nbvcas.com Open in urlscan Pro
88.198.52.40 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mo22.biz/?cc=9e4208f4-cd73-4480-befa-944a40376a7e&sid=xles4o
Effective URL:
https://nbvcas.com/landers/antivirus/1/index.html?lang=en-US&clickid=796bbyduouswja04&domain=qwertyhuerty.com&uclic...
Submission: On February 28 via manual (February 28th 2021, 6:01:54 pm UTC) from NL

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 4 domains to perform 8 HTTP transactions. The main IP is 88.198.52.40, located in Kassel, Germany and belongs to HETZNER-AS, DE. The main domain is nbvcas.com.
TLS certificate: Issued by R3 on February 3rd 2021. Valid for: 3 months.

This is the only time nbvcas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	143.198.248.64 143.198.248.64	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	109.206.168.5 109.206.168.5	50245 (SERVEREL-AS) (SERVEREL-AS)
1 8	88.198.52.40 88.198.52.40	24940 (HETZNER-AS) (HETZNER-AS)
8	2

2 143.198.248.64 (Amsterdam, Netherlands) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

mo22.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.168.5 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.168.5.serverel.net

idelv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 88.198.52.40 (Kassel, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: d24370fff.fastvps-server.com

qwertyhuerty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nbvcas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	nbvcas.com nbvcas.com	259 KB
2	mo22.biz 2 redirects mo22.biz	2 KB
1	qwertyhuerty.com 1 redirects qwertyhuerty.com	443 B
1	idelv.net idelv.net	2 KB
8	4

	Domain	Requested by
7	nbvcas.com	idelv.net nbvcas.com
2	mo22.biz	2 redirects
1	qwertyhuerty.com	1 redirects
1	idelv.net
8	4

This site contains no links.

Subject Issuer	Validity	Valid
idelv.net R3	`2021-01-04` - `2021-04-04`	3 months	crt.sh
nbvcas.com R3	`2021-02-03` - `2021-05-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://nbvcas.com/landers/antivirus/1/index.html?lang=en-US&clickid=796bbyduouswja04&domain=qwertyhuerty.com&uclick=yduouswj&uclickhash=yduouswj-yduouswj-2t2t-h9fy-pmrn-scsy-1mxi-2f6982
Frame ID: 57B37D33242FA25278CC60B2F346D698
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://mo22.biz/?cc=9e4208f4-cd73-4480-befa-944a40376a7e&sid=xles4o HTTP 301
https://mo22.biz/?cc=9e4208f4-cd73-4480-befa-944a40376a7e&sid=xles4o HTTP 302
https://idelv.net/b2/l/c/redir?eid=651&n=845948e529e51f2564a52997&nid=2&sid=YucmXRO1EmQDpZhMOQ... Page URL
https://qwertyhuerty.com/click.php?key=2l1r1nl0wufc1op1mvth&cost=0.07000000&source=35041510615329&cre... HTTP 302
https://nbvcas.com/landers/antivirus/1/index.html?lang=en-US&clickid=796bbyduouswja04&domain=qw... Page URL

