freaktemplate.com Open in urlscan Pro
2606:4700:3037::681b:b515 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://themehndidesigns.com/red-spk/
Effective URL:
https://freaktemplate.com/www/20cf99874/1d73310.php?web=succes&local=_&id=74370700
Submission: On May 01 via automatic, source phishtank (May 1st 2020, 5:58:46 am UTC)

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 12 HTTP transactions. The main IP is 2606:4700:3037::681b:b515, located in United States and belongs to CLOUDFLARENET, US. The main domain is freaktemplate.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 4th 2020. Valid for: 7 months.

This is the only time freaktemplate.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sparkasse (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3033::6812:3a1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 13	2606:4700:303... 2606:4700:3037::681b:b515	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	3

1 2606:4700:3033::6812:3a1a (United States)

ASN13335 (CLOUDFLARENET, US)

themehndidesigns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3037::681b:b515 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

freaktemplate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	freaktemplate.com 2 redirects freaktemplate.com	2 MB
1	themehndidesigns.com themehndidesigns.com	522 B
12	2

	Domain	Requested by
13	freaktemplate.com	2 redirects freaktemplate.com
1	themehndidesigns.com
12	2

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-09-06` - `2020-09-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://freaktemplate.com/www/20cf99874/1d73310.php?web=succes&local=_&id=74370700
Frame ID: 63B79E5C45E242C8AA502460D6708D5A
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://themehndidesigns.com/red-spk/ Page URL
https://freaktemplate.com/www/ HTTP 302
https://freaktemplate.com/www/20cf99874/index.php?valid=true&id=44460910 HTTP 302
https://freaktemplate.com/www/20cf99874/1d73310.php?web=succes&local=_&id=74370700 Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

12
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

2096 kB
Transfer

2300 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://themehndidesigns.com/red-spk/ Page URL
https://freaktemplate.com/www/ HTTP 302
https://freaktemplate.com/www/20cf99874/index.php?valid=true&id=44460910 HTTP 302
https://freaktemplate.com/www/20cf99874/1d73310.php?web=succes&local=_&id=74370700 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 /
themehndidesigns.com/red-spk/ 75 B
522 B 94ms
39ms Document
text/html 2606:4700:3033::6812:3a1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://themehndidesigns.com/red-spk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6812:3a1a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: themehndidesigns.com
:scheme: https
:path: /red-spk/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 01 May 2020 05:58:13 GMT
content-type: text/html
set-cookie: __cfduid=d4f733a6a20468a374e08af6af8fb7b581588312693; expires=Sun, 31-May-20 05:58:13 GMT; path=/; domain=.themehndidesigns.com; HttpOnly; SameSite=Lax
last-modified: Thu, 23 Apr 2020 13:12:23 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-cache-status: EXPIRED
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 58c744feea3cdff3-FRA
content-encoding: br
cf-request-id: 02706973540000dff316834200000001

GET
H2

200

Primary Request 1d73310.php Show response
freaktemplate.com/www/20cf99874/
Redirect Chain

https://freaktemplate.com/www/
https://freaktemplate.com/www/20cf99874/index.php?valid=true&id=44460910
https://freaktemplate.com/www/20cf99874/1d73310.php?web=succes&local=_&id=74370700

6 KB
2 KB

414ms
413ms

Document
text/html

2606:4700:3037::681b:b515
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freaktemplate.com/www/20cf99874/1d73310.php?web=succes&local=_&id=74370700
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681b:b515 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0086f2f993b6d8cb47290ffbdc297467257d9cc81584cf1c896b7cdd821b9895

Request headers

:method: GET
:authority: freaktemplate.com
:scheme: https
:path: /www/20cf99874/1d73310.php?web=succes&local=_&id=74370700
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://themehndidesigns.com/red-spk/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d7af3ed4267a61b6764aa95603a05c9781588312693; PHPSESSID=beaecf612fee20f9f3a4e5a693a7af4a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://themehndidesigns.com/red-spk/

Response headers

status: 200
date: Fri, 01 May 2020 05:58:15 GMT
content-type: text/html; charset-UTF-8;charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 58c74506e833323c-FRA
content-encoding: br
cf-request-id: 02706978500000323caeb13200000001

