cert.login.opdater.app.3-142-69-235.cprapid.com
Open in
urlscan Pro
3.142.69.235
Malicious Activity!
Public Scan
URL:
https://cert.login.opdater.app.3-142-69-235.cprapid.com/mitid/dklogin.php
Submission: On March 03 via api from JP — Scanned from JP
Submission: On March 03 via api from JP — Scanned from JP
Summary
This website contacted 17 IPs
in 4 countries
across 14 domains to perform 55 HTTP transactions.
The main IP is 3.142.69.235, located in
Columbus, United States and
belongs to AMAZON-02, US.
The main domain is cert.login.opdater.app.3-142-69-235.cprapid.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 28th 2023. Valid for: 3 months.
This is the only time cert.login.opdater.app.3-142-69-235.cprapid.com was scanned on urlscan.io!
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 28th 2023. Valid for: 3 months.
This is the only time cert.login.opdater.app.3-142-69-235.cprapid.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Nordea (Banking)Domain & IP information
23
3.142.69.235
(Columbus, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-3-142-69-235.us-east-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-3-142-69-235.us-east-2.compute.amazonaws.com
| cert.login.opdater.app.3-142-69-235.cprapid.com |
1
67.202.105.33
(Palos Park, United States)
ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
| ic.tynt.com |
1
67.202.105.32
(Palos Park, United States)
ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net
ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net
| de.tynt.com |
1
18.65.202.80
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-65-202-80.nrt57.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-65-202-80.nrt57.r.cloudfront.net
| get.s-onetag.com |
3
65.9.42.72
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-65-9-42-72.nrt12.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-65-9-42-72.nrt12.r.cloudfront.net
| tags.crwdcntrl.net |
1
18.65.202.8
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-65-202-8.nrt57.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-65-202-8.nrt57.r.cloudfront.net
| onetag-geo.s-onetag.com |
6
18.182.162.20
(Tokyo, Japan)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-182-162-20.ap-northeast-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-182-162-20.ap-northeast-1.compute.amazonaws.com
| ps.eyeota.net |
4
172.217.161.34
(United States)
ASN15169 (GOOGLE, US)
PTR: nrt12s23-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: nrt12s23-in-f2.1e100.net
| cm.g.doubleclick.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 23 |
cprapid.com
cert.login.opdater.app.3-142-69-235.cprapid.com |
620 KB |
| 6 |
eyeota.net
4 redirects
ps.eyeota.net — Cisco Umbrella Rank: 1027 |
4 KB |
| 4 |
doubleclick.net
4 redirects
cm.g.doubleclick.net — Cisco Umbrella Rank: 202 |
2 KB |
| 4 |
crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1183 bcp.crwdcntrl.net |
28 KB |
| 3 |
s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 4085 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 4939 data-beacons.s-onetag.com |
14 KB |
| 3 |
tynt.com
cdn.tynt.com — Cisco Umbrella Rank: 10365 ic.tynt.com — Cisco Umbrella Rank: 6189 de.tynt.com — Cisco Umbrella Rank: 1556 |
9 KB |
| 3 |
dtscout.com
