ScanMalware.com

Security Scan Report: banking.ing.de

Redirected to:
https://access.ing.de/delogin/w/login?t=https://access.ing.de/delogin/...
Submitted: Apr 15, 2026, 4:50:31 AMCompleted: Apr 15, 2026, 4:51:45 AMpubliccompleted
Loading additional data...

Summary

This website contacted 3 IPs in 1 country across 3 domains to perform 1 HTTP transaction. The main domain is access.ing.de.

Submitted URL: https://banking.ing.de

Effective URL: https://access.ing.de/delogin/w/login?t=https://access.ing.de/delogin/oauth/authorize?response_type%3Dcode%26client_id%3Dibbr%26scope%3Dbanking%2520postlogin%2520tpa%2520openid%26state%3DquKrbyjkZ9TZ1Dnjk1NDEM-nMaBQYUEZ862Fxwb3t1M%253D%26redirect_uri%3Dhttps://banking.ing.de/app/login/oauth2/code/ibbr%26nonce%3D0OWDRXf7ojKMX4jpKmXeMwBN4pcM7fTLsstvxOb_tpg%26claims%3D%257B%2522id_token%2522:%257B%2522customer_number%2522:%257B%2522essential%2522:true%257D,%2522partner_number%2522:%257B%2522essential%2522:true%257D,%2522last_login%2522:%257B%2522essential%2522:true%257D,%2522authentication_means%2522:%257B%2522essential%2522:true%257D,%2520%2522username%2522:%257B%2522essential%2522:true%257D%257D%257D%26tpaAuthenticationContext%3D%257B%2522clientId%2522:%252292f67a01-bb1b-4951-9c22-8cdbee0addef%2522,%2522requiredLevelOfAssurance%2522:2,%2522identifyeeType%2522:%2522customer%2522,%2522scopes%2522:%255B%2522personal_data%2522%255D%257D%26xc&login_hintRedirected

The Cisco Umbrella rank of the primary domain is #122,208 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

The site mimics ING banking login, uses a low‑rank, newly created subdomain with multiple redirects and a credential form, indicating a high‑risk phishing attempt.

Risk Factors
Low Cisco Umbrella ranking for a brand‑impersonating site
Unknown domain age with credential collection
Excessive redirects (6) and domain change
Potential brand impersonation (ING) on a non‑official subdomain
Credential form without clear legitimate backing
Domain age information unavailable

Details

Page Title

Login - ING

Scan Type

public

Language

🇩🇪

German

(80% confidence)

Category

finance banking

(72%)

Domain Information

Within the German country-code top-level domain (.de), 'banking.ing.de' is registered with subdomain 'banking'. The registrable portion 'ing' spans 3 characters holding 1 vowel versus 2 consonants. Tokenizing the label suggests one word: ing. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://banking.ing.de

Page Load Overview

2.35s
Total Load Time
61
HTTP Requests
11
Domains
1.1 MB
Total Size

Language Analysis

Primary Language

🇩🇪German
Code: de
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:de
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:de
Text Length:2,448 chars
Detector Agreement:100%

Website Classification

Primary Category

finance banking72% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

finance banking
72%
technology software
57%
government public service
49%
cryptocurrency blockchain
36%
e-commerce shopping
33%

Detected Features

Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
21185.142.178.1Germany
AS48545ING-DiBa AG
2023.45.105.49Frankfurt am Main, Hesse, Germany
AS16625Akamai Technologies, Inc.
20185.142.178.10Germany
AS48545ING-DiBa AG
613--

Detected Technologies3

PasswordField
100%
HSTS
40%
jQuery
20%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T14BD2F72F5CF41437C71382D8D37EA70962D2C01BC9C75C48F2EEAD8487E6EA6458BA19

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:DAbFVFMATNKKVkxoJmpEK6HopRuLxPzqj94QP7PHPil2ow:S1TNKpoJ0EK6Ifmx7qj94QDPHql8

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:30735:GKVSAhIkDHd4BOwkmNgKCkILEAWBCqiJAJGAAQRKsBghQAURCFyAAGB0FdVJGYeQACAQA1CAMBUqpUAnTBDu9AiJQSShFxSE

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:7f0f7f7f1f0f4f4f
Perceptual Hash:91c7383fcee1ccc0
Difference Hash:d8d8f0d0f0149890
Wavelet Hash:3e0e0e3e0f0f0f0f
Color Hash:#a32dd2

Other Hashes

Crop Resistant:d8d8f0d0f0149890

Scan History

Scan history not available

Unable to load historical scan data