herroepingsrechtbelf.freaze.eu
Open in
urlscan Pro
2a03:3a60:a1:9::1
Malicious Activity!
Public Scan
Effective URL: https://herroepingsrechtbelf.freaze.eu/mijn-rek/
Submission: On December 19 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 18th 2019. Valid for: a year.
This is the only time herroepingsrechtbelf.freaze.eu was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Rabobank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 193.23.127.236 193.23.127.236 | 197071 (ACTIVE-SE...) (ACTIVE-SERVERS active-servers.com) | |
7 | 2a03:3a60:a1:... 2a03:3a60:a1:9::1 | 49544 (I3DNET) (I3DNET) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:1b | 20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group) | |
14 | 104.109.93.25 104.109.93.25 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 2a00:1450:400... 2a00:1450:4001:81f::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
25 | 5 |
ASN197071 (ACTIVE-SERVERS active-servers.com, DE)
PTR: vps-zap470743-2.zap-srv.com
www.alertlogistic.online |
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
code.jquery.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-93-25.deploy.static.akamaitechnologies.com
www.rabobank.be |
ASN15169 (GOOGLE - Google LLC, US)
www.youtube-nocookie.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
rabobank.be
www.rabobank.be |
413 KB |
7 |
freaze.eu
herroepingsrechtbelf.freaze.eu |
121 KB |
2 |
youtube-nocookie.com
www.youtube-nocookie.com |
|
1 |
jquery.com
code.jquery.com |
30 KB |
1 |
alertlogistic.online
www.alertlogistic.online |
4 KB |
25 | 5 |
Domain | Requested by | |
---|---|---|
14 | www.rabobank.be |
herroepingsrechtbelf.freaze.eu
|
7 | herroepingsrechtbelf.freaze.eu |
www.alertlogistic.online
herroepingsrechtbelf.freaze.eu |
2 | www.youtube-nocookie.com |
herroepingsrechtbelf.freaze.eu
|
1 | code.jquery.com |
herroepingsrechtbelf.freaze.eu
|
1 | www.alertlogistic.online | |
25 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.rabobank.be |
nl-nl.facebook.com |
twitter.com |
www.linkedin.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
alertlogistic.online Let's Encrypt Authority X3 |
2019-12-19 - 2020-03-18 |
3 months | crt.sh |
herroepingsrechtbelf.freaze.eu Sectigo RSA Domain Validation Secure Server CA |
2019-12-18 - 2020-12-17 |
a year | crt.sh |
jquery.org COMODO RSA Domain Validation Secure Server CA |
2018-10-17 - 2020-10-16 |
2 years | crt.sh |
www.rabobank.be DigiCert SHA2 Extended Validation Server CA |
2019-09-20 - 2020-09-24 |
a year | crt.sh |
*.google.com GTS CA 1O1 |
2019-12-03 - 2020-02-25 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://herroepingsrechtbelf.freaze.eu/mijn-rek/
Frame ID: 13E3D0F5B5F1601669A96A742C7BECF3
Requests: 23 HTTP requests in this frame
Frame:
https://www.youtube-nocookie.com/embed/tyxyZhXCkWs?rel=0&controls=1&showinfo=1
Frame ID: 351058832DB47C36070E9694B630AF28
Requests: 1 HTTP requests in this frame
Frame:
https://www.youtube-nocookie.com/embed/tyxyZhXCkWs?rel=0&controls=1&showinfo=1
Frame ID: 3C28D36D7D112BBA2B2E41147C259EB7
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://www.alertlogistic.online/ Page URL
- https://herroepingsrechtbelf.freaze.eu/mijn-rek/ Page URL
Detected technologies
Ubuntu (Operating Systems) ExpandDetected patterns
- headers server /Ubuntu/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
46 Outgoing links
These are links going to different origins than the main page.
