krezup.com
Open in
urlscan Pro
162.215.240.160
Malicious Activity!
Public Scan
Effective URL: https://krezup.com/seb-smartid/si/sid.html?KIoYbdiw03f1lLprTUvBhuD2549q6xHMaj8AN7ZSQezGntPsFXOCycVgREWJkmzOjRhmnksl...
Submission: On March 30 via manual from LT
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on February 5th 2020. Valid for: 3 months.
This is the only time krezup.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: SEB Group (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 67.199.248.10 67.199.248.10 | 396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD) | |
27 | 162.215.240.160 162.215.240.160 | 394695 (PUBLIC-DO...) (PUBLIC-DOMAIN-REGISTRY) | |
27 | 1 |
ASN394695 (PUBLIC-DOMAIN-REGISTRY, US)
PTR: bh-74.webhostbox.net
krezup.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
27 |
krezup.com
krezup.com |
246 KB |
1 |
bit.ly
1 redirects
bit.ly |
275 B |
27 | 2 |
Domain | Requested by | |
---|---|---|
27 | krezup.com |
krezup.com
|
1 | bit.ly | 1 redirects |
27 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.seb.ee |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sms.tvdsoftware.in Let's Encrypt Authority X3 |
2020-02-05 - 2020-05-05 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://krezup.com/seb-smartid/si/sid.html?KIoYbdiw03f1lLprTUvBhuD2549q6xHMaj8AN7ZSQezGntPsFXOCycVgREWJkmzOjRhmnkslb9J2dcfrAMTYx6075ILDqGN8tP1EiHyWCgaewvFSKpQX4UVZu3oB42569274052
Frame ID: 6CE3D946EFA85911305624A914E37F17
Requests: 27 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://bit.ly/3bv148a
HTTP 301
https://krezup.com/seb-smartid/?id=111 Page URL
- https://krezup.com/seb-smartid/si/sid.html?KIoYbdiw03f1lLprTUvBhuD2549q6xHMaj8AN7ZSQezGntPsFXOC... Page URL
Detected technologies
OpenSSL (Web Server Extensions) ExpandDetected patterns
- headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Loe lisaks
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://bit.ly/3bv148a
HTTP 301
https://krezup.com/seb-smartid/?id=111 Page URL
- https://krezup.com/seb-smartid/si/sid.html?KIoYbdiw03f1lLprTUvBhuD2549q6xHMaj8AN7ZSQezGntPsFXOCycVgREWJkmzOjRhmnkslb9J2dcfrAMTYx6075ILDqGN8tP1EiHyWCgaewvFSKpQX4UVZu3oB42569274052 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://bit.ly/3bv148a HTTP 301
- https://krezup.com/seb-smartid/?id=111
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
krezup.com/seb-smartid/ Redirect Chain
|
262 B 403 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
sid.html
krezup.com/seb-smartid/si/ |
18 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.cache447729341.css
krezup.com/seb-smartid/si/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonts.cache447729341.css
krezup.com/seb-smartid/si/ |
2 KB 392 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles_content_desktop.cache447729341.css
krezup.com/seb-smartid/si/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles_frame_wide.cache447729341.css
krezup.com/seb-smartid/si/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles_linkaccount.cache447729341.css
krezup.com/seb-smartid/si/ |
62 B 114 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles_linkaccount_desktop.cache447729341.css
krezup.com/seb-smartid/si/ |
34 B 86 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles_linkaccount_wide.cache447729341.css
krezup.com/seb-smartid/si/ |
34 B 86 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles_unet.cache447729341.css
krezup.com/seb-smartid/si/ |
98 B 161 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
seb_logotype_rgb.svg
krezup.com/seb-smartid/si/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon_mol.png
