nem-log-in-skat.kommunic.com Open in urlscan Pro
::ffff:12de:fe62 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://nem-log-in-skat.kommunic.com/
Effective URL:
https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html
Submission: On March 05 via manual (March 5th 2020, 9:22:53 am UTC) from DK

Summary HTTP 22 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 22 HTTP transactions. The main IP is ::ffff:12de:fe62, located in United States and belongs to . The main domain is nem-log-in-skat.kommunic.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 4th 2020. Valid for: 3 months.

This is the only time nem-log-in-skat.kommunic.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DK Government (Government)

Domain & IP information

	IP Address	AS Autonomous System
2 16	::ffff:12de:fe62 ::ffff:12de:fe62	() ()
6	152.73.246.21 152.73.246.21	15687 (AS15687) (AS15687)
1	143.204.101.39 143.204.101.39	16509 (AMAZON-02) (AMAZON-02)
1	99.81.194.218 99.81.194.218	16509 (AMAZON-02) (AMAZON-02)
22	5

16 ::ffff:12de:fe62 (United States) 2 redirects

ASN- ()

nem-log-in-skat.kommunic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 152.73.246.21 (Virum, Denmark)

ASN15687 (AS15687, DK)

nemlog-in.dk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.39 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-39.fra50.r.cloudfront.net

cdn.appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.194.218 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-194-218.eu-west-1.compute.amazonaws.com

col.eum-appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	kommunic.com 2 redirects nem-log-in-skat.kommunic.com	618 KB
6	nemlog-in.dk nemlog-in.dk	42 KB
1	eum-appdynamics.com col.eum-appdynamics.com	812 B
1	appdynamics.com cdn.appdynamics.com	20 KB
22	4

	Domain	Requested by
16	nem-log-in-skat.kommunic.com	2 redirects nem-log-in-skat.kommunic.com
6	nemlog-in.dk	nem-log-in-skat.kommunic.com
1	col.eum-appdynamics.com	cdn.appdynamics.com
1	cdn.appdynamics.com	nem-log-in-skat.kommunic.com
22	4

This site contains links to these domains. Also see Links.

Domain
nemlog-in.dk
digst.dk
www.nemid.nu

Subject Issuer	Validity	Valid
nem-log-in-skat.kommunic.com Let's Encrypt Authority X3	`2020-03-04` - `2020-06-02`	3 months	crt.sh
Nemlog-in.dk GlobalSign Domain Validation CA - SHA256 - G2	`2019-03-07` - `2021-03-07`	2 years	crt.sh
*.appdynamics.com DigiCert SHA2 Secure Server CA	`2019-04-15` - `2020-06-17`	a year	crt.sh
*.eum-appdynamics.com DigiCert SHA2 Secure Server CA	`2019-04-15` - `2020-06-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html
Frame ID: 27FEF4B80512263A827334563EBBE93B
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://nem-log-in-skat.kommunic.com/ HTTP 302
https://nem-log-in-skat.kommunic.com/185.38.150.98/?p=index&domain= HTTP 302
https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 50%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

22
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

680 kB
Transfer

707 kB
Size

0
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://nemlog-in.dk/login.aspx/noeglekort
Title: Log på med nøglekort

Search URL Search Domain Scan URL

URL: https://nemlog-in.dk/login.aspx/noeglefil
Title: Log på med nøglefil

Search URL Search Domain Scan URL

URL: https://digst.dk/it-loesninger/nemlog-in/om-loesningen/persondata/
Title: Læs mere om behandlingen af dine personoplysninger og dine rettigheder her

