privatesection.freaze.eu
Open in
urlscan Pro
2a03:3a60:a1:6::1
Malicious Activity!
Public Scan
Submitted URL: http://juliupdate.freaze.eu/viaanen.php
Effective URL: http://privatesection.freaze.eu/cyu7tk65sjrytuyi7r68kfyigu/index.php
Submission: On July 25 via automatic, source openphish
Effective URL: http://privatesection.freaze.eu/cyu7tk65sjrytuyi7r68kfyigu/index.php
Submission: On July 25 via automatic, source openphish
Summary
This website contacted 2 IPs
in 1 countries
across 1 domains to perform 29 HTTP transactions.
The main IP is 2a03:3a60:a1:6::1, located in
Netherlands and
belongs to I3DNET, NL.
The main domain is privatesection.freaze.eu.
This is the only time privatesection.freaze.eu was scanned on urlscan.io!
This is the only time privatesection.freaze.eu was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: ING Group (Banking)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 | 2a03:3a60:a1:... 2a03:3a60:a1:7::1 | 49544 (I3DNET) (I3DNET) | |
| 28 | 2a03:3a60:a1:... 2a03:3a60:a1:6::1 | 49544 (I3DNET) (I3DNET) | |
| 29 | 2 |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 29 |
freaze.eu
juliupdate.freaze.eu privatesection.freaze.eu |
76 KB |
| 29 | 1 |
| Domain | Requested by | |
|---|---|---|
| 28 | privatesection.freaze.eu |
juliupdate.freaze.eu
privatesection.freaze.eu |
| 1 | juliupdate.freaze.eu | |
| 29 | 2 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.i.nl |
| bankieren.mijn.i.nl |
| www.nvb.nl |
| www.veiligbankieren.nl |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| 1970-01-01 - 1970-01-01 |
a few seconds | crt.sh |
This page contains 4 frames:
Primary Page:
http://privatesection.freaze.eu/cyu7tk65sjrytuyi7r68kfyigu/index.php
Frame ID: 51FE7CF977CC525FFA80DB8A5456B28D
Requests: 26 HTTP requests in this frame
Frame:
http://privatesection.freaze.eu/cyu7tk65sjrytuyi7r68kfyigu/internetbankieren_bestanden/pkmslogout.htm
Frame ID: 79B0BD0125B9061CFC3B3A039297897E
Requests: 1 HTTP requests in this frame
Frame:
http://privatesection.freaze.eu/cyu7tk65sjrytuyi7r68kfyigu/internetbankieren_bestanden/pkmslogout_002.htm
Frame ID: 699FDFFBE81510D0F6DB775C2AB7D9CA
Requests: 1 HTTP requests in this frame
Frame:
http://privatesection.freaze.eu/cyu7tk65sjrytuyi7r68kfyigu/internetbankieren_bestanden/preloader.htm
Frame ID: AA2DD08352C7BBECC4236F4751852A1C
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://juliupdate.freaze.eu/viaanen.php Page URL
- http://privatesection.freaze.eu/cyu7tk65sjrytuyi7r68kfyigu/index.php Page URL
Detected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- url /\.php(?:$|\?)/i
Apache
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
18 Outgoing links
These are links going to different origins than the main page.
URL: http://www.i.nl/particulier/klantenservice/index.aspx
Title: Klantenservice
Title: Klantenservice
Search URL Search Domain Scan URL
URL: http://www.i.nl/particulier/klantenservice/contact/index.aspx
Title: Contact
Title: Contact
Search URL Search Domain Scan URL
URL: https://www.i.nl/internetbankieren/RequestAuthorisationLostCodesServlet
Title: Nieuw wachtwoord en/of gebruikersnaam aanvragen
Title: Nieuw wachtwoord en/of gebruikersnaam aanvragen
Search URL Search Domain Scan URL
URL: https://www.i.nl/de-ing/veilig-bankieren/5Bs-van-veilig-bankieren/bescherm-uw-codes/hoe-sterk-is-uw-wachtwoord.html
Title: Tips voor het gebruik van een sterk wachtwoord
Title: Tips voor het gebruik van een sterk wachtwoord
Search URL Search Domain Scan URL
URL: https://bankieren.mijn.i.nl/particulier/overzichten/afschriften-en-jaaroverzichten/index
Title: Uw Jaaroverzicht 2018 staat klaar
Title: Uw Jaaroverzicht 2018 staat klaar
Search URL Search Domain Scan URL
URL: https://www.i.nl/particulier/nieuws-en-kennis/acties/vernieuwde-website/index.html
Title: We vernieuwen de website
Title: We vernieuwen de website
Search URL Search Domain Scan URL
URL: http://www.i.nl/particulier/internetbankieren/internetbankieren/mijn-ing/index.aspx?bid=0000_Rest_Internetbankieren_Informatie_MING_Meer_info_link_inlogscherm_link
Title: Mijn ING
Title: Mijn ING
Search URL Search Domain Scan URL
URL: http://www.i.nl/particulier/mobiel/index.aspx?bid=0000_Verkoop_Rest_Mass_mob_MobielBankieren_Meer-info-link-inlogscherm_Link
Title: Mobiel Bankieren App
Title: Mobiel Bankieren App
Search URL Search Domain Scan URL
URL: http://www.i.nl/de-ing/veilig-bankieren/index.aspx?bid=0000_Rest_Internetbankieren_Veilig_bankieren_Meer_info_link_inlogscherm_link
Title: Veilig bankieren
Title: Veilig bankieren
Search URL Search Domain Scan URL
URL: http://www.i.nl/particulier/klantenservice/veelgestelde-vragen/internetbankieren/index.aspx
Title: Kunnen wij u helpen?