t.dtscout.com — Cisco Umbrella Rank: 14901 |
5 KB |
| 2 |
lijit.com
1 redirects
ap.lijit.com |
1 KB |
| 2 |
amung.us
widgets.amung.us — Cisco Umbrella Rank: 14852 whos.amung.us — Cisco Umbrella Rank: 15518 |
4 KB |
| 1 |
33across.com
cdn-tc.33across.com — Cisco Umbrella Rank: 18270 |
458 B |
| 1 |
zeotap.com
spl.zeotap.com |
|
| 1 |
onaudience.com
1 redirects
pixel.onaudience.com — Cisco Umbrella Rank: 2072 |
398 B |
| 1 |
dtscdn.com
t.dtscdn.com — Cisco Umbrella Rank: 16541 |
595 B |
| 0 |
mitid.dk
Failed
www.mitid.dk Failed |
|
| 55 | 14 |
| Domain | Requested by | |
|---|---|---|
| 23 | cert.login.opdater.app.3-142-69-235.cprapid.com |
cert.login.opdater.app.3-142-69-235.cprapid.com
|
| 6 | ps.eyeota.net |
4 redirects
cert.login.opdater.app.3-142-69-235.cprapid.com
|
| 4 | cm.g.doubleclick.net | 4 redirects |
| 3 | tags.crwdcntrl.net |
t.dtscout.com
cdn-tc.33across.com tags.crwdcntrl.net |
| 3 | t.dtscout.com |
widgets.amung.us
t.dtscout.com |
| 2 | ap.lijit.com | 1 redirects |
| 1 | data-beacons.s-onetag.com |
get.s-onetag.com
|
| 1 | bcp.crwdcntrl.net |
tags.crwdcntrl.net
|
| 1 | cdn-tc.33across.com |
de.tynt.com
|
| 1 | onetag-geo.s-onetag.com |
get.s-onetag.com
|
| 1 | spl.zeotap.com |
cert.login.opdater.app.3-142-69-235.cprapid.com
|
| 1 | pixel.onaudience.com | 1 redirects |
| 1 | t.dtscdn.com |
t.dtscout.com
|
| 1 | get.s-onetag.com |
t.dtscout.com
|
| 1 | de.tynt.com |
cdn.tynt.com
|
| 1 | ic.tynt.com |
cert.login.opdater.app.3-142-69-235.cprapid.com
|
| 1 | cdn.tynt.com |
widgets.amung.us
|
| 1 | whos.amung.us |
widgets.amung.us
|
| 1 | widgets.amung.us |
cert.login.opdater.app.3-142-69-235.cprapid.com
|
| 0 | www.mitid.dk Failed |
cert.login.opdater.app.3-142-69-235.cprapid.com
|
| 55 | 20 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.nordea.dk |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| cert.login.opdater.app.3-142-69-235.cprapid.com cPanel, Inc. Certification Authority |
2023-02-28 - 2023-05-29 |
3 months | crt.sh |
| *.amung.us Sectigo RSA Domain Validation Secure Server CA |
2022-05-18 - 2023-06-17 |
a year | crt.sh |
| *.dtscout.com GTS CA 1P5 |
2023-01-29 - 2023-04-29 |
3 months | crt.sh |
| *.tynt.com Sectigo RSA Domain Validation Secure Server CA |
2022-09-07 - 2023-09-30 |
a year | crt.sh |
| *.s-onetag.com Amazon RSA 2048 M01 |
2023-02-23 - 2024-01-02 |
10 months | crt.sh |
| *.crwdcntrl.net Go Daddy Secure Certificate Authority - G2 |
2022-05-01 - 2023-06-02 |
a year | crt.sh |
| *.dtscdn.com GTS CA 1P5 |
2023-01-24 - 2023-04-24 |
3 months | crt.sh |
| *.33across.com Sectigo RSA Domain Validation Secure Server CA |
2022-09-06 - 2023-09-30 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://cert.login.opdater.app.3-142-69-235.cprapid.com/mitid/dklogin.php
Frame ID: 6C4C0A323992CCDEE6938742AE31B950
Requests: 52 HTTP requests in this frame
Frame:
https://t.dtscout.com/idg/?su=6D001677809054073527FEF69D591C02
Frame ID: E6CD5A56811283C201B2331F51D02E58
Requests: 1 HTTP requests in this frame
Frame:
https://cdn-tc.33across.com/lotame-sync.html
Frame ID: 5E0D496EAC069173DDB3CDEE8E3E6E88
Requests: 3 HTTP requests in this frame
Screenshot
Page Title
Nordea - identifikationMitIDDetected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \.php(?:$|\?)
