curriculum-chi-physical-humanity.trycloudflare.com
Open in
urlscan Pro
2606:4700::6810:e784
Malicious Activity!
Public Scan
Effective URL: https://curriculum-chi-physical-humanity.trycloudflare.com/login.html.php
Submission: On May 14 via manual from NO — Scanned from NO
Summary
TLS certificate: Issued by E1 on March 28th 2024. Valid for: 3 months.
This is the only time curriculum-chi-physical-humanity.trycloudflare.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Norwegian Government (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:20:... 2606:4700:20::ac43:5384 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 172.67.133.17 172.67.133.17 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
21 | 2606:4700::68... 2606:4700::6810:e784 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:810::2016 | 15169 (GOOGLE) (GOOGLE) | |
1 | 104.21.235.208 104.21.235.208 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
27 | 4 |
ASN13335 (CLOUDFLARENET, US)
curriculum-chi-physical-humanity.trycloudflare.com |
ASN15169 (GOOGLE, US)
play-lh.googleusercontent.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
trycloudflare.com
curriculum-chi-physical-humanity.trycloudflare.com |
152 KB |
1 |
cleanpng.com
banner2.cleanpng.com — Cisco Umbrella Rank: 97494 |
54 KB |
1 |
googleusercontent.com
play-lh.googleusercontent.com — Cisco Umbrella Rank: 544 |
11 KB |
1 |
lnk.pw
1 redirects
lnk.pw |
532 B |
1 |
is.gd
1 redirects
is.gd — Cisco Umbrella Rank: 137213 |
324 B |
0 |
minid.no
Failed
login.minid.no Failed |
|
0 |
Failed
function sub() { [native code] }. Failed |
|
27 | 7 |
Domain | Requested by | |
---|---|---|
21 | curriculum-chi-physical-humanity.trycloudflare.com |
curriculum-chi-physical-humanity.trycloudflare.com
|
1 | banner2.cleanpng.com |
curriculum-chi-physical-humanity.trycloudflare.com
|
1 | play-lh.googleusercontent.com |
curriculum-chi-physical-humanity.trycloudflare.com
|
1 | lnk.pw | 1 redirects |
1 | is.gd | 1 redirects |
0 | login.minid.no Failed |
curriculum-chi-physical-humanity.trycloudflare.com
|
0 | invalid Failed |
curriculum-chi-physical-humanity.trycloudflare.com
|
27 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
aktiveringsbrev.minid.no |
eid.difi.no |
www.digdir.no |
Subject Issuer | Validity | Valid | |
---|---|---|---|
trycloudflare.com E1 |
2024-03-28 - 2024-06-26 |
3 months | crt.sh |
edgestatic.com WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
cleanpng.com E1 |
2024-04-20 - 2024-07-19 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://curriculum-chi-physical-humanity.trycloudflare.com/login.html.php
Frame ID: DB229D1F4AA5BC603D696A8D97661E73
Requests: 27 HTTP requests in this frame
Screenshot
Page Title
MinIDPage URL History Show full URLs
-
https://is.gd/52ROFF
HTTP 301
http://lnk.pw/hkwx HTTP 307
https://lnk.pw/hkwx HTTP 302
https://curriculum-chi-physical-humanity.trycloudflare.com/ Page URL
- https://curriculum-chi-physical-humanity.trycloudflare.com/login.html.php Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- jquery-ui.*\.js
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: Bestill ny MinID
Search URL Search Domain Scan URL
Title: Kontaktskjema
Search URL Search Domain Scan URL
Title: Hjelp til innlogging
Search URL Search Domain Scan URL
Title: Sikkerhet og personvern
Search URL Search Domain Scan URL
Title: Digitaliseringsdirektoratet
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://is.gd/52ROFF
HTTP 301
http://lnk.pw/hkwx HTTP 307
https://lnk.pw/hkwx HTTP 302
https://curriculum-chi-physical-humanity.trycloudflare.com/ Page URL
- https://curriculum-chi-physical-humanity.trycloudflare.com/login.html.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://is.gd/52ROFF HTTP 301
- http://lnk.pw/hkwx HTTP 307
- https://lnk.pw/hkwx HTTP 302
- https://curriculum-chi-physical-humanity.trycloudflare.com/
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
curriculum-chi-physical-humanity.trycloudflare.com/ Redirect Chain
|
60 B 283 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
login.html.php
curriculum-chi-physical-humanity.trycloudflare.com/ |
29 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
opensans.css
curriculum-chi-physical-humanity.trycloudflare.com/css/ |
2 KB 587 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonts.css
curriculum-chi-physical-humanity.trycloudflare.com/css/ |
41 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
curriculum-chi-physical-humanity.trycloudflare.com/css/ |
73 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header.js
curriculum-chi-physical-humanity.trycloudflare.com/js/ |
2 KB 732 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
minid-menu.js
curriculum-chi-physical-humanity.trycloudflare.com/js/ |
1 KB 576 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
minid-toggle.js
curriculum-chi-physical-humanity.trycloudflare.com/js/ |
1 KB 620 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
curriculum-chi-physical-humanity.trycloudflare.com/js/ |
