klarna-zahlung2024.app Open in urlscan Pro
188.114.97.3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://klarna-zahlung2024.app/ing
Effective URL:
https://klarna-zahlung2024.app/ing_de/.623759a809526ae653235ef6091a3948/login/?63efb97f8de8b9420301c28c451a92a7
Submission: On April 29 via manual (April 29th 2024, 6:50:00 am UTC) from DE — Scanned from DE

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 22 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is klarna-zahlung2024.app.
TLS certificate: Issued by GTS CA 1P5 on April 25th 2024. Valid for: 3 months.

This is the only time klarna-zahlung2024.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: ING Group (Banking)

Domain & IP information

	IP Address	AS Autonomous System
5 20	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a02:26f0:350... 2a02:26f0:3500:892::18de	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	185.142.178.10 185.142.178.10	48545 (ING-DIBA-...) (ING-DIBA-AG-AS)
22	3

20 188.114.97.3 (Amsterdam, Netherlands) 5 redirects

ASN13335 (CLOUDFLARENET, US)

klarna-zahlung2024.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:3500:892::18de (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.ing.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.142.178.10 (Frankfurt am Main, Germany)

ASN48545 (ING-DIBA-AG-AS, DE)

access.ing.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	klarna-zahlung2024.app 5 redirects klarna-zahlung2024.app	181 KB
7	ing.de cdn.ing.de — Cisco Umbrella Rank: 322565 access.ing.de — Cisco Umbrella Rank: 313424	221 KB
22	2

	Domain	Requested by
20	klarna-zahlung2024.app	5 redirects klarna-zahlung2024.app
5	cdn.ing.de	klarna-zahlung2024.app cdn.ing.de
2	access.ing.de
22	3

This site contains no links.

Subject Issuer	Validity	Valid
klarna-zahlung2024.app GTS CA 1P5	`2024-04-25` - `2024-07-24`	3 months	crt.sh
www.ing-diba.de Entrust Certification Authority - L1M	`2024-03-19` - `2025-04-19`	a year	crt.sh
access.ing.de Entrust Certification Authority - L1M	`2024-04-22` - `2025-04-22`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://klarna-zahlung2024.app/ing_de/.623759a809526ae653235ef6091a3948/login/?63efb97f8de8b9420301c28c451a92a7
Frame ID: 448FA4FB140ED8797434B1D45BEE7723
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ING Login

Page URL History Show full URLs

https://klarna-zahlung2024.app/ing HTTP 301
http://klarna-zahlung2024.app/ing/ HTTP 307
https://klarna-zahlung2024.app/ing/ HTTP 302
https://klarna-zahlung2024.app/ing_de HTTP 301
http://klarna-zahlung2024.app/ing_de/ HTTP 307
https://klarna-zahlung2024.app/ing_de/ HTTP 302
https://klarna-zahlung2024.app/ing_de/.623759a809526ae653235ef6091a3948/?63efb97f8de8b9420301c28c451a92a7 HTTP 302
https://klarna-zahlung2024.app/ing_de/.623759a809526ae653235ef6091a3948/login/?63efb97f8de8b9420301c28c451a... Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

400 kB
Transfer

1498 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://klarna-zahlung2024.app/ing HTTP 301
http://klarna-zahlung2024.app/ing/ HTTP 307
https://klarna-zahlung2024.app/ing/ HTTP 302
https://klarna-zahlung2024.app/ing_de HTTP 301
http://klarna-zahlung2024.app/ing_de/ HTTP 307
https://klarna-zahlung2024.app/ing_de/ HTTP 302
https://klarna-zahlung2024.app/ing_de/.623759a809526ae653235ef6091a3948/?63efb97f8de8b9420301c28c451a92a7 HTTP 302
https://klarna-zahlung2024.app/ing_de/.623759a809526ae653235ef6091a3948/login/?63efb97f8de8b9420301c28c451a92a7 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
klarna-zahlung2024.app/ing_de/.623759a809526ae653235ef6091a3948/login/
Redirect Chain

https://klarna-zahlung2024.app/ing
http://klarna-zahlung2024.app/ing/
https://klarna-zahlung2024.app/ing/
https://klarna-zahlung2024.app/ing_de
http://klarna-zahlung2024.app/ing_de/
https://klarna-zahlung2024.app/ing_de/
https://klarna-zahlung2024.app/ing_de/.623759a809526ae653235ef6091a3948/?63efb97f8de8b9420301c28c451a92a7
https://klarna-zahlung2024.app/ing_de/.623759a809526ae653235ef6091a3948/login/?63efb97f8de8b9420301c28c451a92a7