Redirect headers

status: 302
date: Fri, 01 May 2020 05:58:14 GMT
content-type: text/html; charset-UTF-8;charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: ./1d73310.php?web=succes&local=_&id=74370700
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 58c745043b23323c-FRA
cf-request-id: 02706976a40000323caeafc200000001

GET
H2 200 style.css
freaktemplate.com/www/20cf99874/layout/css/ 209 KB
67 KB 512ms
512ms Stylesheet
text/css 2606:4700:3037::681b:b515
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freaktemplate.com/www/20cf99874/layout/css/style.css

Requested by

Host: freaktemplate.com
URL: https://freaktemplate.com/www/20cf99874/1d73310.php?web=succes&local=_&id=74370700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:b515 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2337e5546f3945d85d62a15ada1de6eaef6668ea3ba0a42c124f3f59dd3a288

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://freaktemplate.com/www/20cf99874/1d73310.php?web=succes&local=_&id=74370700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 01 May 2020 05:58:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 04 Dec 2019 13:26:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
status: 200
cache-control: max-age=31536000
cf-ray: 58c745099db0323c-FRA
cf-request-id: 02706979fa0000323caeb31200000001
x-robots-tag: noindex, nofollow
expires: Sat, 01 May 2021 05:58:15 GMT

GET
H2 200 lgw.png
freaktemplate.com/www/20cf99874/layout/img/ 2 KB
2 KB 1246ms
1245ms Image
image/png 2606:4700:3037::681b:b515
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freaktemplate.com/www/20cf99874/layout/img/lgw.png

Requested by

Host: freaktemplate.com
URL: https://freaktemplate.com/www/20cf99874/1d73310.php?web=succes&local=_&id=74370700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:b515 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fdb36759029a338f31da9bc8ead03400234fa53c2d2ce5f0734699580b1e1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://freaktemplate.com/www/20cf99874/1d73310.php?web=succes&local=_&id=74370700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 01 May 2020 05:58:16 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
cf-ray: 58c745099db5323c-FRA
status: 200
content-length: 1733
cf-request-id: 02706979fc0000323caeb32200000001
last-modified: Sun, 01 Dec 2019 23:38:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
expires: Sun, 31 May 2020 05:58:16 GMT

GET
H2 200 rech.png
freaktemplate.com/www/20cf99874/layout/img/ 672 B
812 B 421ms
420ms Image
image/png 2606:4700:3037::681b:b515
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freaktemplate.com/www/20cf99874/layout/img/rech.png

Requested by

Host: freaktemplate.com
URL: https://freaktemplate.com/www/20cf99874/1d73310.php?web=succes&local=_&id=74370700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:b515 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2a1de372177863217e08742d15bdc6f7f15f4519518db3440ecbd8c9620db2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://freaktemplate.com/www/20cf99874/1d73310.php?web=succes&local=_&id=74370700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 01 May 2020 05:58:15 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
cf-ray: 58c745099db7323c-FRA
status: 200
content-length: 672
cf-request-id: 02706979fd0000323caeb34200000001
last-modified: Tue, 03 Dec 2019 08:48:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
expires: Sun, 31 May 2020 05:58:15 GMT

GET
H2 200 dar.png
freaktemplate.com/www/20cf99874/layout/img/ 431 B
542 B 425ms
424ms Image
image/png 2606:4700:3037::681b:b515
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freaktemplate.com/www/20cf99874/layout/img/dar.png

Requested by

Host: freaktemplate.com
URL: https://freaktemplate.com/www/20cf99874/1d73310.php?web=succes&local=_&id=74370700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:b515 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78a92ec10aa64f764b562d22d3124e1b26f5c03b7988c83f8d4dc98828044a2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://freaktemplate.com/www/20cf99874/1d73310.php?web=succes&local=_&id=74370700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 01 May 2020 05:58:15 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
cf-ray: 58c745099db9323c-FRA
status: 200
content-length: 431
cf-request-id: 02706979fd0000323caeb35200000001
last-modified: Tue, 03 Dec 2019 01:30:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
expires: Sun, 31 May 2020 05:58:15 GMT