164 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.js
curriculum-chi-physical-humanity.trycloudflare.com/js/ |
407 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otp.js
curriculum-chi-physical-humanity.trycloudflare.com/js/ |
770 B 432 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
invalid/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
-K-jQE7-9uZ9DJuQyGk27g84FWb0yuxZ65WK1BybgvryynY4KoiYyjwQOtegXFVEGA
play-lh.googleusercontent.com/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
kisspng-triangle-exclamation-mark-computer-icons-point-5c6a873cc7ba38.9959515515504853088181.jpg
banner2.cleanpng.com/20190218/zzo/ |
53 KB 54 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Digdir-Emblem-Hvit-7c42d89296638c0cdb34fc838ed03870.png
login.minid.no/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Digdir-Emblem-Hvit-7c42d89296638c0cdb34fc838ed03870.png
curriculum-chi-physical-humanity.trycloudflare.com/images/ |
595 B 595 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
open-sans-v34-latin-600-603c99275486a11982874425a0bc0dd1.woff2
curriculum-chi-physical-humanity.trycloudflare.com/fonts/open-sans/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
open-sans-v34-latin-700-e45478d4d6f15dafda1f25d9e0fb5fa1.woff2
curriculum-chi-physical-humanity.trycloudflare.com/fonts/open-sans/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont-af7ae505a9eed503f8b8e6982036873e.woff2
curriculum-chi-physical-humanity.trycloudflare.com/fonts/font-awesome/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
open-sans-v34-latin-regular-e43b535855a4ae53bd5b07a6eeb3bf67.woff2
curriculum-chi-physical-humanity.trycloudflare.com/fonts/open-sans/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
open-sans-v34-latin-600-3e8ff77026941a63b5e7b52147dd435c.woff
curriculum-chi-physical-humanity.trycloudflare.com/fonts/open-sans/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont-fee66e712a8a08eef5805a46892932ad.woff
curriculum-chi-physical-humanity.trycloudflare.com/fonts/font-awesome/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
open-sans-v34-latin-700-dce81ef083f18473a89ab8626b4916cc.woff
curriculum-chi-physical-humanity.trycloudflare.com/fonts/open-sans/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
open-sans-v34-latin-regular-600270a4cedf2a102a1d49e5148e6622.woff
curriculum-chi-physical-humanity.trycloudflare.com/fonts/open-sans/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont-b06871f281fee6b241d60582ae9369b9.ttf
curriculum-chi-physical-humanity.trycloudflare.com/fonts/font-awesome/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
favicon-32x32.png
login.minid.no/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
favicon-16x16.png
login.minid.no/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- invalid
- URL
- chrome-extension://invalid/
- Domain
- login.minid.no
- URL
- https://login.minid.no/images/Digdir-Emblem-Hvit-7c42d89296638c0cdb34fc838ed03870.png
- Domain
- login.minid.no
- URL
- https://login.minid.no/favicon-32x32.png
- Domain
- login.minid.no
- URL
- https://login.minid.no/favicon-16x16.png
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Norwegian Government (Government)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| menuEvents function| minidMenu function| toggleMenues function| toTitleCase function| tempShowPassword function| updateColor function| checkInputs function| validateForm3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.is.gd/ | Name: __cf_bm Value: M9HKoh3C03VPETevXd3ErLsa_CwA8HWBiO6p7p.jcLo-1715692660-1.0.1.1-LEJ_gUwL8vNrB8uaWy.4dyMyM9k7dIoR_RyptLx_Fs3KmdOnkb3V6AHTS0zpzhmzjB9Po.AbE0_ikXjTIgOTSQ |
|
lnk.pw/ | Name: lnk Value: 4c6db393b871bcf5cf1aa2852e9dcb31cbd8a01e |
|
login.minid.no/ | Name: cc384f82c7277a86ae4f94924d025f6c Value: 89193e80aa93717c511fc9da06696aaf |
17 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
banner2.cleanpng.com
curriculum-chi-physical-humanity.trycloudflare.com
invalid
is.gd
lnk.pw
login.minid.no
play-lh.googleusercontent.com
invalid
login.minid.no
104.21.235.208
172.67.133.17
2606:4700:20::ac43:5384
2606:4700::6810:e784
2a00:1450:4001:810::2016
15c2d4c20a92fb3b236d05abd925fde7f4e7dc75a5c8ea5472f2e7b6ebcaa465
1f8744e0674b6e79649f014e84aea5ea1ed7bfd4de579c50920c867c0a416118
2c0544bd54a0df2ee5fdd283878826da2251a96ee158a4508280a768cce3e731
330a9af596b9d760032c63ee2b205c4e1662309905f4878e5b37f5715f4e4689
3b54effdfcdd47f767d9493e50533329e5d12083645f991d5c455659e5f560b3
485ef79d38cf8741f692a1b9d2d858ff433b5250e3fd0156aa2bf1dea7da149e
51d81e781dd63fa0a2d51da083fa4ffc3853ffada04a13dc26ae16aab2eb6894
814d5c8badcc0da5d48f8c4d7a1aaaed08b534f7f4c8d7d422c237f2b4d420d4
81afe33a3a817fcbd14dc22770c60c918acfde84fbb0301d99684ea073ff932c
9edea9671634e107b7b0093d4098f04145ab1af87ec8dee15523e69d5187844e
e6bbe19963980e4e21c0bef25f72ea28349abf2c17b17b957cf7f09486f2f62a
eb07a34939eb0f98953785c421e1cdc5d03f6b8ed3441638688c35ed4f232bb0
eb132e087a7237349f8822f932482e9867f553ed7da477fe2f9024625d89e562