20 KB
7 KB

88ms
88ms

Document
text/html

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://klarna-zahlung2024.app/ing_de/.623759a809526ae653235ef6091a3948/login/?63efb97f8de8b9420301c28c451a92a7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 283a1b224b74acc7396212b11bf200dd03787cb699b4465e6146c85a11a9eb9f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 87bd5adc48791cc3-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 29 Apr 2024 06:49:55 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4QDJwGotSCIrkb3vxNoRrxgYY7UQ%2BA8TDHkzEIOomL%2B2A6h4Z3r8xquvAf3oqt3iPKT0KzY1dhgNsGcZ6u1AZK%2BYsvddnDGmibOBLVIukhOLxAZ0pIkvC9aW5yCM4V1j3qDrWorARRQz"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 87bd5adbcfdd1cc3-FRA
content-type: text/html; charset=UTF-8
date: Mon, 29 Apr 2024 06:49:55 GMT
location: login/?63efb97f8de8b9420301c28c451a92a7
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cAjh5CrkGTKK0NF0YFq7%2B%2FLUovT0Oxe8XwcH5J7qSRgNZKs4RYKacR7P2pdc3T3BNSmIApBu1HRxVAcsTpd3AV%2FpKor13R8A4zg26EAVUJV%2FYGUCL%2By1K%2FBnZMtaSvfJ6CG7MCMb7LrH"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 jquery.min.js Show response
klarna-zahlung2024.app/ing_de/bower_components/jquery/dist/ 85 KB
31 KB 148ms
147ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://klarna-zahlung2024.app/ing_de/bower_components/jquery/dist/jquery.min.js
Requested by: Host: klarna-zahlung2024.app
URL: https://klarna-zahlung2024.app/ing_de/.623759a809526ae653235ef6091a3948/login/?63efb97f8de8b9420301c28c451a92a7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://klarna-zahlung2024.app/ing_de/.623759a809526ae653235ef6091a3948/login/?63efb97f8de8b9420301c28c451a92a7
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 29 Apr 2024 06:49:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 05 Jun 2017 03:55:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"15283-5512e77ee3a80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ImIP9Vi2YyR0OUZFWRqFa%2F1VCh7AxDqgu91a5I529oUy0A4r%2Fwjs2tc%2FVRV6WYldLajmLHg%2BI35VZSUFCaLmAqsAY2x7DZGh4b6jHnb0Pn6%2BLQaoy6RjAf2NJbEqR5SSzRshgFJpU0hF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 87bd5adce9421cc3-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ua-parser.min.js Show response
klarna-zahlung2024.app/ing_de/bower_components/ua-parser-js/dist/ 17 KB
7 KB 96ms
95ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://klarna-zahlung2024.app/ing_de/bower_components/ua-parser-js/dist/ua-parser.min.js
Requested by: Host: klarna-zahlung2024.app
URL: https://klarna-zahlung2024.app/ing_de/.623759a809526ae653235ef6091a3948/login/?63efb97f8de8b9420301c28c451a92a7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://klarna-zahlung2024.app/ing_de/.623759a809526ae653235ef6091a3948/login/?63efb97f8de8b9420301c28c451a92a7
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 29 Apr 2024 06:49:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2017 08:16:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4298-55b5527f0e600-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jvHHlXFPbNctPJz%2BL7vKoImeuX0jc00iQV%2F2X1pF2ozLlpNR74WAviE5aZsFGJ6C6xrJT4gUKOxAwcREuLUP33mNacwbbhHX%2B6gI5yuRBZbE7t6dDBop%2FU4irmW00GPASllvSVRL2Wzv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 87bd5adce9461cc3-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 font-awesome.min.css
klarna-zahlung2024.app/ing_de/bower_components/font-awesome/css/ 30 KB
7 KB 205ms
204ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://klarna-zahlung2024.app/ing_de/bower_components/font-awesome/css/font-awesome.min.css
Requested by: Host: klarna-zahlung2024.app
URL: https://klarna-zahlung2024.app/ing_de/.623759a809526ae653235ef6091a3948/login/?63efb97f8de8b9420301c28c451a92a7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://klarna-zahlung2024.app/ing_de/.623759a809526ae653235ef6091a3948/login/?63efb97f8de8b9420301c28c451a92a7
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 29 Apr 2024 06:49:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 09 Apr 2017 04:29:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"7918-54cb44da47100-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mIwe3aLj6BRz7IQYsnoZ%2FxIvu%2FgY2KQclE8O47HEFKdd7b7qS9rGlM%2Bzj9RT0pDGeS8C32PJZaRXmnxu%2FkvjZ3bbgIubuWfJyvJVyg4zttYglBYwB5tmK%2BPbCRMaa8KDx1OVcxc4NjgY"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 87bd5adce9471cc3-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 core_form.js Show response
klarna-zahlung2024.app/ing_de/core/form/ 17 KB
5 KB 99ms
97ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://klarna-zahlung2024.app/ing_de/core/form/core_form.js
Requested by: Host: klarna-zahlung2024.app
URL: https://klarna-zahlung2024.app/ing_de/.623759a809526ae653235ef6091a3948/login/?63efb97f8de8b9420301c28c451a92a7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07f96e82a2c4e6511ca5b851714850cc698b3e43a978efa16d646a6180ea502e

