enroll.3dsecure.no
Open in
urlscan Pro
93.190.87.70
Malicious Activity!
Public Scan
Submission: On October 04 via api from LT
Summary
TLS certificate: Issued by GlobalSign Extended Validation CA - S... on October 25th 2017. Valid for: 2 years.
This is the only time enroll.3dsecure.no was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 93.190.87.70 93.190.87.70 | 200163 (NO-ITERAN...) (NO-ITERANETWORKS) | |
10 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
3dsecure.no
enroll.3dsecure.no |
164 KB |
10 | 1 |
Domain | Requested by | |
---|---|---|
10 | enroll.3dsecure.no |
enroll.3dsecure.no
|
10 | 1 |
Subject Issuer | Validity | Valid | |
---|---|---|---|
enroll.3dsecure.no GlobalSign Extended Validation CA - SHA256 - G3 |
2017-10-25 - 2019-12-14 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://enroll.3dsecure.no/nets-nemid-enroller/EnrollSite;jsessionid=82BB49D605BF443339CB0016CF54A913;jsessionid=14520AEE5F5016C196FF1E250A508E63?action=exit
Frame ID: 6E37CB4CDC90201D9C9AF78DD03DBB64
Requests: 10 HTTP requests in this frame
Screenshot
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: her
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
EnrollSite;jsessionid=82BB49D605BF443339CB0016CF54A913;jsessionid=14520AEE5F5016C196FF1E250A508E63
enroll.3dsecure.no/nets-nemid-enroller/ |
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nets.css
enroll.3dsecure.no/nets-nemid-enroller/templates/css/ |
9 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gh-buttons.css
enroll.3dsecure.no/nets-nemid-enroller/templates/css/ |
13 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.3.1.min.js
enroll.3dsecure.no/nets-nemid-enroller/templates/js/ |
85 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
EnrollmentBanner.jpg
enroll.3dsecure.no/nets-nemid-enroller/templates/images/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Dankort_logo.svg
enroll.3dsecure.no/nets-nemid-enroller/templates/images/ |
15 KB 16 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1.svg
enroll.3dsecure.no/nets-nemid-enroller/templates/images/ |
7 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2.svg
enroll.3dsecure.no/nets-nemid-enroller/templates/images/ |
10 KB 11 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gb.svg
enroll.3dsecure.no/nets-nemid-enroller/templates/images/ |
956 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gh-icons.png
enroll.3dsecure.no/nets-nemid-enroller/templates/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic (Online)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
enroll.3dsecure.no
93.190.87.70
018c7d12a799726510b7d6e7ce4a18023b3f70aded8102d3cdee725f34175658
15de3acd388cf461e6bdf505c13c6a8640d39b9e045605d053c52d1a7bffc09e
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
4cde4cfe55ed120a8d7824c407800bd6b5edfda61450a2c01362028541aada8a
6623c0eea1ab88b6c9a9fd0a25840330526399854a8f9accaac7cbda5a69f69b
a1ffea9d14044badd0bc19eeaefa60ec451d695ecfe2cd2df8e4f470802daa6a
b3603cc7c70fc93e4aa8ebb628c293378ae9dbff7cad4044d853fccf77ed9d8d
bd1ea09fad45baf78942c83b8a13ca23237df4f3fd910c8877ecbfe94f335010
d85f0f149b4390bed6624bc30ca2cbfa37d394f14474fcf81d63363ad363e284
e5a37fb4377aa61107c7be4b6465bca44b4460acf182115560169dc9c8aa9211