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
URL: https://www.nordea.dk/nordeaid
Title: www.nordea.dk
Title: www.nordea.dk
Search URL Search Domain Scan URL
URL: https://www.nordea.dk/nordea-id
Title: www.nordea.dk/nordea-id
Title: www.nordea.dk/nordea-id
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 43- https://pixel.onaudience.com/?partner=137085098&mapped=6D001677809054073527FEF69D591C02 HTTP 302
- https://spl.zeotap.com/?zdid=1332&zcluid=0a8f6b3cb59cdcbf
- https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=D%2BFJI2QBVaBXbEuvZitYKg%3D%3D&us_privacy=&33random=1677809056380.1&cat=33across HTTP 302
- https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=D%2BFJI2QBVaBXbEuvZitYKg%3D%3D&us_privacy=&33random=1677809056380.1&cat=33across HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Mmt4bjZpa28xTkpGd2dua1IzR09kLVlrZS16MDhvaGhfWU1ESmhCdDhLMEk&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&&referrer_pid=c9gd671 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=Mmt4bjZpa28xTkpGd2dua1IzR09kLVlrZS16MDhvaGhfWU1ESmhCdDhLMEk&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_tc= HTTP 302
- https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEFn7yNETDRmJ6O85ohhKD3Y&google_cver=1
- https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=D%2BFJI2QBVaBXbEuvZitYKg%3D%3D&us_privacy=&33random=1677809056380.3&cat=33across HTTP 302
- https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=D%2BFJI2QBVaBXbEuvZitYKg%3D%3D&us_privacy=&33random=1677809056380.3&cat=33across HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MnNJU1FNbUFGTXZyX3pRUDRWR3pvbGc0c0Y1Tm15cXZ3aFhpUG1sOU02dDA&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&&referrer_pid=c9gd671 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MnNJU1FNbUFGTXZyX3pRUDRWR3pvbGc0c0Y1Tm15cXZ3aFhpUG1sOU02dDA&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_tc= HTTP 302
- https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEOPFP2971HvW7ZYa7G-aosA&google_cver=1
- https://ap.lijit.com/readerinfo/v2 HTTP 307
- https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
55 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
dklogin.php
cert.login.opdater.app.3-142-69-235.cprapid.com/mitid/ |
94 KB 95 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
styles-90d1ba6c2eef1d8f73fc94069cfe444b.css
cert.login.opdater.app.3-142-69-235.cprapid.com/mitid/all/ |
45 KB 45 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mitid-4aead61655620afca545eded5d36aa1e.svg
cert.login.opdater.app.3-142-69-235.cprapid.com/assets/images/ |
10 KB 10 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
codes_app-a89defc476c5ea3f806b6f5360157e81.svg
cert.login.opdater.app.3-142-69-235.cprapid.com/assets/images/ |
10 KB 10 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
qr_code-c086a1064a1535f8761f7ebef31e5fc5.svg
cert.login.opdater.app.3-142-69-235.cprapid.com/assets/images/ |
10 KB 10 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
qrt-78c4b15d93ca856686f6b6f3fa0ce872.svg
cert.login.opdater.app.3-142-69-235.cprapid.com/assets/images/ |
10 KB 10 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
key-ca4ef88caabfc9bc5dc60a9d9fe78fa3.svg
cert.login.opdater.app.3-142-69-235.cprapid.com/assets/images/ |
10 KB 10 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
technical-error-91ca9eec9eed6ed945355d650bb10d41.svg
cert.login.opdater.app.3-142-69-235.cprapid.com/assets/images/ |
10 KB 10 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
scripts-5abe3803d3e5a9e3f93b7ca687779a67.js
cert.login.opdater.app.3-142-69-235.cprapid.com/assets/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
bootstrapper.a29ccd9579584e71dfba.js
