noodza.eu
Open in
urlscan Pro
142.4.5.71
Malicious Activity!
Public Scan
Submission: On September 02 via automatic, source openphish
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on September 1st 2021. Valid for: 3 months.
This is the only time noodza.eu was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: ABN Amro (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
14 | 142.4.5.71 142.4.5.71 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
1 | 2a02:6ea0:c70... 2a02:6ea0:c700::1 | 60068 (CDN77 ^_^) (CDN77 ^_^) | |
26 | 3 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 142-4-5-71.unifiedlayer.com
noodza.eu |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
noodza.eu
noodza.eu |
1 MB |
1 |
smartlook.com
rec.smartlook.com |
9 KB |
0 |
smartsupp.com
Failed
s18.smartsupp.com Failed |
|
0 |
abnamro.nl
Failed
www.abnamro.nl Failed |
|
26 | 4 |
Domain | Requested by | |
---|---|---|
14 | noodza.eu |
noodza.eu
|
1 | rec.smartlook.com |
noodza.eu
|
0 | s18.smartsupp.com Failed |
noodza.eu
|
0 | www.abnamro.nl Failed |
noodza.eu
|
26 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
noodza.eu cPanel, Inc. Certification Authority |
2021-09-01 - 2021-11-30 |
3 months | crt.sh |
1610534878.rsc.cdn77.org R3 |
2021-06-29 - 2021-09-27 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://noodza.eu/abnamro000317/Files/gegevens.php
Frame ID: 56F7C65F1B49F675F7857B64F17F1B6E
Requests: 20 HTTP requests in this frame
Frame:
https://noodza.eu/abnamro000317/Files/gevs_files/saved_resource.html
Frame ID: C99A229FAF87BA1D53C4B9F3D120E8D0
Requests: 10 HTTP requests in this frame
Screenshot
Page Title
Persoonlijke gegevens - ABN AMRODetected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
26 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
gegevens.php
noodza.eu/abnamro000317/Files/ |
58 KB 58 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
all.css
noodza.eu/abnamro000317/Files/gevs_files/ |
9 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
core.css
noodza.eu/abnamro000317/Files/gevs_files/ |
328 KB 328 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
recorder.js.download
noodza.eu/abnamro000317/Files/gevs_files/ |
31 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loader.js.download
noodza.eu/abnamro000317/Files/gevs_files/ |
7 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shazam.js.download
noodza.eu/abnamro000317/Files/gevs_files/ |
12 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bundle-20181029125841.js.download
noodza.eu/abnamro000317/Files/gevs_files/ |
190 KB 191 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
betalen_-_betaalpaslimiet.jpg
noodza.eu/abnamro000317/Files/gevs_files/ |
30 KB 30 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icons.css
noodza.eu/abnamro000317/Files/gevs_files/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saved_resource.html
noodza.eu/abnamro000317/Files/gevs_files/ Frame C99A |
13 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
160 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
414 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
243 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
roboto-regular.woff2
www.abnamro.nl/nl/widgetdelivery/unauthenticated/oca/style/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
roboto-bold.woff2
www.abnamro.nl/nl/widgetdelivery/unauthenticated/oca/style/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
roboto-condensed-regular.woff2
www.abnamro.nl/nl/widgetdelivery/unauthenticated/oca/style/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
roboto-regular.woff
www.abnamro.nl/nl/widgetdelivery/unauthenticated/oca/style/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
roboto-bold.woff
www.abnamro.nl/nl/widgetdelivery/unauthenticated/oca/style/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
roboto-condensed-regular.woff
www.abnamro.nl/nl/widgetdelivery/unauthenticated/oca/style/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
smartchat-2.2.7.min.css
noodza.eu/abnamro000317/Files/gevs_files/ Frame C99A |
21 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