Title: Kunnen wij u helpen?
Search URL Search Domain Scan URL
URL: http://www.i.nl/particulier/klantenservice/veelgestelde-vragen/internetbankieren/inloggen-activeren/inlogcodes/index.aspx?faquri=tcm:7-137427
Title: Hoe wijzig ik mijn inlogcodes voor Mijn ING?
Title: Hoe wijzig ik mijn inlogcodes voor Mijn ING?
Search URL Search Domain Scan URL
URL: http://www.i.nl/particulier/klantenservice/veelgestelde-vragen/internetbankieren/tan-code/algemeen/index.aspx?faquri=tcm:7-118293
Title: Hoe ontvang ik TAN-codes voor Mijn ING?
Title: Hoe ontvang ik TAN-codes voor Mijn ING?
Search URL Search Domain Scan URL
URL: http://www.i.nl/particulier/klantenservice/veelgestelde-vragen/internetbankieren/tan-code/algemeen/index.aspx?faquri=tcm:7-18681
Title: Hoe kan ik TAN-codes ontvangen op mijn mobiel?
Title: Hoe kan ik TAN-codes ontvangen op mijn mobiel?
Search URL Search Domain Scan URL
URL: https://www.i.nl/de-ing/veilig-bankieren/veilig-internetbankieren/ing-trusteer-rapport/index.aspx
Title: Zo werkt MIJN ING (video)?
Title: Zo werkt MIJN ING (video)?
Search URL Search Domain Scan URL
URL: http://www.nvb.nl/
Title:
Title:
Search URL Search Domain Scan URL
URL: http://www.veiligbankieren.nl/nl/
Title:
Title:
Search URL Search Domain Scan URL
URL: http://www.i.nl/de-ing/privacy-statement/index.aspx
Title: Privacy Statement
Title: Privacy Statement
Search URL Search Domain Scan URL
URL: http://www.i.nl/de-ing/disclaimer/index.aspx
Title: Disclaimer
Title: Disclaimer
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://juliupdate.freaze.eu/viaanen.php Page URL
- http://privatesection.freaze.eu/cyu7tk65sjrytuyi7r68kfyigu/index.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
29 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
viaanen.php
juliupdate.freaze.eu/ |
7 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
Primary Request
index.php
privatesection.freaze.eu/cyu7tk65sjrytuyi7r68kfyigu/ |
13 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ses_style_v6.css
privatesection.freaze.eu/cyu7tk65sjrytuyi7r68kfyigu/internetbankieren_bestanden/ |
36 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
start.js
privatesection.freaze.eu/cyu7tk65sjrytuyi7r68kfyigu/internetbankieren_bestanden/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-1.js
privatesection.freaze.eu/cyu7tk65sjrytuyi7r68kfyigu/internetbankieren_bestanden/ |
92 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ses_functions_v5.js
privatesection.freaze.eu/cyu7tk65sjrytuyi7r68kfyigu/internetbankieren_bestanden/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ses_loginvalidation.js
privatesection.freaze.eu/cyu7tk65sjrytuyi7r68kfyigu/internetbankieren_bestanden/ |
1 KB 851 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fp_AA.js
privatesection.freaze.eu/cyu7tk65sjrytuyi7r68kfyigu/internetbankieren_bestanden/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
p3_002.htm
privatesection.freaze.eu/cyu7tk65sjrytuyi7r68kfyigu/internetbankieren_bestanden/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
p3.htm
privatesection.freaze.eu/cyu7tk65sjrytuyi7r68kfyigu/internetbankieren_bestanden/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
SES_logo_ing.gif
privatesection.freaze.eu/cyu7tk65sjrytuyi7r68kfyigu/internetbankieren_bestanden/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
NVB.jpg
privatesection.freaze.eu/cyu7tk65sjrytuyi7r68kfyigu/internetbankieren_bestanden/ |
4 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
veilig_bankieren.jpg
privatesection.freaze.eu/cyu7tk65sjrytuyi7r68kfyigu/internetbankieren_bestanden/ |
5 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
pixel.gif
privatesection.freaze.eu/cyu7tk65sjrytuyi7r68kfyigu/internetbankieren_bestanden/ |
42 B 310 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
s_code_sol.js
privatesection.freaze.eu/cyu7tk65sjrytuyi7r68kfyigu/internetbankieren_bestanden/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fp_AA.js