Title: Mijn rekeningen
Search URL Search Domain Scan URL
Title: Over ons
Search URL Search Domain Scan URL
Title: Rabo Spaarrekening
Search URL Search Domain Scan URL
Title: Rabo Plus Account
Search URL Search Domain Scan URL
Title: Rabo Junior Account
Search URL Search Domain Scan URL
Title: Rabo Gift Account
Search URL Search Domain Scan URL
Title: Rabo Termijnrekening
Search URL Search Domain Scan URL
Title: Rabo Zichtrekening
Search URL Search Domain Scan URL
Title: Vergelijk spaarrekeningen
Search URL Search Domain Scan URL
Title: Document Center
Search URL Search Domain Scan URL
Title: Veelgestelde vragen
Search URL Search Domain Scan URL
Title: ABC-banktermen
Search URL Search Domain Scan URL
Title: Essentiële spaardersinformatie
Search URL Search Domain Scan URL
Title: Veilig bankieren
Search URL Search Domain Scan URL
Title: Alles over de digipass
Search URL Search Domain Scan URL
Title: Kredietwaardigheid
Search URL Search Domain Scan URL
Title: Contacteer ons
Search URL Search Domain Scan URL
Title: Een klacht?
Search URL Search Domain Scan URL
Title: De spaarrekening van a tot z
Search URL Search Domain Scan URL
Title: Rente onder de loep
Search URL Search Domain Scan URL
Title: Psychologie van de spaarder
Search URL Search Domain Scan URL
Title: Erfeniskwesties
Search URL Search Domain Scan URL
Title: Meld u aan voor onze nieuwsbrief
Search URL Search Domain Scan URL
Title: Frida Deceunynck
Search URL Search Domain Scan URL
Title: Pascal Paepen
Search URL Search Domain Scan URL
Title: Claudia Hammond
Search URL Search Domain Scan URL
Title: Cédric Boitte
Search URL Search Domain Scan URL
Title: #sparen
Search URL Search Domain Scan URL
Title: #psychologie
Search URL Search Domain Scan URL
Title: #wetgeving
Search URL Search Domain Scan URL
Title: #kinderen
Search URL Search Domain Scan URL
Title: #fiscaliteit
Search URL Search Domain Scan URL
Title: #technologie
Search URL Search Domain Scan URL
Title: #erfenis
Search URL Search Domain Scan URL
Title: #veiligheid
Search URL Search Domain Scan URL
Title: #rabobank
Search URL Search Domain Scan URL
Title: #missie
Search URL Search Domain Scan URL
Title: Vraag een nieuwe digipass aan
Search URL Search Domain Scan URL
Title: Bekijk alle veelgestelde vragen over de digipass
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Linkedin
Search URL Search Domain Scan URL
Title: Gebruiksvoorwaarden
Search URL Search Domain Scan URL
Title: Uw privacy
Search URL Search Domain Scan URL
Title: Cookies
Search URL Search Domain Scan URL
Title: Tarievenlijst (PDF)
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://www.alertlogistic.online/ Page URL
- https://herroepingsrechtbelf.freaze.eu/mijn-rek/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
www.alertlogistic.online/ |
7 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Primary Request
/
herroepingsrechtbelf.freaze.eu/mijn-rek/ |
87 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arm.css
herroepingsrechtbelf.freaze.eu/mijn-rek/ |
260 KB 38 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.4.1.min.js
code.jquery.com/ |
86 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mxui.css
www.rabobank.be/apps/postlogin-be/mxclientsystem/mxui/ui/ |
97 KB 32 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widgets.css
www.rabobank.be//apps/postlogin-be/widgets/ |
96 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lib.css
www.rabobank.be/apps/postlogin-be/resources/ |
572 KB 108 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
custom.css
www.rabobank.be/apps/postlogin-be/resources/ |
435 KB 93 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rabobank-check-white-1.svg
www.rabobank.be/.resources/rabobank-be/webresources/img/common/ |
572 B 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rabobank-search.svg