Search URL Search Domain Scan URL

URL: https://www.nemid.nu/
Title: Bestil NemID

Search URL Search Domain Scan URL

URL: https://www.nemid.nu/dk-da/selvbetjening/forny_nemid/
Title: Forny NemID

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://nem-log-in-skat.kommunic.com/ HTTP 302
https://nem-log-in-skat.kommunic.com/185.38.150.98/?p=index&domain= HTTP 302
https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login-skat-dk.html Show response nem-log-in-skat.kommunic.com/185.38.150.98/ Redirect Chain https://nem-log-in-skat.kommunic.com/ https://nem-log-in-skat.kommunic.com/185.38.150.98/?p=index&domain= https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html	21 KB 21 KB	271ms 270ms	Document text/html	::ffff:12de:fe62
General Check archive.org Show headers Download Go to Full URL https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server ::ffff:12de:fe62 , United States, ASN (), Reverse DNS Software nginx / PleskLin Resource Hash `a2017b5fc91dfd414bf091169f67a7343e8bc8e355266eafad33e3991d7039fa` Request headers :method GET :authority nem-log-in-skat.kommunic.com :scheme https :path /185.38.150.98/login-skat-dk.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest document accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers status 200 server nginx date Thu, 05 Mar 2020 09:22:34 GMT content-type text/html content-length 21808 last-modified Thu, 05 Mar 2020 09:22:33 GMT etag "5e60c4d9-5530" x-powered-by PleskLin accept-ranges bytes Redirect headers status 302 server nginx date Thu, 05 Mar 2020 09:22:33 GMT content-type text/html; charset=UTF-8 content-length 0 x-powered-by PHP/7.4.3 PleskLin location login-skat-dk.html
GET H2	200	nemid.css nem-log-in-skat.kommunic.com/185.38.150.98/1569240996137_data/	168 KB 169 KB	486ms 484ms	Stylesheet text/css	::ffff:12de:fe62
General Check archive.org Show headers Download Go to Full URL https://nem-log-in-skat.kommunic.com/185.38.150.98/1569240996137_data/nemid.css Requested by Host: nem-log-in-skat.kommunic.com URL: https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server ::ffff:12de:fe62 , United States, ASN (), Reverse DNS Software nginx / PleskLin Resource Hash `8c99f7ae0fd80b67ec93de3f7397cc41e60150460c201ebc1f18a960fd852be5` Request headers Referer https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Thu, 05 Mar 2020 09:22:34 GMT last-modified Thu, 05 Mar 2020 09:22:33 GMT server nginx x-powered-by PleskLin etag "5e60c4d9-2a1dd" content-type text/css status 200 accept-ranges bytes content-length 172509
GET H2	200	global.css nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/	21 KB 21 KB	678ms 676ms	Stylesheet text/css	::ffff:12de:fe62
General Check archive.org Show headers Download Go to Full URL https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/global.css Requested by Host: nem-log-in-skat.kommunic.com URL: https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server ::ffff:12de:fe62 , United States, ASN (), Reverse DNS Software nginx / PleskLin Resource Hash `2c7e8567be12695e0ed9128162a8b2c1a58571aea090b4dc4752c90d70bfa78c` Request headers Referer https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Thu, 05 Mar 2020 09:22:34 GMT last-modified Thu, 05 Mar 2020 09:22:33 GMT server nginx x-powered-by PleskLin etag "5e60c4d9-531d" content-type text/css status 200 accept-ranges bytes content-length 21277
GET H2	200	bootstrap-theme.css nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/	20 KB 20 KB	679ms 677ms	Stylesheet text/css	::ffff:12de:fe62
General Check archive.org Show headers Download Go to Full URL https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/bootstrap-theme.css Requested by Host: nem-log-in-skat.kommunic.com URL: https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server ::ffff:12de:fe62 , United States, ASN (), Reverse DNS Software nginx / PleskLin Resource Hash `ac55cae98c6b26a54c7ec44b53b4b1f35b609e43b0adaa17b4af9f36e4be8ae8` Request headers Referer https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Thu, 05 Mar 2020 09:22:34 GMT last-modified Thu, 05 Mar 2020 09:22:33 GMT server nginx x-powered-by PleskLin etag "5e60c4d9-4fbd" content-type text/css status 200 accept-ranges bytes content-length 20413
GET H2	200	bootstrap.css nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/	129 KB 130 KB	679ms 677ms	Stylesheet text/css	::ffff:12de:fe62
General Check archive.org Show headers Download Go to Full URL https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/bootstrap.css Requested by Host: nem-log-in-skat.kommunic.com URL: https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server ::ffff:12de:fe62 , United States, ASN (), Reverse DNS Software nginx / PleskLin Resource Hash `fa055f5434c3b54c88a720c18878b9c33f0428ff472b698ef26cd9d04132f906` Request headers Referer https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Thu, 05 Mar 2020 09:22:34 GMT last-modified Thu, 05 Mar 2020 09:22:33 GMT server nginx x-powered-by PleskLin etag "5e60c4d9-205b7" content-type text/css status 200 accept-ranges bytes content-length 132535
GET H2	200	adrum-ext.js Show response nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/	50 KB 50 KB	679ms 677ms	Script application/javascript	::ffff:12de:fe62
