Resource Hash `160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef` Request headers Referer https://mijn.ingappactivatie.nl/portal/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 31 May 2019 16:53:06 GMT content-encoding br last-modified Fri, 31 May 2019 11:23:50 GMT etag "1538f-5cf10ec6-e6b90ffd0edae364;br" vary Accept-Encoding content-type application/x-javascript status 200 cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 29708 expires Fri, 07 Jun 2019 16:53:06 GMT
GET H2	200	811383197.svg mijn.ingappactivatie.nl/public/iznzg/css/css-resources/	21 KB 9 KB	119ms 119ms	Image image/svg+xml	185.201.10.61 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://mijn.ingappactivatie.nl/public/iznzg/css/css-resources/811383197.svg Requested by Host: mijn.ingappactivatie.nl URL: https://mijn.ingappactivatie.nl/portal/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.201.10.61 , United States, ASN47583 (AS-HOSTINGER, LT), Reverse DNS Software / Resource Hash `3e5c9215408174cff78c491ad0cd933f2cf7c21bdaf61d71abac85e49f901fd2` Request headers Referer https://mijn.ingappactivatie.nl/public/iznzg/css/main.css?rev=0.7.0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 31 May 2019 16:53:06 GMT content-encoding br last-modified Fri, 31 May 2019 11:26:31 GMT etag "5346-5cf10f67-605c0d53daba16e6;br" vary Accept-Encoding content-type image/svg+xml status 200 cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 9172 expires Fri, 07 Jun 2019 16:53:06 GMT
GET H2	200	1224525800.woff2 mijn.ingappactivatie.nl/public/iznzg/css/css-resources/	30 KB 30 KB	127ms 126ms	Font font/woff2	185.201.10.61 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://mijn.ingappactivatie.nl/public/iznzg/css/css-resources/1224525800.woff2 Requested by Host: mijn.ingappactivatie.nl URL: https://mijn.ingappactivatie.nl/portal/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.201.10.61 , United States, ASN47583 (AS-HOSTINGER, LT), Reverse DNS Software / Resource Hash `3a135f82b209a59959b162a1fbc9b0b38856d1332af286f86046b06357b3811e` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://mijn.ingappactivatie.nl/public/iznzg/css/main.css?rev=0.7.0 Origin https://mijn.ingappactivatie.nl Response headers date Fri, 31 May 2019 16:53:06 GMT last-modified Fri, 31 May 2019 11:26:15 GMT etag "76f8-5cf10f57-b96c135b883c52de;;;" content-type font/woff2 status 200 cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 30456 expires Fri, 07 Jun 2019 16:53:06 GMT
GET H2	200	_388920554.woff2 mijn.ingappactivatie.nl/public/iznzg/css/css-resources/	29 KB 29 KB	127ms 126ms	Font font/woff2	185.201.10.61 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://mijn.ingappactivatie.nl/public/iznzg/css/css-resources/_388920554.woff2 Requested by Host: mijn.ingappactivatie.nl URL: https://mijn.ingappactivatie.nl/portal/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.201.10.61 , United States, ASN47583 (AS-HOSTINGER, LT), Reverse DNS Software / Resource Hash `f74c344733a85af20d2754b208f12309e2a30c591795d0881cb0ad94c4be6155` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://mijn.ingappactivatie.nl/public/iznzg/css/main.css?rev=0.7.0 Origin https://mijn.ingappactivatie.nl Response headers date Fri, 31 May 2019 16:53:06 GMT last-modified Fri, 31 May 2019 11:26:36 GMT etag "73b0-5cf10f6c-59625a4dace97c57;;;" content-type font/woff2 status 200 cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 29616 expires Fri, 07 Jun 2019 16:53:06 GMT
POST H2	200	heartbeat Show response mijn.ingappactivatie.nl/	0 50 B	120ms 120ms	XHR text/html	185.201.10.61 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://mijn.ingappactivatie.nl/heartbeat Requested by Host: mijn.ingappactivatie.nl URL: https://mijn.ingappactivatie.nl/public/iznzg/js/jquery-3.3.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.201.10.61 , United States, ASN47583 (AS-HOSTINGER, LT), Reverse DNS Software / PHP/7.2.17 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept application/json, text/javascript, /; q=0.01 Referer https://mijn.ingappactivatie.nl/portal/login Origin https://mijn.ingappactivatie.nl X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Fri, 31 May 2019 16:53:07 GMT x-powered-by PHP/7.2.17 content-type text/html; charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H2	200	heartbeat Show response mijn.ingappactivatie.nl/	0 50 B	144ms 143ms	XHR text/html	185.201.10.61 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://mijn.ingappactivatie.nl/heartbeat Requested by Host: mijn.ingappactivatie.nl URL: https://mijn.ingappactivatie.nl/public/iznzg/js/jquery-3.3.