www.rabobank.be/.resources/rabobank-be/webresources/img/common/ |
766 B 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rabobank-menu.svg
www.rabobank.be/.resources/rabobank-be/webresources/img/common/ |
557 B 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rabobank-logo.svg
www.rabobank.be/dam/jcr:3dd45014-2ce3-468c-b049-9df619452322/ |
20 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Login$digipass9_2.png
www.rabobank.be//apps/postlogin-be/img/ |
67 KB 68 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Login$Login_NavigationLayouts_Draft_BE_DP_Login_White.png
www.rabobank.be//apps/postlogin-be/img/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SandyP.png
www.rabobank.be/dam/jcr:c8e32a02-1f4b-4d9d-bad2-9ed83556e588/ |
31 KB 33 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
IvyM.png
www.rabobank.be/dam/jcr:d58b9cfd-c29a-4cc3-a0da-32fbfc964a0a/ |
32 KB 34 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rabobank-cookies-white.svg
www.rabobank.be/.resources/rabobank-be/webresources/img/common/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tyxyZhXCkWs
www.youtube-nocookie.com/embed/ Frame 3510 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tyxyZhXCkWs
www.youtube-nocookie.com/embed/ Frame 3C28 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rabobank-arrow.svg
herroepingsrechtbelf.freaze.eu/img/common/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rabobank-close.svg
herroepingsrechtbelf.freaze.eu/img/common/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rabobank-arrow.svg
www.rabobank.be/.resources/rabobank-be/webresources/img/common/ |
498 B 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
myriadpro-regular-webfont.woff
herroepingsrechtbelf.freaze.eu/mijn-rek/ |
22 KB 22 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
myriadpro-bold-webfont.woff
herroepingsrechtbelf.freaze.eu/mijn-rek/ |
22 KB 22 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
myriadpro-light-webfont.woff
herroepingsrechtbelf.freaze.eu/mijn-rek/ |
22 KB 22 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Rabobank (Banking)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
code.jquery.com
herroepingsrechtbelf.freaze.eu
www.alertlogistic.online
www.rabobank.be
www.youtube-nocookie.com
104.109.93.25
193.23.127.236
2001:4de0:ac19::1:b:1b
2a00:1450:4001:81f::200e
2a03:3a60:a1:9::1
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
37b070b36e2e2acfd3f795f7b77821fd8caaf6918b9ce5037ddaa7b1b52231ad
4397d32e821e8562fa6a208393d1c47d9ee07d333c64b3e84e5ab92ee136c004
4ac5fd9f7108fd5b25abecbb873ef285554d5ab8ae5ba0d9e0cf863a4bee22d5
6342bffe43e2d8c9fab3503e7f2f0eb3b0d5c30a74c2c911a72993dd9e7c45ba
6cb3cb05406c50b793d8e2699ffb5d53fa36b9f471dfecb7a5a94bf96e97b26d
951ab1bb50fe72bd4586ae324af2e6444d8878983bd4b37db2badf1cc0804d78
9b0b7e1ec2e1bde8dbf465142c65c35c2795fd95f5a7edacd091fe2b50aa8c76
a242bd104b336cb5312c363a96cef1e751c7b2c3b9b9de0991361d4afc5fdfa9
a775ab8993c591fc06434cba0ec5a296c9f62c60823cc551ae3db5229f4e334e
b44982e5d6f2f86337752c0217d792422ad4178266c29d02c067dc211bfb4368
b5022987c92f476c489a34d392f8dc8cae6b97971ac0be8dab712b2b75c7764b
b6cfcd516bb6f46a40d0c63686e35594d081af76e5c37c0837c13c5c2bf15c87
b8266d9c9eefffb417e537eea269e2f69dac0a5a72dbf547227fdf6c2ec2e876
ca2ff25afe9ddd9667730a1b0b9a6cb908ec05436943ca1384402626990af959
cb7ff7e55122c68f01af728a6d998d0d2ee1cdce5474b0a775b4a3dc0d778dee
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e150ec1939230da37fefb50a40d8766b38060db920f0823c387e57c8cceca676
e5084c84515b5d2456dd13eeaa7c6b62dc9e9efa0f7787b116f078abd6fb1dc9
e77cdbd21d8b7329c5261bc13752744951caef0009c1ef36e20ecc43183f7dd2
ed54449cd63ec194c3eaecbc5b634843a61dc32236efbbc24483c2a43a332a85
fb0bccc37a1e1032fb54e1cf8f7d8f3b316c38927388cc24dafceb5bae618336