General Check archive.org Show headers Download Go to Full URL https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/adrum-ext.js Requested by Host: nem-log-in-skat.kommunic.com URL: https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server ::ffff:12de:fe62 , United States, ASN (), Reverse DNS Software nginx / PleskLin Resource Hash `c063cc48c10c59a43ee8f325053b7cf8041eec8704c02c2191d4d7c2be638121` Request headers Referer https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Thu, 05 Mar 2020 09:22:34 GMT last-modified Thu, 05 Mar 2020 09:22:33 GMT server nginx x-powered-by PleskLin etag "5e60c4d9-c893" content-type application/javascript status 200 accept-ranges bytes content-length 51347
GET H2	200	jquery-1.js Show response nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/	91 KB 91 KB	679ms 677ms	Script application/javascript	::ffff:12de:fe62
General Check archive.org Show headers Download Go to Full URL https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/jquery-1.js Requested by Host: nem-log-in-skat.kommunic.com URL: https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server ::ffff:12de:fe62 , United States, ASN (), Reverse DNS Software nginx / PleskLin Resource Hash `7fa0d5c3f538c76f878e012ac390597faecaabfe6fb9d459b919258e76c5df8e` Request headers Referer https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Thu, 05 Mar 2020 09:22:34 GMT last-modified Thu, 05 Mar 2020 09:22:33 GMT server nginx x-powered-by PleskLin etag "5e60c4d9-16b8f" content-type application/javascript status 200 accept-ranges bytes content-length 93071
GET H2	200	bootstrap.js Show response nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/	31 KB 31 KB	679ms 677ms	Script application/javascript	::ffff:12de:fe62
General Check archive.org Show headers Download Go to Full URL https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/bootstrap.js Requested by Host: nem-log-in-skat.kommunic.com URL: https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server ::ffff:12de:fe62 , United States, ASN (), Reverse DNS Software nginx / PleskLin Resource Hash `24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f` Request headers Referer https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Thu, 05 Mar 2020 09:22:34 GMT last-modified Thu, 05 Mar 2020 09:22:33 GMT server nginx x-powered-by PleskLin etag "5e60c4d9-7c4b" content-type application/javascript status 200 accept-ranges bytes content-length 31819
GET H2	200	jquery.js Show response nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/	4 KB 4 KB	678ms 676ms	Script application/javascript	::ffff:12de:fe62
General Check archive.org Show headers Download Go to Full URL https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/jquery.js Requested by Host: nem-log-in-skat.kommunic.com URL: https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server ::ffff:12de:fe62 , United States, ASN (), Reverse DNS Software nginx / PleskLin Resource Hash `4f6a9c99d36c51fabdd3e290c6a7fafb8252e6f34627d37d133ee9381a7880e5` Request headers Referer https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Thu, 05 Mar 2020 09:22:34 GMT last-modified Thu, 05 Mar 2020 09:22:33 GMT server nginx x-powered-by PleskLin etag "5e60c4d9-1096" content-type application/javascript status 200 accept-ranges bytes content-length 4246
GET H2	200	common.js Show response nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/	557 B 505 B	677ms 676ms	Script application/javascript	::ffff:12de:fe62
General Check archive.org Show headers Download Go to Full URL https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/common.js Requested by Host: nem-log-in-skat.kommunic.com URL: https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server ::ffff:12de:fe62 , United States, ASN (), Reverse DNS Software nginx / PleskLin Resource Hash `a55b7075fcddd90f62a050f5c7eeca1244ddc94bb00c491b079e767bc8667dbe` Request headers Referer https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Thu, 05 Mar 2020 09:22:34 GMT content-encoding gzip etag W/"22d-5a01813afe9d8-gzip" last-modified Thu, 05 Mar 2020 09:22:33 GMT server nginx x-powered-by PleskLin vary Accept-Encoding content-type application/javascript status 200 x-accel-version 0.01 accept-ranges bytes content-length 287
GET H2	200	adrum.js Show response nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/	68 KB 68 KB	677ms 675ms	Script application/javascript	::ffff:12de:fe62
General Check archive.org Show headers Download Go to Full URL https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/adrum.js Requested by Host: nem-log-in-skat.kommunic.com URL: https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server ::ffff:12de:fe62 , United States, ASN (), Reverse DNS Software nginx / PleskLin Resource Hash `982e3986bcc4d98f466b329d6cbb3f5f0ad6310f6493244075e0b6355f205274` Request headers Referer https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Thu, 05 Mar 2020 09:22:34 GMT last-modified Thu, 05 Mar 2020 09:22:33 GMT server nginx x-powered-by PleskLin etag "5e60c4d9-10fd8" content-type application/javascript status 200 accept-ranges bytes content-length 69592
GET H2	200	WebResource.js Show response nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/	4 KB 4 KB	677ms 676ms	Script application/javascript	::ffff:12de:fe62