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://klarna-zahlung2024.app/ing_de/.623759a809526ae653235ef6091a3948/login/?63efb97f8de8b9420301c28c451a92a7
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 29 Apr 2024 06:49:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 04 Sep 2023 10:56:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4533-604865e827280-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VRlqnCyXZoxejfX61FiWWkGNuqA%2Buguyrzd1U16beEFxrIsW2HBtwXA1HZIOeKN0uQBGXrfcU%2BCCf24w8QWiXU2iEAlPBhs6HsAkm0Mhk22cUm%2FTSV45iY5%2FcxL4GmnbujEILdq%2FCNxE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 87bd5adce9491cc3-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 core_token.js Show response
klarna-zahlung2024.app/ing_de/core/token/ 11 KB
2 KB 206ms
205ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://klarna-zahlung2024.app/ing_de/core/token/core_token.js
Requested by: Host: klarna-zahlung2024.app
URL: https://klarna-zahlung2024.app/ing_de/.623759a809526ae653235ef6091a3948/login/?63efb97f8de8b9420301c28c451a92a7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46e4db3b6b29c51abc6fc9b0e912b2b9776d36a18ba28e2a19b9ec277d2c676f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://klarna-zahlung2024.app/ing_de/.623759a809526ae653235ef6091a3948/login/?63efb97f8de8b9420301c28c451a92a7
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 29 Apr 2024 06:49:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 04 Sep 2023 10:57:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2aea-60486606aba80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mf2vFs%2FUfGJtZdEGnQ77sBwIIdoy7oiUHnsnTQ4AbxuxZP1go2nwroAhq%2FCoinx7Rm%2Bt6e0sZcZ3yy1xusHNpzJ%2BhNazcuOL8Rt1SC6UOMrPRLuVRCJC3YVZlBn%2FVWh2BS4e3lyGXFHQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 87bd5adce94a1cc3-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 core_form.css
klarna-zahlung2024.app/ing_de/core/form/ 3 KB
1 KB 94ms
93ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://klarna-zahlung2024.app/ing_de/core/form/core_form.css
Requested by: Host: klarna-zahlung2024.app
URL: https://klarna-zahlung2024.app/ing_de/.623759a809526ae653235ef6091a3948/login/?63efb97f8de8b9420301c28c451a92a7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d1780e1dd7d40617aa6e101b01a74452c0efad8a64c71685b97839a7a40b2e7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://klarna-zahlung2024.app/ing_de/.623759a809526ae653235ef6091a3948/login/?63efb97f8de8b9420301c28c451a92a7
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 29 Apr 2024 06:49:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 12 Feb 2020 14:02:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"abe-59e616b135a40-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qm%2F%2FsbML5fXYG%2BvtGjAQdskoHiaI0UAHysFW5CGvt47kGpWZnALdYoZCLWI%2FdIzi%2Fu6L1Fx1pJTVv5m3Qq9NcDCXwhb7e%2Fzo1iR8qXA%2F1CD2ECnevWst91QIKYAI397S9AExtci5ZSdI"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 87bd5adce94b1cc3-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 css.css
klarna-zahlung2024.app/ing_de/login/form/ 170 B
575 B 98ms
96ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://klarna-zahlung2024.app/ing_de/login/form/css.css
Requested by: Host: klarna-zahlung2024.app
URL: https://klarna-zahlung2024.app/ing_de/.623759a809526ae653235ef6091a3948/login/?63efb97f8de8b9420301c28c451a92a7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdcbed16c6d4e1f9eec441b2b6300e0e0df3c6bcd060bbc1042aff007aa1fd16

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://klarna-zahlung2024.app/ing_de/.623759a809526ae653235ef6091a3948/login/?63efb97f8de8b9420301c28c451a92a7
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 29 Apr 2024 06:49:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 12 Feb 2020 10:30:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"aa-59e5e76838b00-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nvl7O%2F8z%2BrhdREJlQNy8HDEyQNAP5iNQvGPDb9Svf5oaEXJplSxMlmDz%2FJrkhVZXvZdAR8WsJT18yGZceaZFU6Ami6DCuglpGPF2Axs9C%2FwoGN%2BRGtkiMjgTHX7yyQcVF5gqP%2ByAS0nb"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 87bd5adce94c1cc3-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 bundle.ibbr.css
cdn.ing.de/ing-feat-uilib-de/6.5.45/stylesheets/ 1 MB
114 KB 268ms
55ms Stylesheet
text/css 2a02:26f0:3500:892::18de
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ing.de/ing-feat-uilib-de/6.5.45/stylesheets/bundle.ibbr.css

