application-login.tlv.se Open in urlscan Pro
164.40.179.27 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://application-login.tlv.se/
Effective URL:
https://application-login.tlv.se/wa/auth?location=%2fwa%2fdesktop.html&authmech=OTP
Submission: On October 28 via automatic, source certstream-suspicious (October 28th 2020, 2:19:46 pm UTC)

Summary HTTP 8 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 164.40.179.27, located in Sweden and belongs to BASEFARM-SE-ASN Basefarm AB. Stockholm - Sweden, SE. The main domain is application-login.tlv.se.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 14th 2019. Valid for: 2 years.

This is the only time application-login.tlv.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 9	164.40.179.27 164.40.179.27		8523 (BASEFARM-...) (BASEFARM-SE-ASN Basefarm AB. Stockholm - Sweden)
8	1

9 164.40.179.27 (Sweden) 1 redirects

ASN8523 (BASEFARM-SE-ASN Basefarm AB. Stockholm - Sweden, SE)
PTR: tns-p-tlv-app-vip.sth.basefarm.net

application-login.tlv.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	tlv.se 1 redirects application-login.tlv.se	242 KB
8	1

	Domain	Requested by
9	application-login.tlv.se	1 redirects application-login.tlv.se
8	1

This site contains links to these domains. Also see Links.

Domain
www.tlv.se

Subject Issuer	Validity	Valid
*.tlv.se DigiCert SHA2 Secure Server CA	`2019-11-14` - `2021-11-18`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://application-login.tlv.se/wa/auth?location=%2fwa%2fdesktop.html&authmech=OTP
Frame ID: 1D7BD0B57735A66E868C6D0918E7EBC2
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://application-login.tlv.se/ Page URL
https://application-login.tlv.se/wa/desktop.html HTTP 302
https://application-login.tlv.se/wa/auth?location=%2fwa%2fdesktop.html&authmech=OTP Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