General Check archive.org Show headers Download Go to Full URL https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/WebResource.js Requested by Host: nem-log-in-skat.kommunic.com URL: https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server ::ffff:12de:fe62 , United States, ASN (), Reverse DNS Software nginx / PleskLin Resource Hash `3e5c25bfff0d65fd2f568ee707838bd6b8b3ef481102caeca5c4449e0d2dcca9` Request headers Referer https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Thu, 05 Mar 2020 09:22:34 GMT last-modified Thu, 05 Mar 2020 09:22:33 GMT server nginx x-powered-by PleskLin etag "5e60c4d9-1101" content-type application/javascript status 200 accept-ranges bytes content-length 4353
GET H2	200	nemlogin.png nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/	5 KB 5 KB	679ms 677ms	Image image/png	::ffff:12de:fe62
General Check archive.org Show headers Download Go to Show image Full URL https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/nemlogin.png Requested by Host: nem-log-in-skat.kommunic.com URL: https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server ::ffff:12de:fe62 , United States, ASN (), Reverse DNS Software nginx / PleskLin Resource Hash `df9f7432ac851bd6cb48f3722a4637df7a018923d6188e19428d31c194937fe1` Request headers Referer https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Thu, 05 Mar 2020 09:22:34 GMT last-modified Thu, 05 Mar 2020 09:22:33 GMT server nginx x-powered-by PleskLin etag "5e60c4d9-133e" content-type image/png status 200 accept-ranges bytes content-length 4926
GET H2	200	print.css nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/	1 KB 2 KB	150ms 149ms	Stylesheet text/css	::ffff:12de:fe62
General Check archive.org Show headers Download Go to Full URL https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/print.css Requested by Host: nem-log-in-skat.kommunic.com URL: https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server ::ffff:12de:fe62 , United States, ASN (), Reverse DNS Software nginx / PleskLin Resource Hash `15fb25951e5bb0c2228a95e2e6a5bb062cac5f3f421adeab8decb005208eb09c` Request headers Referer https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Thu, 05 Mar 2020 09:22:35 GMT last-modified Thu, 05 Mar 2020 09:22:33 GMT server nginx x-powered-by PleskLin etag "5e60c4d9-5ca" content-type text/css status 200 accept-ranges bytes content-length 1482
GET H2	200	tabSelectedLeft.png nemlog-in.dk/resources/images/	629 B 855 B	156ms 41ms	Image image/png	152.73.246.21 AS15687
General Check archive.org Show headers Download Go to Show image Full URL https://nemlog-in.dk/resources/images/tabSelectedLeft.png Requested by Host: nem-log-in-skat.kommunic.com URL: https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/jquery-1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 152.73.246.21 Virum, Denmark, ASN15687 (AS15687, DK), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash `ceac810cb7e98a4e0acf5ca0644b882bc3a364dbfa2f76258616598ed422b3ac` Request headers Referer https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/global.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Thu, 05 Mar 2020 09:22:34 GMT last-modified Thu, 28 Nov 2019 11:01:38 GMT server Microsoft-IIS/10.0 etag "d7205535dba5d51:0" p3p CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" status 200 accept-ranges bytes content-type image/png content-length 629 x-ua-compatible requiresActiveX=true
GET H2	200	tabSelectedRight.png nemlog-in.dk/resources/images/	623 B 680 B	157ms 41ms	Image image/png	152.73.246.21 AS15687
General Check archive.org Show headers Download Go to Show image Full URL https://nemlog-in.dk/resources/images/tabSelectedRight.png Requested by Host: nem-log-in-skat.kommunic.com URL: https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/jquery-1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 152.73.246.21 Virum, Denmark, ASN15687 (AS15687, DK), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash `0f2a44821be6c16ff204533da3a89755bfe8b9faa7744f0fa0f98ade2708e50f` Request headers Referer https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/global.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Thu, 05 Mar 2020 09:22:34 GMT last-modified Thu, 28 Nov 2019 11:01:38 GMT server Microsoft-IIS/10.0 etag "2485535dba5d51:0" p3p CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" status 200 accept-ranges bytes content-type image/png content-length 623 x-ua-compatible requiresActiveX=true
GET H2	200	noeglekort.png nemlog-in.dk/resources/images/	20 KB 20 KB	177ms 61ms	Image image/png	152.73.246.21 AS15687
General Check archive.org Show headers Download Go to Show image Full URL https://nemlog-in.dk/resources/images/noeglekort.png Requested by Host: nem-log-in-skat.kommunic.com URL: https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/jquery-1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 152.73.246.21 Virum, Denmark, ASN15687 (AS15687, DK), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash `45775fb7360e57c0baa886c358def0cd3ee665250b87d25e953310bf3ce08675` Request headers Referer https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/global.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Thu, 05 Mar 2020 09:22:34 GMT last-modified Thu, 28 Nov 2019 11:01:38 GMT server Microsoft-IIS/10.0 etag "99845435dba5d51:0" p3p CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" status 200 accept-ranges bytes content-type image/png content-length 20767 x-ua-compatible requiresActiveX=true
GET H2	200	tabLeft.png nemlog-in.dk/resources/images/	479 B 536 B	157ms 41ms	Image image/png	152.73.246.21 AS15687