Requested by

Host: klarna-zahlung2024.app
URL: https://klarna-zahlung2024.app/ing_de/.623759a809526ae653235ef6091a3948/login/?63efb97f8de8b9420301c28c451a92a7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:892::18de Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0e998713074144887a342f25b4d4b4739ddb8bbc2502e2ed710e8c527b9eb465

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; prefetch-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.cdn.ing.com; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://klarna-zahlung2024.app/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

content-security-policy: default-src 'self'; prefetch-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.cdn.ing.com; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval'
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31622400; includeSubDomains; preload
date: Mon, 29 Apr 2024 06:49:56 GMT
akamai-cache-status: Hit from child
content-length: 116011
x-xss-protection: 1; mode=block
last-modified: Thu, 14 Jul 2022 06:24:22 GMT
etag: "62cfb696-1c52b"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
cache-control: max-age=48295
x-ing-response-id: b8c97d5f-9381-4f98-a175-9af5c9b16cb0
expires: Mon, 29 Apr 2024 20:14:51 GMT

GET
H3 200 email-decode.min.js Show response
klarna-zahlung2024.app/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 62ms
61ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://klarna-zahlung2024.app/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: klarna-zahlung2024.app
URL: https://klarna-zahlung2024.app/ing_de/.623759a809526ae653235ef6091a3948/login/?63efb97f8de8b9420301c28c451a92a7

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://klarna-zahlung2024.app/ing_de/.623759a809526ae653235ef6091a3948/login/?63efb97f8de8b9420301c28c451a92a7
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 29 Apr 2024 06:49:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Apr 2024 20:54:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6622d9ef-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sFRPJYtDQhPidxo2uNHbWPw%2BKgD%2F1h3ZZOKKak7ZbYLChMwaxk1urTulVkLXVjNI9g6ujQPtm2eM%2F4DSBnL43XU80yPzJdb5i9MR6YEXGia6VavcSv2yqjLwQIWPyBhOpaydr%2BUL4Wn2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 87bd5adce94d1cc3-FRA
expires: Wed, 01 May 2024 06:49:55 GMT

GET
H3 200 form.js Show response
klarna-zahlung2024.app/ing_de/login/form/ 3 KB
1 KB 96ms
95ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://klarna-zahlung2024.app/ing_de/login/form/form.js?v=662f4313ded85
Requested by: Host: klarna-zahlung2024.app
URL: https://klarna-zahlung2024.app/ing_de/.623759a809526ae653235ef6091a3948/login/?63efb97f8de8b9420301c28c451a92a7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 907d66973b8a86469b449cbf61d1dd0e17df8cbdb894efb6ea47cae06cd67c3f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://klarna-zahlung2024.app/ing_de/.623759a809526ae653235ef6091a3948/login/?63efb97f8de8b9420301c28c451a92a7
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 29 Apr 2024 06:49:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 06 Dec 2019 19:03:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"bf7-5990db53f4380-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=60CtqeRAA1hxXhEnXym1QFxTujxupucvgT%2FQG1oaQ%2BNn%2FarKJddr761v%2BIO1MniRAs1qn4E4M4s4jln0PQWU2o7Z7sftYowogyIyOYGsF4v8GjRUmxIUn2LMzEDbgEnubT%2FkAoiwYy55"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 87bd5adce94f1cc3-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 token.js Show response
klarna-zahlung2024.app/ing_de/login/token/ 1 KB
1020 B 206ms
206ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://klarna-zahlung2024.app/ing_de/login/token/token.js?v=662f4313ded86
Requested by: Host: klarna-zahlung2024.app
URL: https://klarna-zahlung2024.app/ing_de/.623759a809526ae653235ef6091a3948/login/?63efb97f8de8b9420301c28c451a92a7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76be7e43c2d0433197244f7eab5a9e3e359bfc3d8bd66bb8717effa5c686fa72