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.201.10.61 , United States, ASN47583 (AS-HOSTINGER, LT), Reverse DNS Software / PHP/7.2.17 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept application/json, text/javascript, /; q=0.01 Referer https://mijn.ingappactivatie.nl/portal/login Origin https://mijn.ingappactivatie.nl X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Fri, 31 May 2019 16:53:09 GMT x-powered-by PHP/7.2.17 content-type text/html; charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H2	200	heartbeat Show response mijn.ingappactivatie.nl/	0 50 B	155ms 155ms	XHR text/html	185.201.10.61 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://mijn.ingappactivatie.nl/heartbeat Requested by Host: mijn.ingappactivatie.nl URL: https://mijn.ingappactivatie.nl/public/iznzg/js/jquery-3.3.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.201.10.61 , United States, ASN47583 (AS-HOSTINGER, LT), Reverse DNS Software / PHP/7.2.17 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept application/json, text/javascript, /; q=0.01 Referer https://mijn.ingappactivatie.nl/portal/login Origin https://mijn.ingappactivatie.nl X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Fri, 31 May 2019 16:53:10 GMT x-powered-by PHP/7.2.17 content-type text/html; charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H2	200	heartbeat Show response mijn.ingappactivatie.nl/	0 89 B	127ms 126ms	XHR text/html	185.201.10.61 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://mijn.ingappactivatie.nl/heartbeat Requested by Host: mijn.ingappactivatie.nl URL: https://mijn.ingappactivatie.nl/public/iznzg/js/jquery-3.3.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.201.10.61 , United States, ASN47583 (AS-HOSTINGER, LT), Reverse DNS Software / PHP/7.2.17 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept application/json, text/javascript, /; q=0.01 Referer https://mijn.ingappactivatie.nl/portal/login Origin https://mijn.ingappactivatie.nl X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Fri, 31 May 2019 16:53:11 GMT x-powered-by PHP/7.2.17 content-type text/html; charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H2	200	heartbeat Show response mijn.ingappactivatie.nl/	0 90 B	120ms 119ms	XHR text/html	185.201.10.61 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://mijn.ingappactivatie.nl/heartbeat Requested by Host: mijn.ingappactivatie.nl URL: https://mijn.ingappactivatie.nl/public/iznzg/js/jquery-3.3.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.201.10.61 , United States, ASN47583 (AS-HOSTINGER, LT), Reverse DNS Software / PHP/7.2.17 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept application/json, text/javascript, /; q=0.01 Referer https://mijn.ingappactivatie.nl/portal/login Origin https://mijn.ingappactivatie.nl X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Fri, 31 May 2019 16:53:12 GMT x-powered-by PHP/7.2.17 content-type text/html; charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H2	200	heartbeat Show response mijn.ingappactivatie.nl/	0 50 B	563ms 562ms	XHR text/html	185.201.10.61 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://mijn.ingappactivatie.nl/heartbeat Requested by Host: mijn.ingappactivatie.nl URL: https://mijn.ingappactivatie.nl/public/iznzg/js/jquery-3.3.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.201.10.61 , United States, ASN47583 (AS-HOSTINGER, LT), Reverse DNS Software / PHP/7.2.17 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept application/json, text/javascript, /; q=0.01 Referer https://mijn.ingappactivatie.nl/portal/login Origin https://mijn.ingappactivatie.nl X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Fri, 31 May 2019 16:53:13 GMT x-powered-by PHP/7.2.17 content-type text/html; charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H2	200	heartbeat Show response mijn.ingappactivatie.nl/	0 90 B	121ms 119ms	XHR text/html	185.201.10.61 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://mijn.ingappactivatie.nl/heartbeat Requested by Host: mijn.ingappactivatie.nl URL: https://mijn.ingappactivatie.nl/public/iznzg/js/jquery-3.3.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.201.10.61 , United States, ASN47583 (AS-HOSTINGER, LT), Reverse DNS Software / PHP/7.2.17 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept application/json, text/javascript, /; q=0.01 Referer https://mijn.ingappactivatie.nl/portal/login Origin https://mijn.ingappactivatie.nl X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Fri, 31 May 2019 16:53:15 GMT x-powered-by PHP/7.2.17 content-type text/html; charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H2	200	heartbeat Show response mijn.ingappactivatie.nl/	0 50 B	127ms 123ms	XHR text/html	185.201.10.61 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://mijn.ingappactivatie.nl/heartbeat Requested by Host: mijn.ingappactivatie.nl URL: https://mijn.ingappactivatie.nl/public/iznzg/js/jquery-3.3.