www.mitid.dk/mitid-core-client-backend/v1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
coreclient.e998ecf45cf7712a1b62.js
www.mitid.dk/mitid-core-client-backend/v1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.js
cert.login.opdater.app.3-142-69-235.cprapid.com/mitid/partials/js/ |
266 KB 266 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
something-went-wrong-9bbd07dc81f3c2a11d2c7735b416ee18.svg
cert.login.opdater.app.3-142-69-235.cprapid.com/assets/images/ |
10 KB 10 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cancel-d0c0f9d25ebde42bbd552c8ad5363f01.svg
cert.login.opdater.app.3-142-69-235.cprapid.com/assets/images/ |
10 KB 10 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
no-connection-83f79e2367a313b468986e12a237c346.svg
cert.login.opdater.app.3-142-69-235.cprapid.com/assets/images/ |
10 KB 10 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
empty-3857ebe69f653487f8c9d99adde4657f.svg
cert.login.opdater.app.3-142-69-235.cprapid.com/assets/images/ |
4 KB 4 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
service-break-f426cda35f41e4c0b7c30c814b5eb2ee.svg
cert.login.opdater.app.3-142-69-235.cprapid.com/assets/images/ |
8 KB 8 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
qrcode-0ee52d9cc6e123879ec6846246f9eff0.js
cert.login.opdater.app.3-142-69-235.cprapid.com/assets/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
5e73b3c67b0510c4c5cf-6629cb5350d6f3276b2dccc43bd3f397.png
cert.login.opdater.app.3-142-69-235.cprapid.com/mitid/all/ |
39 KB 40 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
aa1ee103968475b48934-3a4d9a8b6adf39716f28af71fc9b030a.woff
cert.login.opdater.app.3-142-69-235.cprapid.com/mitid/all/ |
30 KB 31 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
b90f1e1b93f3b23dd79e-11eca7aa5a85ec0c6cc3deba794b264e.woff
cert.login.opdater.app.3-142-69-235.cprapid.com/mitid/all/ |
31 KB 31 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
IBMPlexSans-Bold.woff2
www.mitid.dk/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
IBMPlexSans-SemiBold.woff2
www.mitid.dk/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
IBMPlexSans.woff2
www.mitid.dk/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
IBMPlexSans-Medium.woff2
www.mitid.dk/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
technical-error-91ca9eec9eed6ed945355d650bb10d41.svg
cert.login.opdater.app.3-142-69-235.cprapid.com/assets/images/ |
10 KB 10 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
scripts-5abe3803d3e5a9e3f93b7ca687779a67.js
cert.login.opdater.app.3-142-69-235.cprapid.com/assets/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
small.js
widgets.amung.us/ |
8 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
IBMPlexSans-Bold.woff
www.mitid.dk/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
IBMPlexSans-SemiBold.woff
www.mitid.dk/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
IBMPlexSans.woff
www.mitid.dk/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
IBMPlexSans-Medium.woff
www.mitid.dk/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
t.dtscout.com/i/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
whos.amung.us/pingjs/ |
27 B 151 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
status.php
cert.login.opdater.app.3-142-69-235.cprapid.com/mitid/partials/ |
0 293 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tc.js
cdn.tynt.com/ |
17 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
439 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
p
ic.tynt.com/b/ |
35 B 648 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
v2
de.tynt.com/deb/ |
815 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
t.dtscout.com/idg/ Frame E6CD |