GET
H2 200 pub01.png
freaktemplate.com/www/20cf99874/layout/img/ 601 KB
602 KB 2240ms
2239ms Image
image/png 2606:4700:3037::681b:b515
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freaktemplate.com/www/20cf99874/layout/img/pub01.png

Requested by

Host: freaktemplate.com
URL: https://freaktemplate.com/www/20cf99874/1d73310.php?web=succes&local=_&id=74370700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:b515 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c1ef999e8a998f5b22bde15808fba2ef9c15221dfa85725c8665c8c522bb05a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://freaktemplate.com/www/20cf99874/1d73310.php?web=succes&local=_&id=74370700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 01 May 2020 05:58:17 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
cf-ray: 58c745099dbb323c-FRA
status: 200
content-length: 615539
cf-request-id: 02706979fd0000323caeb36200000001
last-modified: Wed, 04 Dec 2019 06:01:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
expires: Sun, 31 May 2020 05:58:17 GMT

GET
H2 200 pub01m.png
freaktemplate.com/www/20cf99874/layout/img/ 739 KB
740 KB 621ms
619ms Image
image/png 2606:4700:3037::681b:b515
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freaktemplate.com/www/20cf99874/layout/img/pub01m.png

Requested by

Host: freaktemplate.com
URL: https://freaktemplate.com/www/20cf99874/1d73310.php?web=succes&local=_&id=74370700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:b515 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbbd25cb38999798dbd1a6f9f884ead47c7936831e303d77e632409d07a3f35b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://freaktemplate.com/www/20cf99874/1d73310.php?web=succes&local=_&id=74370700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 01 May 2020 05:58:15 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
cf-ray: 58c745099dbd323c-FRA
status: 200
content-length: 756608
cf-request-id: 02706979fd0000323caeb37200000001
last-modified: Tue, 03 Dec 2019 02:12:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
expires: Sun, 31 May 2020 05:58:15 GMT

GET
H2 200 pub02.png
freaktemplate.com/www/20cf99874/layout/img/ 246 KB
247 KB 14ms
13ms Image
image/png 2606:4700:3037::681b:b515
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freaktemplate.com/www/20cf99874/layout/img/pub02.png

Requested by

Host: freaktemplate.com
URL: https://freaktemplate.com/www/20cf99874/1d73310.php?web=succes&local=_&id=74370700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:b515 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6ae4f8e99bdb5b40148dbba1d1af164cd455c742d4a02783bb0b3e0a9c3b751

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://freaktemplate.com/www/20cf99874/1d73310.php?web=succes&local=_&id=74370700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 01 May 2020 05:58:15 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 665019
cf-ray: 58c745099dbf323c-FRA
status: 200
content-length: 252377
cf-request-id: 02706979fd0000323caeb38200000001
last-modified: Tue, 03 Dec 2019 03:12:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
expires: Sat, 23 May 2020 13:14:36 GMT

GET
H2 200 pub03.png
freaktemplate.com/www/20cf99874/layout/img/ 158 KB
158 KB 862ms
861ms Image
image/png 2606:4700:3037::681b:b515
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freaktemplate.com/www/20cf99874/layout/img/pub03.png

Requested by

Host: freaktemplate.com
URL: https://freaktemplate.com/www/20cf99874/1d73310.php?web=succes&local=_&id=74370700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:b515 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

159bd2fca763dec90ffeba1130bf18a23a234976f5e23d9fce06d7d7d6ddc487

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://freaktemplate.com/www/20cf99874/1d73310.php?web=succes&local=_&id=74370700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 01 May 2020 05:58:16 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
cf-ray: 58c745099dc1323c-FRA
status: 200
content-length: 161798
cf-request-id: 02706979fd0000323caeb39200000001
last-modified: Tue, 03 Dec 2019 05:42:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
expires: Sun, 31 May 2020 05:58:15 GMT

GET
H2 200 pub04.png
freaktemplate.com/www/20cf99874/layout/img/ 226 KB
226 KB 606ms
605ms Image
image/png 2606:4700:3037::681b:b515
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freaktemplate.com/www/20cf99874/layout/img/pub04.png