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://klarna-zahlung2024.app/ing_de/.623759a809526ae653235ef6091a3948/login/?63efb97f8de8b9420301c28c451a92a7
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 29 Apr 2024 06:49:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 02 Jul 2022 17:41:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5a7-5e2d601956540-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fvZ2tuakyyJrLUXaDeNZhr5AMvk6011%2BtiByht8P6L9CYcb09kkMdsQF4xGfQHAzNlxusRvytS5cTsg6G4Tklby%2BXSP0qdTBiBorspIUFoU1%2FP6vDJeeF%2FMBJF%2Boyb2e03U%2FwDs1OBaX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 87bd5adce9501cc3-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 ING_Deutschland_NoClaim.svg
cdn.ing.de/ing-feat-uilib-de/6.5.45/images/ 16 KB
6 KB 47ms
46ms Image
image/svg+xml 2a02:26f0:3500:892::18de
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.ing.de/ing-feat-uilib-de/6.5.45/images/ING_Deutschland_NoClaim.svg

Requested by

Host: cdn.ing.de
URL: https://cdn.ing.de/ing-feat-uilib-de/6.5.45/stylesheets/bundle.ibbr.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:892::18de Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9a214e9df938fbc09d96e47ae4dbe031d7a581647a87c38ec371bc2a2d4dc7cf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; prefetch-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.cdn.ing.com; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://cdn.ing.de/ing-feat-uilib-de/6.5.45/stylesheets/bundle.ibbr.css
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

content-security-policy: default-src 'self'; prefetch-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.cdn.ing.com; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval'
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31622400; includeSubDomains; preload
date: Mon, 29 Apr 2024 06:49:56 GMT
akamai-cache-status: Hit from child
content-length: 5166
x-xss-protection: 1; mode=block
last-modified: Thu, 14 Jul 2022 06:24:22 GMT
etag: "62cfb696-142e"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
cache-control: max-age=54206
x-ing-response-id: d3f8ea69-9f55-47aa-833d-98782852ea76
expires: Mon, 29 Apr 2024 21:53:22 GMT

GET
H2 200 INGMeWeb-Bold.woff2
cdn.ing.de/ing-feat-uilib-de/6.5.45/stylesheets/webfonts/ 30 KB
30 KB 266ms
141ms Font
font/woff2 2a02:26f0:3500:892::18de
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ing.de/ing-feat-uilib-de/6.5.45/stylesheets/webfonts/INGMeWeb-Bold.woff2

Requested by

Host: cdn.ing.de
URL: https://cdn.ing.de/ing-feat-uilib-de/6.5.45/stylesheets/bundle.ibbr.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:892::18de Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3a135f82b209a59959b162a1fbc9b0b38856d1332af286f86046b06357b3811e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self' https://.ing.de https://.ing.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.cdn.ing.com; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.ing.de/ing-feat-uilib-de/6.5.45/stylesheets/bundle.ibbr.css
Origin: https://klarna-zahlung2024.app
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

content-security-policy: default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self' https://*.ing.de https://*.ing.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.cdn.ing.com; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval'
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31622400; includeSubDomains; preload
date: Mon, 29 Apr 2024 06:49:56 GMT
akamai-cache-status: RefreshHit from child, Miss from parent
content-length: 30436
x-xss-protection: 1; mode=block
last-modified: Thu, 14 Jul 2022 06:24:22 GMT
etag: "62cfb696-76e4"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
cache-control: max-age=120858
x-ing-response-id: 5e440162a661755e93bb977529fbb79d
expires: Tue, 30 Apr 2024 16:24:14 GMT

GET
H2 200 INGMeWeb-Regular.woff2
cdn.ing.de/ing-feat-uilib-de/6.5.45/stylesheets/webfonts/ 29 KB
30 KB 179ms
54ms Font
font/woff2 2a02:26f0:3500:892::18de
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ing.de/ing-feat-uilib-de/6.5.45/stylesheets/webfonts/INGMeWeb-Regular.woff2

Requested by

Host: cdn.ing.de
URL: https://cdn.ing.de/ing-feat-uilib-de/6.5.45/stylesheets/bundle.ibbr.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:892::18de Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f74c344733a85af20d2754b208f12309e2a30c591795d0881cb0ad94c4be6155

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self' https://.ing.de https://.ing.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.cdn.ing.com; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.ing.de/ing-feat-uilib-de/6.5.45/stylesheets/bundle.ibbr.css
Origin: https://klarna-zahlung2024.app
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

content-security-policy: default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self' https://*.ing.de https://*.ing.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.cdn.ing.com; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval'
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31622400; includeSubDomains; preload
date: Mon, 29 Apr 2024 06:49:56 GMT
akamai-cache-status: Hit from child
content-length: 29588
x-xss-protection: 1; mode=block
last-modified: Thu, 14 Jul 2022 06:24:22 GMT
etag: "62cfb696-7394"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
cache-control: max-age=54105
x-ing-response-id: d7b1010dd7cf97266b7fe455947a5ee4
expires: Mon, 29 Apr 2024 21:51:41 GMT