1 KB 725 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ |
33 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
t.dtscout.com/pv/ |
51 B 353 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lt.min.js
tags.crwdcntrl.net/lt/c/3825/ |
52 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
t.dtscdn.com/widget/ |
0 595 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
spl.zeotap.com/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
onetag-geo.s-onetag.com/ |
535 B 943 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lotame-sync.html
cdn-tc.33across.com/ Frame 5E0D |
343 B 458 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
match
ps.eyeota.net/ Redirect Chain
|
70 B 440 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
match
ps.eyeota.net/ Redirect Chain
|
70 B 440 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
status.php
cert.login.opdater.app.3-142-69-235.cprapid.com/mitid/partials/ |
0 293 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync.min.js
tags.crwdcntrl.net/lt/c/16311/ Frame 5E0D |
32 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
map
bcp.crwdcntrl.net/6/ Frame 5E0D |
235 B 694 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dataBeacons.min.js
data-beacons.s-onetag.com/ |
5 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
v2
ap.lijit.com/readerinfo/ Redirect Chain
|
41 B 495 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
optimus_rules.json
tags.crwdcntrl.net/lt/c/3825/ |
4 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
POST |
data
bcp.crwdcntrl.net/6/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.mitid.dk
- URL
- https://www.mitid.dk/mitid-core-client-backend/v1/bootstrapper.a29ccd9579584e71dfba.js
- Domain
- www.mitid.dk
- URL
- https://www.mitid.dk/mitid-core-client-backend/v1/coreclient.e998ecf45cf7712a1b62.js
- Domain
- www.mitid.dk
- URL
- https://www.mitid.dk/assets/fonts/IBMPlexSans-Bold.woff2
- Domain
- www.mitid.dk
- URL
- https://www.mitid.dk/assets/fonts/IBMPlexSans-SemiBold.woff2
- Domain
- www.mitid.dk
- URL
- https://www.mitid.dk/assets/fonts/IBMPlexSans.woff2
- Domain
- www.mitid.dk
- URL
- https://www.mitid.dk/assets/fonts/IBMPlexSans-Medium.woff2
- Domain
- www.mitid.dk
- URL
- https://www.mitid.dk/assets/fonts/IBMPlexSans-Bold.woff
- Domain
- www.mitid.dk
- URL
- https://www.mitid.dk/assets/fonts/IBMPlexSans-SemiBold.woff
- Domain
- www.mitid.dk
- URL
- https://www.mitid.dk/assets/fonts/IBMPlexSans.woff
- Domain
- www.mitid.dk
- URL
- https://www.mitid.dk/assets/fonts/IBMPlexSans-Medium.woff
- Domain
- bcp.crwdcntrl.net
- URL
- https://bcp.crwdcntrl.net/6/data
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Nordea (Banking)217 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 boolean| credentialless function| safeLog function| $ function| jQuery number| interval function| userStatus object| _wau object| WAU_ren function| WAU_small function| WAU_small_request function| WAU_r_s function| WAU_insert function| WAU_legacy_b function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_lrs function| WAU_cps function| docReady object| x string| x1 string| x2 object| Tynt object| _33Across function| __uspapi object| a object| cv object| _dtspv object| lotame_3825 number| char object| __connect function| lotameIsCompatible function| lt3825_ba function| lt3825_b undefined| lt3825_c undefined| lt3825_ca undefined| lt3825_da function| lt3825_ea object| lt3825_e function| lt3825_fa function| lt3825_ga object| lt3825_ object| lt3825_ka object| lt3825_la object| lt3825_Qa object| lt3825_Ra object| lt3825_7 function| lt3825_aa function| lt3825_a function| lt3825_d function| lt3825_f function| lt3825_g function| lt3825_h function| lt3825_i function| lt3825_j function| lt3825_k