auth-serveronline-serv.de
Open in
urlscan Pro
172.67.200.113
Malicious Activity!
Public Scan
Submission: On May 15 via manual from NO — Scanned from NO
Summary
TLS certificate: Issued by GTS CA 1P5 on April 21st 2024. Valid for: 3 months.
This is the only time auth-serveronline-serv.de was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Community Verdicts: Malicious — 1 votes Show Verdicts
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 172.67.200.113 172.67.200.113 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.17.248.203 104.17.248.203 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 216.58.206.42 216.58.206.42 | 15169 (GOOGLE) (GOOGLE) | |
6 | 4 |
ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f10.1e100.net
fonts.googleapis.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
auth-serveronline-serv.de
auth-serveronline-serv.de |
157 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33 |
1 KB |
1 |
unpkg.com
unpkg.com — Cisco Umbrella Rank: 771 |
16 KB |
6 | 3 |
Domain | Requested by | |
---|---|---|
4 | auth-serveronline-serv.de |
auth-serveronline-serv.de
|
1 | fonts.googleapis.com |
auth-serveronline-serv.de
|
1 | unpkg.com |
auth-serveronline-serv.de
|
6 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
auth-serveronline-serv.de GTS CA 1P5 |
2024-04-21 - 2024-07-20 |
3 months | crt.sh |
unpkg.com GTS CA 1P5 |
2024-04-01 - 2024-06-30 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://auth-serveronline-serv.de/Skatteetatennorpersonbetaling-og-innkrevinggenereltominnkrevinginnkrevingssentralenforbidragogtilbakebetalingskrav/
Frame ID: D34CD4B81CCCAA469F59F7E74AACB0CB
Requests: 11 HTTP requests in this frame
Screenshot
Page Title
SkatteetatenPage URL History Show full URLs
- https://auth-serveronline-serv.de/Skatteetatennorpersonbetaling-og-innkrevinggenereltominnkrevinginnkrevingsse... Page URL
- https://auth-serveronline-serv.de/Skatteetatennorpersonbetaling-og-innkrevinggenereltominnkrevinginnkrevingsse... Page URL
Detected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://auth-serveronline-serv.de/Skatteetatennorpersonbetaling-og-innkrevinggenereltominnkrevinginnkrevingssentralenforbidragogtilbakebetalingskrav/ Page URL
- https://auth-serveronline-serv.de/Skatteetatennorpersonbetaling-og-innkrevinggenereltominnkrevinginnkrevingssentralenforbidragogtilbakebetalingskrav/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
auth-serveronline-serv.de/Skatteetatennorpersonbetaling-og-innkrevinggenereltominnkrevinginnkrevingssentralenforbidragogtilbakebetalingskrav/ |
298 B 684 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
auth-serveronline-serv.de/ |
315 B 555 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
auth-serveronline-serv.de/Skatteetatennorpersonbetaling-og-innkrevinggenereltominnkrevinginnkrevingssentralenforbidragogtilbakebetalingskrav/ |
293 KB 143 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boxicons.min.css
unpkg.com/boxicons@2.1.4/css/ |
66 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
23 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
8 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
25 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
84 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
code.js
auth-serveronline-serv.de/Skatteetatennorpersonbetaling-og-innkrevinggenereltominnkrevinginnkrevingssentralenforbidragogtilbakebetalingskrav/ |
45 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Malicious
page.url
Submitted on
May 15th 2024, 8:27:34 am
UTC —
From Norway
Threats:
Phishing
Brand Impersonation
Brands:
Skatteetaten
NO
Comment: Phishing targeting Norwegian Tax Administation (Skatteetaten)
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onorientationchange number| orientation number| WAITING_DURATION string| ACTUAL_LINK object| Tables object| _tables number| width number| height object| jscd1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
auth-serveronline-serv.de/ | Name: pass Value: 158.248.14.51 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
auth-serveronline-serv.de
fonts.googleapis.com
unpkg.com
104.17.248.203
172.67.200.113
216.58.206.42
02aeb26b70fc884985efbb066f75f3c02254029e26ff61828b76b6c4ebc9249f
1d9b7bf1e990d15afc2dbe9bb849ba4e3092c82061f6bb8783e3b7c21895546b
29036c843d081234f47c2bf875330eddd7984255285395ca13029e1ef3245d9c
3a5a6afc4b6a0fd649268e39acd215290c412f91ef168c8838bf4ae401fe2ac5
59b36c5e0c101fb8865e4c8a65450c3a07b93a4503f7da086561e0fc9dccad17
620eea24b0cee1d8cc8395c80f295cf2e7b6fab962493c26b49a8d42b63a4dc9
aaf0fd7258e4f9b4a8beacb41bf0d338c5e1e1760c4ee4de66596d1b4005e84e
aff1dd9aa5a743ab2db4492bb6fd63edc8571c6f405a7fd687700fc0e681ff37
bfde8c54a881d817947f982840cf7963dd028c4a09d62642d9763b60aa587307
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
ed9e22ea83580877b1699aace1d2e3a49a0e31a9e912f9e9333c94b655e238eb