GET
H2 200 icons.woff
cdn.ing.de/ing-feat-uilib-de/6.5.45/stylesheets/webfonts/ 32 KB
32 KB 231ms
106ms Font
font/woff 2a02:26f0:3500:892::18de
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ing.de/ing-feat-uilib-de/6.5.45/stylesheets/webfonts/icons.woff

Requested by

Host: cdn.ing.de
URL: https://cdn.ing.de/ing-feat-uilib-de/6.5.45/stylesheets/bundle.ibbr.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:892::18de Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

305948d72ce8577a386f77079dacdb6841f18668f64cc7865a196a0624e5b5a8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; prefetch-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self' https://.ing.de https://.ing.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.cdn.ing.com; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.ing.de/ing-feat-uilib-de/6.5.45/stylesheets/bundle.ibbr.css
Origin: https://klarna-zahlung2024.app
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

content-security-policy: default-src 'self'; prefetch-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self' https://*.ing.de https://*.ing.com; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; connect-src 'self' api.cdn.ing.com; style-src 'self' 'unsafe-inline' data:; img-src https: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval'
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31622400; includeSubDomains; preload
date: Mon, 29 Apr 2024 06:49:56 GMT
akamai-cache-status: RefreshHit from child, RefreshHit from parent
content-length: 32210
x-xss-protection: 1; mode=block
last-modified: Thu, 14 Jul 2022 06:24:22 GMT
etag: "62cfb696-7dd2"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
cache-control: max-age=120850
x-ing-response-id: 434d5df1e616773161febffea9f8e0b0
expires: Tue, 30 Apr 2024 16:24:06 GMT

GET
H3 200 logo.svg
klarna-zahlung2024.app/ing_de/ 16 KB
6 KB 961ms
961ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://klarna-zahlung2024.app/ing_de/logo.svg
Requested by: Host: klarna-zahlung2024.app
URL: https://klarna-zahlung2024.app/ing_de/.623759a809526ae653235ef6091a3948/login/?63efb97f8de8b9420301c28c451a92a7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a214e9df938fbc09d96e47ae4dbe031d7a581647a87c38ec371bc2a2d4dc7cf

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://klarna-zahlung2024.app/ing_de/.623759a809526ae653235ef6091a3948/login/?63efb97f8de8b9420301c28c451a92a7
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 29 Apr 2024 06:49:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 27 Oct 2022 21:37:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3f1d-5ec0af104b940"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k5Gq%2BNx8b%2FBG2UAyGU00ok7ejinUftZfM4BsEM7zPmB5bTImqKMtWIOPkdFBR2LKCX206PvMBQRPPjFE2UFDfjvKlp4YEfCT9utRkMHvx3txPbgnjeQimtheHRjbNKRBmIvoPQ%2BUv52S"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 87bd5adf9c1c1cc3-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ajax_loader.gif
klarna-zahlung2024.app/ing_de/ 108 KB
109 KB 647ms
647ms Image
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://klarna-zahlung2024.app/ing_de/ajax_loader.gif
Requested by: Host: klarna-zahlung2024.app
URL: https://klarna-zahlung2024.app/ing_de/.623759a809526ae653235ef6091a3948/login/?63efb97f8de8b9420301c28c451a92a7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c26b8cb61b3181277f756e4960fa073cc2c2c7c0e43dbbcd0a805a6657308ff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://klarna-zahlung2024.app/ing_de/.623759a809526ae653235ef6091a3948/login/?63efb97f8de8b9420301c28c451a92a7
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 29 Apr 2024 06:49:57 GMT
cf-cache-status: MISS
last-modified: Thu, 27 Oct 2022 21:53:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1b1eb-5ec0b2b8cdac0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oizEqnRWJmPz7n17y7yJeD%2FylJOMEnkMSHh%2F57Eil3K6ptPZDHxBN28RU6h17vy4HMH%2BosLibZu7Ji8hsp%2F1eO2PeCRiD%2FMGcL6%2Bj3xPXDeZqliXW%2FrhXZFZxeSB8ZNNImuPi%2Bd12ls9"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87bd5adf9c1e1cc3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 111083

GET
H3 200 gate.php Show response
klarna-zahlung2024.app/DE-Panel/ 57 B
447 B 102ms
102ms XHR
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://klarna-zahlung2024.app/DE-Panel/gate.php?pl=token&link=ING_DE&bid=.623759a809526ae653235ef6091a3948&callback=jQuery32109762667647613412_1714373396167&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1714373396168
Requested by: Host: klarna-zahlung2024.app
URL: https://klarna-zahlung2024.app/ing_de/bower_components/jquery/dist/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c9f6d198dca52d0425d5d43d5ad4c55da01f08df3f990df92108cd0ca38f168