function| lt3825_ia function| lt3825_ha function| lt3825_l function| lt3825_m function| lt3825_ja function| lt3825_n function| lt3825_o function| lt3825_p function| lt3825_q function| lt3825_r function| lt3825_pa function| lt3825_ma function| lt3825_na function| lt3825_t function| lt3825_oa function| lt3825_u function| lt3825_v function| lt3825_w function| lt3825_x function| lt3825_s function| lt3825_y function| lt3825_z function| lt3825_qa function| lt3825_A function| lt3825_B function| lt3825_ra function| lt3825_C function| lt3825_D function| lt3825_sa function| lt3825_E function| lt3825_F function| lt3825_G function| lt3825_ta function| lt3825_I function| lt3825_J function| lt3825_H function| lt3825_ua function| lt3825_K function| lt3825_L function| lt3825_va function| lt3825_wa function| lt3825_M function| lt3825_xa function| lt3825_ya function| lt3825_za function| lt3825_Da function| lt3825_Aa function| lt3825_Ba function| lt3825_Ca function| lt3825_Ea function| lt3825_Ga function| lt3825_Fa function| lt3825_N function| lt3825_Ha function| lt3825_Ia function| lt3825_Ja function| lt3825_Ka function| lt3825_La function| lt3825_Ma function| lt3825_Na function| lt3825_Oa function| lt3825_Pa function| lt3825_O function| lt3825_Sa function| lt3825_P function| lt3825_Q function| lt3825_R function| lt3825_S function| lt3825_Ta function| lt3825_T function| lt3825_U function| lt3825_Ua function| lt3825_Va function| lt3825_V function| lt3825_W function| lt3825_X function| lt3825_Y function| lt3825_Wa function| lt3825_Ya function| lt3825_Xa function| lt3825_Z function| lt3825__ function| lt3825_0 function| lt3825_1 function| lt3825_4 function| lt3825__a function| lt3825_1a function| lt3825_0a function| lt3825_3a function| lt3825_2a function| lt3825_2 function| lt3825_4a function| lt3825_5a function| lt3825_3 function| lt3825_Za function| lt3825_6a function| lt3825_7a function| lt3825_8a function| lt3825_9a function| lt3825_5 function| lt3825_6 function| lt3825_$a function| lt3825_ab function| lt3825_bb function| lt3825_cb function| lt3825_db function| lt3825_eb function| lt3825_fb function| lt3825_gb function| lt3825_hb function| lt3825_ib function| lt3825_8 function| lt3825_lb function| lt3825_mb function| lt3825_kb function| lt3825_jb function| lt3825_ob function| lt3825_nb function| lt3825_qb function| lt3825_pb function| lt3825_rb function| lt3825_sb function| lt3825_tb function| lt3825_ub function| lt3825_vb function| lt3825_wb function| lt3825_yb function| lt3825_Bb function| lt3825_Ab function| lt3825_xb function| lt3825_Eb function| lt3825_zb function| lt3825_Cb function| lt3825_Gb function| lt3825_Fb function| lt3825_Hb function| lt3825_Db function| lt3825_Ib function| lt3825_Jb function| lt3825_Kb function| lt3825_9 function| lt3825_Lb function| lt3825_Mb function| lt3825_Nb function| lt3825_Ob function| lt3825_Pb function| lt3825_$ function| lt3825_Qb function| lt3825_Rb function| lt3825_Sb function| lt3825_Tb function| lt3825_Ub function| lt3825_Vb function| lt3825_Wb function| lt3825_Xb function| lt3825_Zb function| lt3825__b function| lt3825_0b function| lt3825_Yb15 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| cert.login.opdater.app.3-142-69-235.cprapid.com/ | Name: PHPSESSID Value: 711a5a731e376080c1b34b9bcaa5c204 |
|
| .dtscout.com/ | Name: m Value: 1 |
|
| .dtscout.com/ | Name: oa Value: 1 |
|
| .dtscout.com/ | Name: df Value: 1677809054 |
|
| .dtscout.com/ | Name: l Value: 6D001677809054073527FEF69D591C02 |
|
| .cprapid.com/ | Name: __dtsu Value: 6D001677809054073527FEF69D591C02 |
|
| .tynt.com/ | Name: uid Value: D+FJI2QBVaBXbEuvZitYKg== |
|