General Check archive.org Show headers Download Go to Show image Full URL https://nemlog-in.dk/resources/images/tabLeft.png Requested by Host: nem-log-in-skat.kommunic.com URL: https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/jquery-1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 152.73.246.21 Virum, Denmark, ASN15687 (AS15687, DK), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash `a18ecb8ca1faf9fcf977282cbf4646ea79e793a054d2c94e312bf9aa38176f8a` Request headers Referer https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/global.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Thu, 05 Mar 2020 09:22:34 GMT last-modified Thu, 28 Nov 2019 11:01:38 GMT server Microsoft-IIS/10.0 etag "cbf95435dba5d51:0" p3p CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" status 200 accept-ranges bytes content-type image/png content-length 479 x-ua-compatible requiresActiveX=true
GET H2	200	tabRight.png nemlog-in.dk/resources/images/	504 B 545 B	179ms 64ms	Image image/png	152.73.246.21 AS15687
General Check archive.org Show headers Download Go to Show image Full URL https://nemlog-in.dk/resources/images/tabRight.png Requested by Host: nem-log-in-skat.kommunic.com URL: https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/jquery-1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 152.73.246.21 Virum, Denmark, ASN15687 (AS15687, DK), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash `854b9980fb40850baa918354af20767f12d0f237350a1e0beb69f38a8fb9ac37` Request headers Referer https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/global.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Thu, 05 Mar 2020 09:22:34 GMT last-modified Thu, 28 Nov 2019 11:01:38 GMT server Microsoft-IIS/10.0 etag "d7205535dba5d51:0" p3p CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" status 200 accept-ranges bytes content-type image/png content-length 504 x-ua-compatible requiresActiveX=true
GET H2	200	noeglefilhvid.png nemlog-in.dk/resources/images/	19 KB 19 KB	187ms 72ms	Image image/png	152.73.246.21 AS15687
General Check archive.org Show headers Download Go to Show image Full URL https://nemlog-in.dk/resources/images/noeglefilhvid.png Requested by Host: nem-log-in-skat.kommunic.com URL: https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/jquery-1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 152.73.246.21 Virum, Denmark, ASN15687 (AS15687, DK), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash `97a364c95a82db802d73854ca438182de729f0ce6fa831665e0c78fde7f54519` Request headers Referer https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/global.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Thu, 05 Mar 2020 09:22:34 GMT last-modified Thu, 28 Nov 2019 11:01:38 GMT server Microsoft-IIS/10.0 etag "895d5435dba5d51:0" p3p CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" status 200 accept-ranges bytes content-type image/png content-length 19044 x-ua-compatible requiresActiveX=true
GET DATA	200 OK	truncated /	473 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `ca4d0154f5653f015f37867fa51782bdca05322a4a3f757353c7491cf39da9b3` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	adrum-ext.15ad9e12c414858a5e6cfdfb1f2331b1.js Show response cdn.appdynamics.com/	50 KB 20 KB	172ms 59ms	Script application/javascript	143.204.101.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.appdynamics.com/adrum-ext.15ad9e12c414858a5e6cfdfb1f2331b1.js Requested by Host: nem-log-in-skat.kommunic.com URL: https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/adrum.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.101.39 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-101-39.fra50.r.cloudfront.net Software nginx/1.10.2 / Resource Hash `c063cc48c10c59a43ee8f325053b7cf8041eec8704c02c2191d4d7c2be638121` Request headers Referer https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 11 Feb 2020 19:28:03 GMT content-encoding gzip age 1950872 x-cache Hit from cloudfront status 200 via 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront) last-modified Wed, 26 Sep 2018 23:59:21 GMT server nginx/1.10.2 etag W/"5bac1d59-c890" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * cache-control public, max-age=2678400, s-max-age=14400 x-amz-cf-pop FRA50-C1 timing-allow-origin * access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id L63uxf_heMyyrloCQawSqfhjp4t8Z2edvBImgBP5WRwwLrF4h5FVnw==
POST H/1.1	200 OK	adrum Show response col.eum-appdynamics.com/eumcollector/beacons/browser/v1/APP_KEY_NOT_SET/	0 812 B	212ms 31ms	XHR text/html	99.81.194.218 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://col.eum-appdynamics.com/eumcollector/beacons/browser/v1/APP_KEY_NOT_SET/adrum Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum-ext.15ad9e12c414858a5e6cfdfb1f2331b1.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.81.194.218 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-99-81-194-218.eu-west-1.compute.amazonaws.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html Origin https://nem-log-in-skat.kommunic.com Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-type text/plain Response headers Pragma no-cache Date Thu, 05 Mar 2020 09:22:36 GMT Vary * Content-Type text/html Access-Control-Allow-Origin * Cache-Control private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0 Connection keep-alive Content-Length 0 Expires 0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DK Government (Government)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/adrum.js(Line 111) Message: AppDynamics EUM cloud application key missing. Please specify window['adrum-app-key']