smartchat-2.2.7.min.js.download
noodza.eu/abnamro000317/Files/gevs_files/ Frame C99A |
443 KB 443 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.php
noodza.eu/abnamro000317/Files/gevs_files/ Frame C99A |
3 KB 4 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
avatar.png
noodza.eu/abnamro000317/Files/gevs_files/ Frame C99A |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recorder.js
rec.smartlook.com/ |
28 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
info
s18.smartsupp.com/chat/ Frame C99A |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
info
s18.smartsupp.com/chat/ Frame C99A |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
info
s18.smartsupp.com/chat/ Frame C99A |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
info
s18.smartsupp.com/chat/ Frame C99A |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
info
s18.smartsupp.com/chat/ Frame C99A |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.abnamro.nl
- URL
- https://www.abnamro.nl/nl/widgetdelivery/unauthenticated/oca/style/fonts/roboto-regular.woff2
- Domain
- www.abnamro.nl
- URL
- https://www.abnamro.nl/nl/widgetdelivery/unauthenticated/oca/style/fonts/roboto-bold.woff2
- Domain
- www.abnamro.nl
- URL
- https://www.abnamro.nl/nl/widgetdelivery/unauthenticated/oca/style/fonts/roboto-condensed-regular.woff2
- Domain
- www.abnamro.nl
- URL
- https://www.abnamro.nl/nl/widgetdelivery/unauthenticated/oca/style/fonts/roboto-regular.woff
- Domain
- www.abnamro.nl
- URL
- https://www.abnamro.nl/nl/widgetdelivery/unauthenticated/oca/style/fonts/roboto-bold.woff
- Domain
- www.abnamro.nl
- URL
- https://www.abnamro.nl/nl/widgetdelivery/unauthenticated/oca/style/fonts/roboto-condensed-regular.woff
- Domain
- s18.smartsupp.com
- URL
- https://s18.smartsupp.com/chat/info
- Domain
- s18.smartsupp.com
- URL
- https://s18.smartsupp.com/chat/info
- Domain
- s18.smartsupp.com
- URL
- https://s18.smartsupp.com/chat/info
- Domain
- s18.smartsupp.com
- URL
- https://s18.smartsupp.com/chat/info
- Domain
- s18.smartsupp.com
- URL
- https://s18.smartsupp.com/chat/info
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: ABN Amro (Banking)33 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| Smartsupp function| smartsupp function| $smartsupp boolean| SMARTSUPP_LOADED function| vervaningenscripts function| stopReturn function| ChangeFocus function| bmEan function| bmEan1 function| bman1 function| inwork function| keyCodes function| kan function| isNumber function| checksub function| checkpin function| checklist object| _smartsupp function| setImmediate function| clearImmediate function| smartlook1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
noodza.eu/ | Name: ssupp.vid Value: 3yGs6czVFkJAIWkCojC9mprATCPiuMa3BJ54081502092021 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
noodza.eu
rec.smartlook.com
s18.smartsupp.com
www.abnamro.nl
s18.smartsupp.com
www.abnamro.nl
142.4.5.71
2a02:6ea0:c700::1
0cc0c6bd4fe537bf143207b9b1c8e3808a85c5c21beb464c7891dc839f0eee6c
192e39d75de6896a814e51f02c87d703fbbe92564f508bfbfeb7117de557f7a0
27f3395a6dd9fc0e1781c0c102caeeebf6809a68b0dd9360e417baec2facf3dd
293680a5c9b05ee7c9c775597a78a96e2326217111b9d8d46689349877dc497c
2d16fef9d7483b36a24ec70f5aa9d9c6cb797c8317e948ae37dedec4c92a3ff5
3299864334e5ae453660e96e6e1513352630d9b8ef8e546ea42e1b815d49619a
4aa67f82d44c744fe920c27194fa0452d97272176a5fb01b129fc6d82dc78684
592932c92ea84e886ed5a28db026a1d65d17aa3bf4e5a1863c23ec64977a1094
5fc766f5f50d7a067f5ea3d0622fd7cb86f86a1f9b072c87b55049d7dbcfe4fc
6fd6ea81f74c3087472bc8cf10ce5400b85eabd475c02ef6dc7b57a5b13424a0
72824d976dd203300249f3217972df6ab89f9d94c53d84acb0a148d85693e845
7d74d3f11ac2d2857bfa0ab37f9a3fb1fc8001dfdc22ad549b398bec32f1464a
a0dabfac4b3bab27e968164d16a0842d9fcca2b14b0e78ed1e8ed454937f8da0
a2287d47466facd4d3c56d46bceea8a788f1380ed19209ee5411c2d468584785
b1e1d99d43ab313eb41d38bdba892888025c041e67bd9111762473f090920eaa
c0ea044b5906eb6e438bc1ee46e18a4749f27e57a7a077c7c6d5318d75366803
d0e34977d26e8efa9d1c1661f9c62efce9df42317655c6ed56427af349c1413a
d6c2b949430cc865fedbc63a2355fc4c7ff1dce904050150050e972728088a02