privatesection.freaze.eu/cyu7tk65sjrytuyi7r68kfyigu/internetbankieren_bestanden/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
p3_002.htm
privatesection.freaze.eu/cyu7tk65sjrytuyi7r68kfyigu/internetbankieren_bestanden/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
p3.htm
privatesection.freaze.eu/cyu7tk65sjrytuyi7r68kfyigu/internetbankieren_bestanden/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
pkmslogout.htm
privatesection.freaze.eu/cyu7tk65sjrytuyi7r68kfyigu/internetbankieren_bestanden/ Frame 79B0 |
386 B 588 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
pkmslogout_002.htm
privatesection.freaze.eu/cyu7tk65sjrytuyi7r68kfyigu/internetbankieren_bestanden/ Frame 699F |
390 B 592 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
SES_icon_sprite_v2.png
privatesection.freaze.eu/cyu7tk65sjrytuyi7r68kfyigu/internetbankieren_bestanden/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
SOL_tabs_sprite_v2.png
privatesection.freaze.eu/cyu7tk65sjrytuyi7r68kfyigu/internetbankieren_bestanden/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
SOL_gradients_sprite.png
privatesection.freaze.eu/cyu7tk65sjrytuyi7r68kfyigu/internetbankieren_bestanden/images/ |
200 B 469 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
SES_slot.jpg
privatesection.freaze.eu/cyu7tk65sjrytuyi7r68kfyigu/internetbankieren_bestanden/images/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
SOL_buttons_sprite.png
privatesection.freaze.eu/cyu7tk65sjrytuyi7r68kfyigu/internetbankieren_bestanden/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
SOL_workbench1280_sprite.png
privatesection.freaze.eu/cyu7tk65sjrytuyi7r68kfyigu/internetbankieren_bestanden/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
SOL_1px_transparent.gif
privatesection.freaze.eu/cyu7tk65sjrytuyi7r68kfyigu/internetbankieren_bestanden/images/ |
42 B 310 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
s_code_sol.js
privatesection.freaze.eu/cyu7tk65sjrytuyi7r68kfyigu/internetbankieren_bestanden/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
preloader.htm
privatesection.freaze.eu/cyu7tk65sjrytuyi7r68kfyigu/internetbankieren_bestanden/ Frame AA2D |
385 B 587 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: ING Group (Banking)19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask string| Tooltiptitle1 string| Tooltiptext1 string| Errortext1 undefined| ltIE9 function| $ function| jQuery function| show_layover function| show_tooltip function| hide_layover function| hide_tooltip function| hide_notificationballoon function| load_data function| createHiddenField function| pCallback string| cmsBmPath string| BmResolution0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
juliupdate.freaze.eu
privatesection.freaze.eu
2a03:3a60:a1:6::1
2a03:3a60:a1:7::1
016e848bcc4293d235dce98a2be45e8298405c6c1a81cf7ca874e5cc975fe15c
16d954e2f3eb65a5c73b0774e6a4071bb29905e35e07b9b4b48bfe85029807b2
1c4be72b6b074c6ce315b2d38e0a06caae92fb9b98cab20d65df3a33cbabb9ea
206533b611ef73c719dccaa2e3d2c1937f8a5dc9ff408b4f90ae35448dc84f1e
29b6440093f0e8c2195a81e24a84f458dc3a29cf30ab8386916229f5c1b3e2f0
35f268271119ef6574dfe2593feabe1f5f79b53011aef623f9aa0bd392a06737
4d670f5674dd4724bfa8341fcbea9924303f38183e14107c84821389f9413a23
6bde7d708981a95ba39db6872eb9aec7a118dd0027c79b59b5dee5dde51d9f10
87329058dda77832b04cfb2c30a8bfc4b3ea9a1a8a7b068e0e68ed99cb31971a
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
922208100107f17f4bcf4166f11a43b05efaafe366d1fb014dc4bfc0ccba72cd
9564a1a8a4071bfb2829fee30a051de5a1a7d644a7f38597185574b531b42664
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a63640d539352b62141d580a833ea4e6dc423b016240bb8c1381159b3dbb53e6
bbc12882e0796360256324904095ff2e9a0f745a74ab30306206d98a2af43596
ebc2bec5abaab0906634207c008b8e969341d120fade59c0c31270c776b2e062
f6d268f294dd885163c48b153736f2d33dcbacf132adf5a9abee92ddb34e5d94
f9408ea23972ed3724cc814de48d44369750c6022f204c711f9cdd4263d26856
fa4ca4ec1c62cdbb8ab1b02ffe40b1e0051786bd49c1812a21e386a828b579af