krezup.com/seb-smartid/si/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon_hyyumark.png
krezup.com/seb-smartid/si/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles_notsupported.cache447729341.css
krezup.com/seb-smartid/si/ |
264 B 244 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles_frame_narrow.cache447729341.css
krezup.com/seb-smartid/si/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles_frame_narrow_extend.cache447729341.css
krezup.com/seb-smartid/si/ |
238 B 247 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles_content_portable.cache447729341.css
krezup.com/seb-smartid/si/ |
2 KB 899 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles_frame_medium.cache447729341.css
krezup.com/seb-smartid/si/ |
2 KB 824 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles_print.cache447729341.css
krezup.com/seb-smartid/si/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles_linkaccount_narrow.cache447729341.css
krezup.com/seb-smartid/si/ |
34 B 85 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg_private.png
krezup.com/seb-smartid/si/ |
81 KB 81 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SEBSansSerif-Regular.woff
krezup.com/seb-smartid/si/ |
43 KB 43 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg22b.png
krezup.com/seb-smartid/si/ |
144 B 197 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg16.png
krezup.com/seb-smartid/si/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SEBSansSerif-Bold.woff
krezup.com/seb-smartid/si/ |
43 KB 44 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sebicons.woff
krezup.com/seb-smartid/si/ |
8 KB 8 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SEBSansSerif-Medium.woff
krezup.com/seb-smartid/si/ |
43 KB 43 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: SEB Group (Banking)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bit.ly
krezup.com
162.215.240.160
67.199.248.10
0a431d3cbac088a63e9e3f1daa3f0d0305661ff21fdd67a01cc722e22c53cc12
178996ddb819b621c3d37467a3df799c6bbff45b2ff774242fd690445e4bf949
1796db684596632ed37a7fcd5c9a02fb2f7f1f7cdf4ee6c3b866260c39395fde
19c509b2cf9943b9f32a0349214789b828bbfb3933c18338d1012ac2634ba7b1
214adeb85882445e5c3aa2540de14cb467897f1a64dff2a221e428afb388d6c3
244fd5318ed303fc147022e65b76783e421f3e51e5f1df6b9016db28cab5a0bf
25e3bf503c7e610223abf60843d2e90ad9fcaf2ea30db9dc4584ba49c0706995
29b9c1471ae7358d3f38e1e8fc2529eed105bf818990de6aef391038a83875bd
3847bf903bbef7ae0a06816ae2c5d29ab4db2508025086f852fd6be2c3921e33
40833b1faf7e51a20c853b2ada8124c1b4d5552d43f825ce68880d2406e6e596
50547f5cf0cdb4f9f1c62f22c9fd02123fc932e29f4a5df5f1c1a6538b137172
5f292b4ea0206bb6f7bbcee1c20c4c3a1f9f6bc068977eaea0ba2c719b824ad8
6bf7db08345b8dd6443a75bebb7299bac96d1082c6fbc4dfbe01700cfd4c0bdb
6f779770f02964b184931421c2bbab917ce9751d800200d419a8be0298807709
7a49247a2da465ca0d773044badce7fb5858ca741b569df92ce9f207ed5c7e00
7a7bccff70302456e747faae2f97c0ac05f15d9d128b8fe974e2fab776f4e5c7
8959c5f937555929877f9ea348bfa7f7f590d5b06048419170f97b4834a328c9
92aa8109b5f9a5896665be0e003501733c7cff19874abe6c0308e255f5b500b4
9ad4e09324dd704ab5165112b4b4fd34de2400e8a71940c5a1d0da00857f1baa
a2c6c4e0cedf8c3afa92d6d27e3a1647b27bfa9cc1a14a4b1d60dba9bc66ed56
abe307c5e07b31ebca82ed347c45f7bc746e5af14ce7ee030ef87eb9a4e10e12
c2262802c5b832bd5cdbaed1983b726d4b3709280a2c7c2bf589830a3abd38ed
c99ed91627affaa64261bd39c0f35ec35414e90d374515139b72b7df5b92043a
c9f15c0af94edac2de86e7d47ee3e70c92021fb7ad75c4bbef81e5dcffd98f92
d261343362265355dacf1d3e20e78983480a505dc95bebac5dc6439ef441dd17