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

2
IPs

2
Countries

260 kB
Transfer

261 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mo22.biz/?cc=9e4208f4-cd73-4480-befa-944a40376a7e&sid=xles4o HTTP 301
https://mo22.biz/?cc=9e4208f4-cd73-4480-befa-944a40376a7e&sid=xles4o HTTP 302
https://idelv.net/b2/l/c/redir?eid=651&n=845948e529e51f2564a52997&nid=2&sid=YucmXRO1EmQDpZhMOQjE4lrQocuh5V6SD7IQgR%2FcGDpTZ4PESLjssgb97Wen2sjyzuk0RW%2FZynV2McC651GqMgZ3mdvXxkhxJXriEZ5NAkL%2B30RcaTTSDGaVv3b1%2BgEPMMai6ULuxZvsE4M2GO9vQfgDi4lgWzqZixe10NxfTfl0DY81IOhDFVlxAQexJodoei%2BywR6wW6OIupblBumA%2F2nSFSnQdnLC2xkD2JSWp4PbfOHdE4myUscRXsu9h2kDPA8%2BuqcRHUWkpGlsEIoFdOGpqu2F31A2jAQVQ%2Fmrkopr5mPKMhQIqROcwOkysP03gJY1rZkdQMNpweGW9K6n7%2FmOjcmZd4yER3%2Fyq%2By0ZEj0wMTWqRZgiNCKwciIP2wUnpRT9mZDOrjVfulfKd8Xt4KzvWZ359HevPjQN7%2BHFDnReIG6ACwNP%2FRA97OCeG9ZEiiQ5Q8%2FsEbojRiJAcUob6d2kvD%2B6SddGU0%2BOLoto%2BjFdiLGRR63i%2F82df%2F4zsiu91r8NE1hgn0GG3OTaKqW8uHmBsEhq9D0%2F0hSgOspZFpLHZ9HZJQboM7ts2WtJnLXcdWVavlvKSM9OU6hbkrMxJjJcGABvNCTQrvukeVdzkZ%2FK1vH0eFCAVrnMMy2AXxOrnyufdAbngJjQKjG8Dxcd5evko5MgbUwTQ0yfnzZQjrR%2BfJaoX%2Fc9zblJvsDROV1N3C7pF3%2FLweeCoarfV7U%2Baq%2F1bDpfH0EUtSuDR%2FFwaoudX0jZE5jb5O7OF0ikjRepQX7YDtEof37rM%2FrsMvO8eWOLJKfUGwwBHINX5KU%2Fpej%2B89TYnD5kH0NKHcs5sMygdBctdhDLAnQO97J5k12c8vnLzvBaMQYqcz0PLd%2FzPZIzRrAbmA0cOhWkRKpxMqUuDYxFn4AE6Vp%2BfAN0HhrbeuXStfAsdyGUvDRCPt%2FURRZm5IFHi4L8PIn1v14EBiqZ2kVGAiVhfcfagsSV1FGs3gNwfY5HwfliLvm11l3UBvdWwH3N1JeGJ4n8rh5JuBzeMIuLxp1uoO5c%2BSfnUitzVvN%2FOwA9L4Y%2FLHfNB%2BrnzFHc4tNijcxQllp%2FgTCqdg5XaDS%2BPFdAnJt%2B%2FmG5GghO2ZKRRy%2Blgf%2BYiYGu%2F%2BhkBDD1Cg9dAvwZgieCn%2FZflbWCIjrheV7SJmPHjLb7lBSSYkRiXWCNV%2Fe2vjD16PWjSB%2FtEPVUr5ZcN%2FoUCC3yRNM%2B7oQuoTZ7F6m8UAC85aAbV1d%2BPxWJFHF%2BbuS7GAzmWnEyXozJquS0BKFdll0C2VM4Vfqt22WDaFaYXsADY%2Bhqg9gy8M7fQZfj05qXZwLP%2B3SaRm%2FniCKuq1SLxVJDeLHsbSh%2FvInDs%2FerdEENWy3F1%2BGtVRIV8x2DgYhn12sRXDTJwUmN%2F99QArXVaotkPswFpj4LAFBkjtCw9mdSvB4FYHN%2Fi54Uzq924ZDTf8FjkvJKUQW1adbmpPyOv5UiQiAsz1Q7AflMO9uRGa%2FQCeHZSQ%2F5MaLzZpB&ts=1614532471&ttl=345600&v=v3.3.6 Page URL
https://qwertyhuerty.com/click.php?key=2l1r1nl0wufc1op1mvth&cost=0.07000000&source=35041510615329&creative=15888&camp=6211 HTTP 302
https://nbvcas.com/landers/antivirus/1/index.html?lang=en-US&clickid=796bbyduouswja04&domain=qwertyhuerty.com&uclick=yduouswj&uclickhash=yduouswj-yduouswj-2t2t-h9fy-pmrn-scsy-1mxi-2f6982 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://mo22.biz/?cc=9e4208f4-cd73-4480-befa-944a40376a7e&sid=xles4o HTTP 301
https://mo22.biz/?cc=9e4208f4-cd73-4480-befa-944a40376a7e&sid=xles4o HTTP 302
https://idelv.net/b2/l/c/redir?eid=651&n=845948e529e51f2564a52997&nid=2&sid=YucmXRO1EmQDpZhMOQjE4lrQocuh5V6SD7IQgR%2FcGDpTZ4PESLjssgb97Wen2sjyzuk0RW%2FZynV2McC651GqMgZ3mdvXxkhxJXriEZ5NAkL%2B30RcaTTSDGaVv3b1%2BgEPMMai6ULuxZvsE4M2GO9vQfgDi4lgWzqZixe10NxfTfl0DY81IOhDFVlxAQexJodoei%2BywR6wW6OIupblBumA%2F2nSFSnQdnLC2xkD2JSWp4PbfOHdE4myUscRXsu9h2kDPA8%2BuqcRHUWkpGlsEIoFdOGpqu2F31A2jAQVQ%2Fmrkopr5mPKMhQIqROcwOkysP03gJY1rZkdQMNpweGW9K6n7%2FmOjcmZd4yER3%2Fyq%2By0ZEj0wMTWqRZgiNCKwciIP2wUnpRT9mZDOrjVfulfKd8Xt4KzvWZ359HevPjQN7%2BHFDnReIG6ACwNP%2FRA97OCeG9ZEiiQ5Q8%2FsEbojRiJAcUob6d2kvD%2B6SddGU0%2BOLoto%2BjFdiLGRR63i%2F82df%2F4zsiu91r8NE1hgn0GG3OTaKqW8uHmBsEhq9D0%2F0hSgOspZFpLHZ9HZJQboM7ts2WtJnLXcdWVavlvKSM9OU6hbkrMxJjJcGABvNCTQrvukeVdzkZ%2FK1vH0eFCAVrnMMy2AXxOrnyufdAbngJjQKjG8Dxcd5evko5MgbUwTQ0yfnzZQjrR%2BfJaoX%2Fc9zblJvsDROV1N3C7pF3%2FLweeCoarfV7U%2Baq%2F1bDpfH0EUtSuDR%2FFwaoudX0jZE5jb5O7OF0ikjRepQX7YDtEof37rM%2FrsMvO8eWOLJKfUGwwBHINX5KU%2Fpej%2B89TYnD5kH0NKHcs5sMygdBctdhDLAnQO97J5k12c8vnLzvBaMQYqcz0PLd%2FzPZIzRrAbmA0cOhWkRKpxMqUuDYxFn4AE6Vp%2BfAN0HhrbeuXStfAsdyGUvDRCPt%2FURRZm5IFHi4L8PIn1v14EBiqZ2kVGAiVhfcfagsSV1FGs3gNwfY5HwfliLvm11l3UBvdWwH3N1JeGJ4n8rh5JuBzeMIuLxp1uoO5c%2BSfnUitzVvN%2FOwA9L4Y%2FLHfNB%2BrnzFHc4tNijcxQllp%2FgTCqdg5XaDS%2BPFdAnJt%2B%2FmG5GghO2ZKRRy%2Blgf%2BYiYGu%2F%2BhkBDD1Cg9dAvwZgieCn%2FZflbWCIjrheV7SJmPHjLb7lBSSYkRiXWCNV%2Fe2vjD16PWjSB%2FtEPVUr5ZcN%2FoUCC3yRNM%2B7oQuoTZ7F6m8UAC85aAbV1d%2BPxWJFHF%2BbuS7GAzmWnEyXozJquS0BKFdll0C2VM4Vfqt22WDaFaYXsADY%2Bhqg9gy8M7fQZfj05qXZwLP%2B3SaRm%2FniCKuq1SLxVJDeLHsbSh%2FvInDs%2FerdEENWy3F1%2BGtVRIV8x2DgYhn12sRXDTJwUmN%2F99QArXVaotkPswFpj4LAFBkjtCw9mdSvB4FYHN%2Fi54Uzq924ZDTf8FjkvJKUQW1adbmpPyOv5UiQiAsz1Q7AflMO9uRGa%2FQCeHZSQ%2F5MaLzZpB&ts=1614532471&ttl=345600&v=v3.3.6