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.201.10.61 , United States, ASN47583 (AS-HOSTINGER, LT), Reverse DNS Software / PHP/7.2.17 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept application/json, text/javascript, /; q=0.01 Referer https://mijn.ingappactivatie.nl/portal/login Origin https://mijn.ingappactivatie.nl X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Fri, 31 May 2019 16:53:16 GMT x-powered-by PHP/7.2.17 content-type text/html; charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H2	200	heartbeat Show response mijn.ingappactivatie.nl/	0 90 B	124ms 121ms	XHR text/html	185.201.10.61 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://mijn.ingappactivatie.nl/heartbeat Requested by Host: mijn.ingappactivatie.nl URL: https://mijn.ingappactivatie.nl/public/iznzg/js/jquery-3.3.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.201.10.61 , United States, ASN47583 (AS-HOSTINGER, LT), Reverse DNS Software / PHP/7.2.17 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept application/json, text/javascript, /; q=0.01 Referer https://mijn.ingappactivatie.nl/portal/login Origin https://mijn.ingappactivatie.nl X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Fri, 31 May 2019 16:53:17 GMT x-powered-by PHP/7.2.17 content-type text/html; charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H2	200	heartbeat Show response mijn.ingappactivatie.nl/	0 90 B	127ms 125ms	XHR text/html	185.201.10.61 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://mijn.ingappactivatie.nl/heartbeat Requested by Host: mijn.ingappactivatie.nl URL: https://mijn.ingappactivatie.nl/public/iznzg/js/jquery-3.3.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.201.10.61 , United States, ASN47583 (AS-HOSTINGER, LT), Reverse DNS Software / PHP/7.2.17 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept application/json, text/javascript, /; q=0.01 Referer https://mijn.ingappactivatie.nl/portal/login Origin https://mijn.ingappactivatie.nl X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Fri, 31 May 2019 16:53:18 GMT x-powered-by PHP/7.2.17 content-type text/html; charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H2	200	heartbeat Show response mijn.ingappactivatie.nl/	0 89 B	130ms 130ms	XHR text/html	185.201.10.61 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://mijn.ingappactivatie.nl/heartbeat Requested by Host: mijn.ingappactivatie.nl URL: https://mijn.ingappactivatie.nl/public/iznzg/js/jquery-3.3.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.201.10.61 , United States, ASN47583 (AS-HOSTINGER, LT), Reverse DNS Software / PHP/7.2.17 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept application/json, text/javascript, /; q=0.01 Referer https://mijn.ingappactivatie.nl/portal/login Origin https://mijn.ingappactivatie.nl X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Fri, 31 May 2019 16:53:19 GMT x-powered-by PHP/7.2.17 content-type text/html; charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H2	200	heartbeat Show response mijn.ingappactivatie.nl/	0 50 B	120ms 120ms	XHR text/html	185.201.10.61 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://mijn.ingappactivatie.nl/heartbeat Requested by Host: mijn.ingappactivatie.nl URL: https://mijn.ingappactivatie.nl/public/iznzg/js/jquery-3.3.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.201.10.61 , United States, ASN47583 (AS-HOSTINGER, LT), Reverse DNS Software / PHP/7.2.17 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept application/json, text/javascript, /; q=0.01 Referer https://mijn.ingappactivatie.nl/portal/login Origin https://mijn.ingappactivatie.nl X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Fri, 31 May 2019 16:53:20 GMT x-powered-by PHP/7.2.17 content-type text/html; charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ING Group (Banking)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			mijn.ingappactivatie.nl/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6d32b4b62fa34a00ea758c69b011978e

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mijn.ingappactivatie.nl
www.ing.nl
184.31.87.127
185.201.10.61
0112b42c9e5b4fd46836aad6ad032bb82cc80af2f4236eaeb39dca8f441e4a87
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
3a135f82b209a59959b162a1fbc9b0b38856d1332af286f86046b06357b3811e
3e5c9215408174cff78c491ad0cd933f2cf7c21bdaf61d71abac85e49f901fd2
705807587659d130661a614c622c2ce3de64412979e83daaaf7ac49a7d913b4a
a5e8dd3f52835047245467bcc00fc9147d1b65355774e82596b65e2dff61ff1b
c40c32284db736cf15432a4da1684b391bb82d244589b2001f83a4cbd8e984bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f74c344733a85af20d2754b208f12309e2a30c591795d0881cb0ad94c4be6155

mijn.ingappactivatie.nl Open in urlscan Pro 185.201.10.61 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

109 kBTransfer

203 kBSize

1 Cookies

5 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

1 Cookies

Indicators

mijn.ingappactivatie.nl Open in urlscan Pro
185.201.10.61 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

109 kB
Transfer

203 kB
Size

1
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!