241 kB
Transfer

240 kB
Size

3
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.tlv.se/
Title: About

Search URL Search Domain Scan URL

URL: http://www.tlv.se/tlv/organisation/kontakta-oss/
Title: Contact

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://application-login.tlv.se/ Page URL
https://application-login.tlv.se/wa/desktop.html HTTP 302
https://application-login.tlv.se/wa/auth?location=%2fwa%2fdesktop.html&authmech=OTP Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 Ok	Cookie set / Show response application-login.tlv.se/	278 B 613 B	225ms 37ms	Document text/html	164.40.179.27 Sweden
General Check archive.org Show headers Download Go to Full URL https://application-login.tlv.se/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 164.40.179.27 , Sweden, ASN8523 (BASEFARM-SE-ASN Basefarm AB. Stockholm - Sweden, SE), Reverse DNS tns-p-tlv-app-vip.sth.basefarm.net Software / Resource Hash `fded6fc3a732f59edb20bf8ef59034f7d5503518eb7eb7c015a377233e955596` Request headers Host application-login.tlv.se Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 28 Oct 2020 14:19:29 GMT Content-Type text/html Set-Cookie WASID_HAG=c52092d4cdee634d; path=/; domain=.tlv.se; httponly WAAK_HAG=ae432af897afc766a3eacfcb6ca75d7e; path=/; domain=.tlv.se; secure; httponly UPD=7; path=/; domain=.tlv.se Transfer-Encoding chunked
GET H/1.1	200 Ok	jquery.min.js application-login.tlv.se/wa/ext/	91 KB 91 KB	37ms 37ms	Script application/x-javascript	164.40.179.27 Sweden
General Check archive.org Show headers Download Go to Full URL https://application-login.tlv.se/wa/ext/jquery.min.js Requested by Host: application-login.tlv.se URL: https://application-login.tlv.se/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 164.40.179.27 , Sweden, ASN8523 (BASEFARM-SE-ASN Basefarm AB. Stockholm - Sweden, SE), Reverse DNS tns-p-tlv-app-vip.sth.basefarm.net Software / Resource Hash Request headers Referer https://application-login.tlv.se/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 28 Oct 2020 14:19:29 GMT Cache-control no-store Content-Length 93436 Content-Type application/x-javascript
GET H/1.1	200 Ok	Primary Request auth Show response application-login.tlv.se/wa/ Redirect Chain https://application-login.tlv.se/wa/desktop.html https://application-login.tlv.se/wa/auth?location=%2fwa%2fdesktop.html&authmech=OTP	5 KB 5 KB	40ms 39ms	Document text/html	164.40.179.27 Sweden
General Check archive.org Show headers Download Go to Full URL https://application-login.tlv.se/wa/auth?location=%2fwa%2fdesktop.html&authmech=OTP Requested by Host: application-login.tlv.se URL: https://application-login.tlv.se/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 164.40.179.27 , Sweden, ASN8523 (BASEFARM-SE-ASN Basefarm AB. Stockholm - Sweden, SE), Reverse DNS tns-p-tlv-app-vip.sth.basefarm.net Software / Resource Hash `c1f7c4be99e691ea0dcf0fc5134046d4e30d8b245fa0a644e0d9590b9b340c13` Request headers Host application-login.tlv.se Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site same-origin Sec-Fetch-Mode navigate Sec-Fetch-Dest document Referer https://application-login.tlv.se/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie WASID_HAG=c52092d4cdee634d; WAAK_HAG=ae432af897afc766a3eacfcb6ca75d7e; UPD=7 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://application-login.tlv.se/ Response headers Date Wed, 28 Oct 2020 14:19:29 GMT Content-Type text/html; charset=UTF-8 Cache-control no-store Transfer-Encoding chunked Redirect headers Date Wed, 28 Oct 2020 14:19:29 GMT Location https://application-login.tlv.se/wa/auth?location=%2fwa%2fdesktop.html&authmech=OTP Content-Length 1 Cache-control no-store
GET H/1.1	200 Ok	tlv.css application-login.tlv.se/wa/css/	45 KB 45 KB	38ms 37ms	Stylesheet text/css	164.40.179.27 Sweden
General Check archive.org Show headers Download Go to Full URL https://application-login.tlv.se/wa/css/tlv.css Requested by Host: application-login.tlv.se URL: https://application-login.tlv.se/wa/auth?location=%2fwa%2fdesktop.html&authmech=OTP Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 164.40.179.27 , Sweden, ASN8523 (BASEFARM-SE-ASN Basefarm AB. Stockholm - Sweden, SE), Reverse DNS tns-p-tlv-app-vip.sth.basefarm.net Software / Resource Hash `c5ea6736ba8a46db4f70fc83e22cb78965cd6ad932989d68d89541138fb1fee9` Request headers Referer https://application-login.tlv.se/wa/auth?location=%2fwa%2fdesktop.html&authmech=OTP User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 28 Oct 2020 14:19:29 GMT Cache-control no-store Content-Length 45868 Content-Type text/css
GET H/1.1	200 Ok	jquery.js Show response application-login.tlv.se/wa/scripts/	94 KB 94 KB	82ms 37ms	Script application/x-javascript	164.40.179.27 Sweden
General Check archive.org Show headers Download Go to Full URL https://application-login.tlv.se/wa/scripts/jquery.js Requested by Host: application-login.tlv.se URL: https://application-login.tlv.se/wa/auth?location=%2fwa%2fdesktop.html&authmech=OTP Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 164.40.179.27 , Sweden, ASN8523 (BASEFARM-SE-ASN Basefarm AB. Stockholm - Sweden, SE), Reverse DNS tns-p-tlv-app-vip.sth.basefarm.net Software / Resource Hash `ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8` Request headers Referer https://application-login.tlv.se/wa/auth?location=%2fwa%2fdesktop.html&authmech=OTP User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 28 Oct 2020 14:19:29 GMT Cache-control no-store Content-Length 95957 Content-Type application/x-javascript
GET H/1.1	200 Ok	token_selection.js Show response application-login.tlv.se/wa/authmech/base/	559 B 701 B	107ms 36ms	Script application/x-javascript	164.40.179.27 Sweden
General Check archive.org Show headers Download Go to Full URL https://application-login.tlv.se/wa/authmech/base/token_selection.js Requested by Host: application-login.tlv.se URL: https://application-login.tlv.se/wa/auth?location=%2fwa%2fdesktop.html&authmech=OTP Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 164.40.179.27 , Sweden, ASN8523 (BASEFARM-SE-ASN Basefarm AB. Stockholm - Sweden, SE), Reverse DNS tns-p-tlv-app-vip.sth.basefarm.net Software / Resource Hash `30ed15ce2bc1f76c4040f5c3a13a849b2b44d4e26d11886e215114484c74998b` Request headers Referer https://application-login.tlv.se/wa/auth?location=%2fwa%2fdesktop.html&authmech=OTP User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 28 Oct 2020 14:19:30 GMT Cache-control no-store Content-Length 559 Content-Type application/x-javascript
GET H/1.1	200 Ok	focus.js Show response application-login.tlv.se/wa/scripts/	293 B 435 B	107ms 36ms	Script application/x-javascript	164.40.179.27 Sweden
General Check archive.org Show headers Download Go to Full URL https://application-login.tlv.se/wa/scripts/focus.js Requested by Host: application-login.tlv.se URL: https://application-login.tlv.se/wa/auth?location=%2fwa%2fdesktop.html&authmech=OTP Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 164.40.179.27 , Sweden, ASN8523 (BASEFARM-SE-ASN Basefarm AB. Stockholm - Sweden, SE), Reverse DNS tns-p-tlv-app-vip.sth.basefarm.net Software / Resource Hash `2f18d23208f750aca6e1af194e6824e647e8c5808c94dd81f9e4f0e66141e4b9` Request headers Referer https://application-login.tlv.se/wa/auth?location=%2fwa%2fdesktop.html&authmech=OTP User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 28 Oct 2020 14:19:30 GMT Cache-control no-store Content-Length 293 Content-Type application/x-javascript
GET H/1.1	200 Ok	tlv_logo_200px.png application-login.tlv.se/wa/img/	5 KB 5 KB	37ms 37ms	Image image/png	164.40.179.27 Sweden
General Check archive.org Show headers Download Go to Show image Full URL https://application-login.tlv.se/wa/img/tlv_logo_200px.png Requested by Host: application-login.tlv.se URL: https://application-login.tlv.se/wa/auth?location=%2fwa%2fdesktop.html&authmech=OTP Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 164.40.179.27 , Sweden, ASN8523 (BASEFARM-SE-ASN Basefarm AB. Stockholm - Sweden, SE), Reverse DNS tns-p-tlv-app-vip.sth.basefarm.net Software / Resource Hash `c473671107858b303e333c2aac21772495107a9d7237c4e1bcd4593f135ffb1a` Request headers Referer https://application-login.tlv.se/wa/auth?location=%2fwa%2fdesktop.html&authmech=OTP User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 28 Oct 2020 14:19:30 GMT Cache-control no-store Content-Length 4770 Content-Type image/png