Requested by

Host: freaktemplate.com
URL: https://freaktemplate.com/www/20cf99874/1d73310.php?web=succes&local=_&id=74370700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:b515 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de0d52bfb9c18ac3c35dad846b9f5e39b47e30dec4e6fbb163f06c0c30426b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://freaktemplate.com/www/20cf99874/1d73310.php?web=succes&local=_&id=74370700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 01 May 2020 05:58:15 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
cf-ray: 58c745099dc3323c-FRA
status: 200
content-length: 230977
cf-request-id: 02706979fd0000323caeb3a200000001
last-modified: Tue, 03 Dec 2019 05:45:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
expires: Sun, 31 May 2020 05:58:15 GMT

GET
H2 200 style.js Show response
freaktemplate.com/www/20cf99874/layout/js/ 96 KB
33 KB 525ms
523ms Script
application/javascript 2606:4700:3037::681b:b515
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freaktemplate.com/www/20cf99874/layout/js/style.js

Requested by

Host: freaktemplate.com
URL: https://freaktemplate.com/www/20cf99874/1d73310.php?web=succes&local=_&id=74370700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:b515 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b56dd0f5e443608e46b42696f86fe376190c1688f2586cf5345b0b43f2973a5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://freaktemplate.com/www/20cf99874/1d73310.php?web=succes&local=_&id=74370700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 01 May 2020 05:58:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 12 Nov 2018 14:23:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=31536000
cf-ray: 58c745099db6323c-FRA
cf-request-id: 02706979fc0000323caeb33200000001
x-robots-tag: noindex, nofollow
expires: Sat, 01 May 2021 05:58:15 GMT

GET
DATA 200
OK truncated
/ 17 KB
17 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5dd216ad75ced5dd6acfb48d1ae11ba66fb373c26da7fc5efbdad9fd1c14f6e3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin: https://freaktemplate.com

Response headers

Content-Type: application/font-woff2;charset=utf-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sparkasse (Banking)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			freaktemplate.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: beaecf612fee20f9f3a4e5a693a7af4a
			.freaktemplate.com/	1970-01-19 09:55:04	Name: __cfduid Value: d7af3ed4267a61b6764aa95603a05c9781588312693

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

freaktemplate.com
themehndidesigns.com
2606:4700:3033::6812:3a1a
2606:4700:3037::681b:b515
0086f2f993b6d8cb47290ffbdc297467257d9cc81584cf1c896b7cdd821b9895
159bd2fca763dec90ffeba1130bf18a23a234976f5e23d9fce06d7d7d6ddc487
3fdb36759029a338f31da9bc8ead03400234fa53c2d2ce5f0734699580b1e1c1
4c1ef999e8a998f5b22bde15808fba2ef9c15221dfa85725c8665c8c522bb05a
5dd216ad75ced5dd6acfb48d1ae11ba66fb373c26da7fc5efbdad9fd1c14f6e3
78a92ec10aa64f764b562d22d3124e1b26f5c03b7988c83f8d4dc98828044a2d
a6ae4f8e99bdb5b40148dbba1d1af164cd455c742d4a02783bb0b3e0a9c3b751
b56dd0f5e443608e46b42696f86fe376190c1688f2586cf5345b0b43f2973a5c
bbbd25cb38999798dbd1a6f9f884ead47c7936831e303d77e632409d07a3f35b
c2337e5546f3945d85d62a15ada1de6eaef6668ea3ba0a42c124f3f59dd3a288
c2a1de372177863217e08742d15bdc6f7f15f4519518db3440ecbd8c9620db2e
de0d52bfb9c18ac3c35dad846b9f5e39b47e30dec4e6fbb163f06c0c30426b5a

freaktemplate.com Open in urlscan Pro 2606:4700:3037::681b:b515 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

2096 kBTransfer

2300 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

freaktemplate.com Open in urlscan Pro
2606:4700:3037::681b:b515 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

2096 kB
Transfer

2300 kB
Size

2
Cookies

12 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!