| .tynt.com/ | Name: pids Value: %5B%7B%22p%22%3A%224bbb341d17%22%2C%22f%22%3A1%2C%22ts%22%3A1677809056380%7D%2C%7B%22p%22%3A%226361f7f203%22%2C%22f%22%3A2%2C%22ts%22%3A1677809056380%7D%5D |
|
| .dtscdn.com/ | Name: uid Value: 6D001677809054073527FEF69D591C02 |
|
| .cprapid.com/ | Name: lotame_domain_check Value: cprapid.com |
|
| .eyeota.net/ | Name: mako_uid Value: 186a5367d60-18510000010e4709 |
|
| .eyeota.net/ | Name: SERVERID Value: 18185~DM |
|
| .onaudience.com/ | Name: cookie Value: 0a8f6b3cb59cdcbf |
|
| .onaudience.com/ | Name: done_redirects219 Value: 1 |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUlNaFH_SzeYZpQO94UbSkUyIvoOvuf1yr4iWN8sG9AUBKz6pzpwdHd-PLR9l2U |
37 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ap.lijit.com
bcp.crwdcntrl.net
cdn-tc.33across.com
cdn.tynt.com
cert.login.opdater.app.3-142-69-235.cprapid.com
cm.g.doubleclick.net
data-beacons.s-onetag.com
de.tynt.com
get.s-onetag.com
ic.tynt.com
onetag-geo.s-onetag.com
pixel.onaudience.com
ps.eyeota.net
spl.zeotap.com
t.dtscdn.com
t.dtscout.com
tags.crwdcntrl.net
whos.amung.us
widgets.amung.us
www.mitid.dk
bcp.crwdcntrl.net
www.mitid.dk
104.18.35.34
104.22.24.87
104.26.13.60
13.214.27.230
141.101.120.11
141.94.171.216
172.217.161.34
172.64.151.83
172.67.8.141
18.182.162.20
18.65.168.112
18.65.202.8
18.65.202.80
209.191.163.208
3.142.69.235
65.9.42.72
67.202.105.32
67.202.105.33
0478d25f0b497355fa4e139c4e6ea93bb16fe40e79c60252237669a960f66b6c
07dbb740764ddcc657e44a4f2767a85c877c6c92262615acefe839c0ca07c9e9
0a075be67e55a6c9ec942574c776f3672174968da1e1727684b4fe41384f4fc1
0eb458b81f5c9987d9c96d8a80837c69808029e7ce8a374cb63707153f08ba67
1014abfbc4068ac651fffed13b57dce3772fbda6a39cbd215cfe0e91616b5f07
121320e903a317e871d5a3023747b9e959c46c3042d1f644d9800a29108753e4
1c4e41b5a0745895a0e2bf0cdef30c3947d0ae182f10dba826682cabc640bce0
2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1
21a2a17b532837aeafeb95de9f252bfec714028517f79fb4143845ca4d23353c
2bbe5dc049d7c24d18fa1623f48772832cbfa6f3281df6b41723b9bd7f3be7f9
301923a8684567ddd77b4004aaa739481a89b215526174b49e0ec42620cdf1b9
31544210a891dd6ed499b72b7fe3e961c7a3f6ecac8503bd242d235fedc5d7e0
357ef243d097a244878fdd9bec07774c9d8278a0581642e2c5dad68365349010
43a6c2d100e02547cd778ec119f00cd708ee2071fc04a9250a2eab181c706bc7
4ef5f864f89db7feaaaa5332c0a99d76076af49fef488806541ca2561e4cb379
53e2486f981dcefa83475d740137f0584f8ce39645c317a83845dc71f035184b
58bb8299d12e5da9f688e2e5b299a4eeaa790c58a47f68275c0d119b98e7c837
5f59b4200602d3414eb4caf9c11811a57f781315d805679a0f57c954b9692314
6691c17050e97fa3a70eb75b6da5d601b461af4d26b954f87dcddbf354f61eda
6f255f0eb0f9c247862dc5ebfe6392e4bf27650fd68fc97f87d2d943ad170b49
70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120
7fccdf59f5dec8ddbf11ed9f5e28cf80e6424389a35d5a4b76ef39f2df02f8be
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
871f46c8aa881f798f310a0a9e880cf1d0dca73c699d7b08769ad2daf6826a8d
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28
9c661f7a5732b65998c26a32adb2573a935d7429b18afe36f4a2d4575ea53b6f
9dab070ee75ce06cf5e8bb6ab989f0130e40f216a1a717d6a0538a57f5143fec
9fc5b5c44107cfc6701be07fa5d5a4d7ab066607dd7ab6e9f396ac709e28424f
a98d472e111682c81bf86ae19c44f038bc27df1b79d480d81bd2dd887ae4c776
c2a41c4739f7c58ef5083c0f09be825450207eccdd78d23c61c471ce82ac46ea
cfe3ad2f09c592531b82c9ea0e3be29883e1e7caf5469635c2a8e9732fefb846
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e04b1416c9d1f0895f4930169e9474cb459957cfd5873740783ed3981af6336c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e725e43a8e0661261ff8f16ce5d21d2c4b56c0e7a5c7fcee62fe439ef66ee813
eef1d67eaacc0c3c2f7e77dcaa664e5b09e5edbce57b12ef73035993c057da18
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac
ff28a732b1fc6a547797b7a9a7c29025ae41b74cc5e208232418d9c41fb43c44