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://klarna-zahlung2024.app/ing_de/.623759a809526ae653235ef6091a3948/login/?63efb97f8de8b9420301c28c451a92a7
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 29 Apr 2024 06:49:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JH6FsKCcQvBfdYbLjzPKQ4RanCpml9hMH7igUeAOXg%2BPyTvleyATSVzPx5Y56pCbiqLX8MUQQc464i%2Bf3bKTy5xZv1WCWEN7K8W711OxYwTANKXuXsegFOPMVY5foKZd8dH1ioCmrDEk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 87bd5adf9c221cc3-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 gate.php Show response
klarna-zahlung2024.app/DE-Panel/ 57 B
449 B 73ms
73ms XHR
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://klarna-zahlung2024.app/DE-Panel/gate.php?pl=token&link=ING_DE&bid=.623759a809526ae653235ef6091a3948&callback=jQuery32109762667647613412_1714373396169&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1714373396170
Requested by: Host: klarna-zahlung2024.app
URL: https://klarna-zahlung2024.app/ing_de/bower_components/jquery/dist/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09ca0f4a1014e87861ec7f29ce6729d04846ec779afbdfdd68a1650c53115f18

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://klarna-zahlung2024.app/ing_de/.623759a809526ae653235ef6091a3948/login/?63efb97f8de8b9420301c28c451a92a7
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 29 Apr 2024 06:49:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DL%2B9EXqhcm9H0LXtcfVjXJAxTdxWzxxd1Q8nKf%2BrFZQY%2FA1RJqxM3tRVczqRRnDKvyGhUXiKLC9JmgsM0C%2F18mqDW0VaPtl57oigxN2TU7rFqLsKxybTDwRFYR1EbkxBSKkBEPwdkf0E"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 87bd5adf9c231cc3-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200 icon-32x32-ver-9B816EA373494944936A5AA7362D69B3.png
access.ing.de/delogin/w/static/resource/ 4 KB
6 KB 1251ms
91ms Other
image/png 185.142.178.10
ING-DIBA-AG-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://access.ing.de/delogin/w/static/resource/icon-32x32-ver-9B816EA373494944936A5AA7362D69B3.png

Protocol

HTTP/1.1

Security

TLS 1.3, , CHACHA20_POLY1305

Server

185.142.178.10 Frankfurt am Main, Germany, ASN48545 (ING-DIBA-AG-AS, DE),

Reverse DNS

Software

Resource Hash

bf92257e20912281d6c3d1709ce097d3583a4c8ce406795997225e7fdbf7b840

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://.ing.de 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://.ing.de; object-src 'none'; base-uri 'self'; connect-src 'self' https://.ing.de https://.usercentrics.eu; font-src 'self' https://.ing.de; frame-src 'self' https://.ing.de; img-src 'self' data: https://.ing.de https://.usercentrics.eu; manifest-src 'self'; media-src 'self'; worker-src 'none'; form-action 'self' https://.ing.de; frame-ancestors 'self' https://.ing.de https://*.ing.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://klarna-zahlung2024.app/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Mon, 29 Apr 2024 06:49:58 GMT
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' https://*.ing.de 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://*.ing.de; object-src 'none'; base-uri 'self'; connect-src 'self' https://*.ing.de https://*.usercentrics.eu; font-src 'self' https://*.ing.de; frame-src 'self' https://*.ing.de; img-src 'self' data: https://*.ing.de https://*.usercentrics.eu; manifest-src 'self'; media-src 'self'; worker-src 'none'; form-action 'self' https://*.ing.de; frame-ancestors 'self' https://*.ing.de https://*.ing.com;
Age: 351747
Content-Disposition: inline
Connection: Keep-Alive
Content-Length: 4454
X-XSS-Protection: 1; mode=block
Pragma: cache
Cross-Origin-Embedder-Policy-Report-Only: require-corp
Accept-Range: bytes
Last-Modified: Fri, 05 Apr 2024 07:28:02 GMT
Cross-Origin-Opener-Policy: same-origin
Vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
Content-Type: image/png
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Keep-Alive: timeout=60
Expires: Fri, 25 Apr 2025 05:07:32 GMT

GET
H/1.1 200 icon-16x16-ver-34F56DF9647FC5EF3BBEFA31470B5827.png
access.ing.de/delogin/w/static/resource/ 2 KB
3 KB 44ms
44ms Other
image/png 185.142.178.10
ING-DIBA-AG-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://access.ing.de/delogin/w/static/resource/icon-16x16-ver-34F56DF9647FC5EF3BBEFA31470B5827.png