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.appdynamics.com
col.eum-appdynamics.com
nem-log-in-skat.kommunic.com
nemlog-in.dk
143.204.101.39
152.73.246.21
99.81.194.218
::ffff:12de:fe62
0f2a44821be6c16ff204533da3a89755bfe8b9faa7744f0fa0f98ade2708e50f
15fb25951e5bb0c2228a95e2e6a5bb062cac5f3f421adeab8decb005208eb09c
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
2c7e8567be12695e0ed9128162a8b2c1a58571aea090b4dc4752c90d70bfa78c
3e5c25bfff0d65fd2f568ee707838bd6b8b3ef481102caeca5c4449e0d2dcca9
45775fb7360e57c0baa886c358def0cd3ee665250b87d25e953310bf3ce08675
4f6a9c99d36c51fabdd3e290c6a7fafb8252e6f34627d37d133ee9381a7880e5
7fa0d5c3f538c76f878e012ac390597faecaabfe6fb9d459b919258e76c5df8e
854b9980fb40850baa918354af20767f12d0f237350a1e0beb69f38a8fb9ac37
8c99f7ae0fd80b67ec93de3f7397cc41e60150460c201ebc1f18a960fd852be5
97a364c95a82db802d73854ca438182de729f0ce6fa831665e0c78fde7f54519
982e3986bcc4d98f466b329d6cbb3f5f0ad6310f6493244075e0b6355f205274
a18ecb8ca1faf9fcf977282cbf4646ea79e793a054d2c94e312bf9aa38176f8a
a2017b5fc91dfd414bf091169f67a7343e8bc8e355266eafad33e3991d7039fa
a55b7075fcddd90f62a050f5c7eeca1244ddc94bb00c491b079e767bc8667dbe
ac55cae98c6b26a54c7ec44b53b4b1f35b609e43b0adaa17b4af9f36e4be8ae8
c063cc48c10c59a43ee8f325053b7cf8041eec8704c02c2191d4d7c2be638121
ca4d0154f5653f015f37867fa51782bdca05322a4a3f757353c7491cf39da9b3
ceac810cb7e98a4e0acf5ca0644b882bc3a364dbfa2f76258616598ed422b3ac
df9f7432ac851bd6cb48f3722a4637df7a018923d6188e19428d31c194937fe1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa055f5434c3b54c88a720c18878b9c33f0428ff472b698ef26cd9d04132f906

nem-log-in-skat.kommunic.com Open in urlscan Pro ::ffff:12de:fe62 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

5 IPs

3 Countries

680 kBTransfer

707 kBSize

0 Cookies

5 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

13 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

nem-log-in-skat.kommunic.com Open in urlscan Pro
::ffff:12de:fe62 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

680 kB
Transfer

707 kB
Size

0
Cookies

22 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!