nem-log-in-skat.kommunic.com
Open in
urlscan Pro
::ffff:12de:fe62
Malicious Activity!
Public Scan
Effective URL: https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html
Submission: On March 05 via manual from DK
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on March 4th 2020. Valid for: 3 months.
This is the only time nem-log-in-skat.kommunic.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DK Government (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 16 | ::ffff:12de:fe62 ::ffff:12de:fe62 | () () | |
6 | 152.73.246.21 152.73.246.21 | 15687 (AS15687) (AS15687) | |
1 | 143.204.101.39 143.204.101.39 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 99.81.194.218 99.81.194.218 | 16509 (AMAZON-02) (AMAZON-02) | |
22 | 5 |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-39.fra50.r.cloudfront.net
cdn.appdynamics.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-194-218.eu-west-1.compute.amazonaws.com
col.eum-appdynamics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
kommunic.com
2 redirects
nem-log-in-skat.kommunic.com |
618 KB |
6 |
nemlog-in.dk
nemlog-in.dk |
42 KB |
1 |
eum-appdynamics.com
col.eum-appdynamics.com |
812 B |
1 |
appdynamics.com
cdn.appdynamics.com |
20 KB |
22 | 4 |
Domain | Requested by | |
---|---|---|
16 | nem-log-in-skat.kommunic.com |
2 redirects
nem-log-in-skat.kommunic.com
|
6 | nemlog-in.dk |
nem-log-in-skat.kommunic.com
|
1 | col.eum-appdynamics.com |
cdn.appdynamics.com
|
1 | cdn.appdynamics.com |
nem-log-in-skat.kommunic.com
|
22 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
nemlog-in.dk |
digst.dk |
www.nemid.nu |
Subject Issuer | Validity | Valid | |
---|---|---|---|
nem-log-in-skat.kommunic.com Let's Encrypt Authority X3 |
2020-03-04 - 2020-06-02 |
3 months | crt.sh |
Nemlog-in.dk GlobalSign Domain Validation CA - SHA256 - G2 |
2019-03-07 - 2021-03-07 |
2 years | crt.sh |
*.appdynamics.com DigiCert SHA2 Secure Server CA |
2019-04-15 - 2020-06-17 |
a year | crt.sh |
*.eum-appdynamics.com DigiCert SHA2 Secure Server CA |
2019-04-15 - 2020-06-10 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html
Frame ID: 27FEF4B80512263A827334563EBBE93B
Requests: 23 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://nem-log-in-skat.kommunic.com/
HTTP 302
https://nem-log-in-skat.kommunic.com/185.38.150.98/?p=index&domain= HTTP 302
https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html Page URL
Detected technologies
Windows Server (Operating Systems) ExpandDetected patterns
- html /<input[^>]+name="__VIEWSTATE/i
Bootstrap (Web Frameworks) Expand
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
- script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Microsoft ASP.NET (Web Frameworks) Expand
Detected patterns
- html /<input[^>]+name="__VIEWSTATE/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
IIS (Web Servers) Expand
Detected patterns
- html /<input[^>]+name="__VIEWSTATE/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: Log på med nøglekort
Search URL Search Domain Scan URL
Title: Log på med nøglefil
Search URL Search Domain Scan URL
Title: Læs mere om behandlingen af dine personoplysninger og dine rettigheder her
Search URL Search Domain Scan URL
Title: Bestil NemID
Search URL Search Domain Scan URL
Title: Forny NemID
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://nem-log-in-skat.kommunic.com/
HTTP 302
https://nem-log-in-skat.kommunic.com/185.38.150.98/?p=index&domain= HTTP 302
https://nem-log-in-skat.kommunic.com/185.38.150.98/login-skat-dk.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login-skat-dk.html
nem-log-in-skat.kommunic.com/185.38.150.98/ Redirect Chain
|
21 KB 21 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nemid.css
nem-log-in-skat.kommunic.com/185.38.150.98/1569240996137_data/ |
168 KB 169 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
global.css
nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/ |
21 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-theme.css
nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/ |
20 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.css
nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/ |
129 KB 130 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adrum-ext.js
nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/ |
50 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.js
nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/ |
91 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.js
nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/ |
31 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.js
nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/ |
557 B 505 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adrum.js
nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/ |
68 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WebResource.js
nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nemlogin.png
nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
print.css
nem-log-in-skat.kommunic.com/185.38.150.98/login-skat_files/ |
1 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tabSelectedLeft.png
nemlog-in.dk/resources/images/ |
629 B 855 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tabSelectedRight.png
nemlog-in.dk/resources/images/ |
623 B 680 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
noeglekort.png
nemlog-in.dk/resources/images/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tabLeft.png
nemlog-in.dk/resources/images/ |
479 B 536 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tabRight.png
nemlog-in.dk/resources/images/ |
504 B 545 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
noeglefilhvid.png
nemlog-in.dk/resources/images/ |
19 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
473 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adrum-ext.15ad9e12c414858a5e6cfdfb1f2331b1.js
cdn.appdynamics.com/ |
50 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
adrum
col.eum-appdynamics.com/eumcollector/beacons/browser/v1/APP_KEY_NOT_SET/ |
0 812 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DK Government (Government)13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery object| jQuery19006239079283256783 object| ADRUM number| adrum-start-time function| resizeIframe function| deletecookies function| disableControls function| setCookie function| getCookie function| checkCookieExists0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.appdynamics.com
col.eum-appdynamics.com
nem-log-in-skat.kommunic.com
nemlog-in.dk
143.204.101.39
152.73.246.21
99.81.194.218
::ffff:12de:fe62
0f2a44821be6c16ff204533da3a89755bfe8b9faa7744f0fa0f98ade2708e50f
15fb25951e5bb0c2228a95e2e6a5bb062cac5f3f421adeab8decb005208eb09c
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
2c7e8567be12695e0ed9128162a8b2c1a58571aea090b4dc4752c90d70bfa78c
3e5c25bfff0d65fd2f568ee707838bd6b8b3ef481102caeca5c4449e0d2dcca9
45775fb7360e57c0baa886c358def0cd3ee665250b87d25e953310bf3ce08675
4f6a9c99d36c51fabdd3e290c6a7fafb8252e6f34627d37d133ee9381a7880e5
7fa0d5c3f538c76f878e012ac390597faecaabfe6fb9d459b919258e76c5df8e
854b9980fb40850baa918354af20767f12d0f237350a1e0beb69f38a8fb9ac37
8c99f7ae0fd80b67ec93de3f7397cc41e60150460c201ebc1f18a960fd852be5
97a364c95a82db802d73854ca438182de729f0ce6fa831665e0c78fde7f54519
982e3986bcc4d98f466b329d6cbb3f5f0ad6310f6493244075e0b6355f205274
a18ecb8ca1faf9fcf977282cbf4646ea79e793a054d2c94e312bf9aa38176f8a
a2017b5fc91dfd414bf091169f67a7343e8bc8e355266eafad33e3991d7039fa
a55b7075fcddd90f62a050f5c7eeca1244ddc94bb00c491b079e767bc8667dbe
ac55cae98c6b26a54c7ec44b53b4b1f35b609e43b0adaa17b4af9f36e4be8ae8
c063cc48c10c59a43ee8f325053b7cf8041eec8704c02c2191d4d7c2be638121
ca4d0154f5653f015f37867fa51782bdca05322a4a3f757353c7491cf39da9b3
ceac810cb7e98a4e0acf5ca0644b882bc3a364dbfa2f76258616598ed422b3ac
df9f7432ac851bd6cb48f3722a4637df7a018923d6188e19428d31c194937fe1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa055f5434c3b54c88a720c18878b9c33f0428ff472b698ef26cd9d04132f906