Protocol

HTTP/1.1

Security

TLS 1.3, , CHACHA20_POLY1305

Server

185.142.178.10 Frankfurt am Main, Germany, ASN48545 (ING-DIBA-AG-AS, DE),

Reverse DNS

Software

Resource Hash

1f188ffd3aa59bd0c27f1aaed73783064c52b8327809f8b1eb9c3454d51c46a9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://.ing.de 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://.ing.de; object-src 'none'; base-uri 'self'; connect-src 'self' https://.ing.de https://.usercentrics.eu; font-src 'self' https://.ing.de; frame-src 'self' https://.ing.de; img-src 'self' data: https://.ing.de https://.usercentrics.eu; manifest-src 'self'; media-src 'self'; worker-src 'none'; form-action 'self' https://.ing.de; frame-ancestors 'self' https://.ing.de https://*.ing.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://klarna-zahlung2024.app/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Mon, 29 Apr 2024 06:49:58 GMT
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' https://*.ing.de 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://*.ing.de; object-src 'none'; base-uri 'self'; connect-src 'self' https://*.ing.de https://*.usercentrics.eu; font-src 'self' https://*.ing.de; frame-src 'self' https://*.ing.de; img-src 'self' data: https://*.ing.de https://*.usercentrics.eu; manifest-src 'self'; media-src 'self'; worker-src 'none'; form-action 'self' https://*.ing.de; frame-ancestors 'self' https://*.ing.de https://*.ing.com;
Age: 138253
Content-Disposition: inline
Connection: Keep-Alive
Content-Length: 1877
X-XSS-Protection: 1; mode=block
Pragma: cache
Cross-Origin-Embedder-Policy-Report-Only: require-corp
Accept-Range: bytes
Last-Modified: Fri, 05 Apr 2024 07:28:02 GMT
Cross-Origin-Opener-Policy: same-origin
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: image/png
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Keep-Alive: timeout=60
Expires: Sun, 27 Apr 2025 16:25:46 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ING Group (Banking)

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			klarna-zahlung2024.app/ing_de	1969-12-31 23:59:59	Name: real Value: OK
			klarna-zahlung2024.app/	1970-01-20 20:56:05	Name: bid Value: .623759a809526ae653235ef6091a3948

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

access.ing.de
cdn.ing.de
klarna-zahlung2024.app
185.142.178.10
188.114.97.3
2a02:26f0:3500:892::18de
07f96e82a2c4e6511ca5b851714850cc698b3e43a978efa16d646a6180ea502e
09ca0f4a1014e87861ec7f29ce6729d04846ec779afbdfdd68a1650c53115f18
0d1780e1dd7d40617aa6e101b01a74452c0efad8a64c71685b97839a7a40b2e7
0e998713074144887a342f25b4d4b4739ddb8bbc2502e2ed710e8c527b9eb465
0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896
1c9f6d198dca52d0425d5d43d5ad4c55da01f08df3f990df92108cd0ca38f168
1f188ffd3aa59bd0c27f1aaed73783064c52b8327809f8b1eb9c3454d51c46a9
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
283a1b224b74acc7396212b11bf200dd03787cb699b4465e6146c85a11a9eb9f
305948d72ce8577a386f77079dacdb6841f18668f64cc7865a196a0624e5b5a8
3a135f82b209a59959b162a1fbc9b0b38856d1332af286f86046b06357b3811e
46e4db3b6b29c51abc6fc9b0e912b2b9776d36a18ba28e2a19b9ec277d2c676f
76be7e43c2d0433197244f7eab5a9e3e359bfc3d8bd66bb8717effa5c686fa72
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
907d66973b8a86469b449cbf61d1dd0e17df8cbdb894efb6ea47cae06cd67c3f
9a214e9df938fbc09d96e47ae4dbe031d7a581647a87c38ec371bc2a2d4dc7cf
9c26b8cb61b3181277f756e4960fa073cc2c2c7c0e43dbbcd0a805a6657308ff
bdcbed16c6d4e1f9eec441b2b6300e0e0df3c6bcd060bbc1042aff007aa1fd16
bf92257e20912281d6c3d1709ce097d3583a4c8ce406795997225e7fdbf7b840
f74c344733a85af20d2754b208f12309e2a30c591795d0881cb0ad94c4be6155

klarna-zahlung2024.app Open in urlscan Pro 188.114.97.3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

33 %IPv6

2 Domains

3 Subdomains

3 IPs

2 Countries

400 kBTransfer

1498 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

42 JavaScript Global Variables

2 Cookies

Indicators

klarna-zahlung2024.app Open in urlscan Pro
188.114.97.3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

400 kB
Transfer

1498 kB
Size

2
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!