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tlv.se/	1969-12-31 23:59:59	Name: UPD Value: 7
.tlv.se/	1969-12-31 23:59:59	Name: WAAK_HAG Value: ae432af897afc766a3eacfcb6ca75d7e
.tlv.se/	1969-12-31 23:59:59	Name: WASID_HAG Value: c52092d4cdee634d

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

application-login.tlv.se
164.40.179.27
2f18d23208f750aca6e1af194e6824e647e8c5808c94dd81f9e4f0e66141e4b9
30ed15ce2bc1f76c4040f5c3a13a849b2b44d4e26d11886e215114484c74998b
c1f7c4be99e691ea0dcf0fc5134046d4e30d8b245fa0a644e0d9590b9b340c13
c473671107858b303e333c2aac21772495107a9d7237c4e1bcd4593f135ffb1a
c5ea6736ba8a46db4f70fc83e22cb78965cd6ad932989d68d89541138fb1fee9
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
fded6fc3a732f59edb20bf8ef59034f7d5503518eb7eb7c015a377233e955596

application-login.tlv.se Open in urlscan Pro 164.40.179.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

241 kBTransfer

240 kBSize

3 Cookies

2 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

3 Cookies

Indicators

application-login.tlv.se Open in urlscan Pro
164.40.179.27 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

241 kB
Transfer

240 kB
Size

3
Cookies

8 HTTP transactions
0 data transactions