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

redir Show response
idelv.net/b2/l/c/
Redirect Chain

http://mo22.biz/?cc=9e4208f4-cd73-4480-befa-944a40376a7e&sid=xles4o
https://mo22.biz/?cc=9e4208f4-cd73-4480-befa-944a40376a7e&sid=xles4o
https://idelv.net/b2/l/c/redir?eid=651&n=845948e529e51f2564a52997&nid=2&sid=YucmXRO1EmQDpZhMOQjE4lrQocuh5V6SD7IQgR%2FcGDpTZ4PESLjssgb97Wen2sjyzuk0RW%2FZynV2McC651GqMgZ3mdvXxkhxJXriEZ5NAkL%2B30RcaTT...

1 KB
2 KB

200ms
76ms

Document
text/html

109.206.168.5
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://idelv.net/b2/l/c/redir?eid=651&n=845948e529e51f2564a52997&nid=2&sid=YucmXRO1EmQDpZhMOQjE4lrQocuh5V6SD7IQgR%2FcGDpTZ4PESLjssgb97Wen2sjyzuk0RW%2FZynV2McC651GqMgZ3mdvXxkhxJXriEZ5NAkL%2B30RcaTTSDGaVv3b1%2BgEPMMai6ULuxZvsE4M2GO9vQfgDi4lgWzqZixe10NxfTfl0DY81IOhDFVlxAQexJodoei%2BywR6wW6OIupblBumA%2F2nSFSnQdnLC2xkD2JSWp4PbfOHdE4myUscRXsu9h2kDPA8%2BuqcRHUWkpGlsEIoFdOGpqu2F31A2jAQVQ%2Fmrkopr5mPKMhQIqROcwOkysP03gJY1rZkdQMNpweGW9K6n7%2FmOjcmZd4yER3%2Fyq%2By0ZEj0wMTWqRZgiNCKwciIP2wUnpRT9mZDOrjVfulfKd8Xt4KzvWZ359HevPjQN7%2BHFDnReIG6ACwNP%2FRA97OCeG9ZEiiQ5Q8%2FsEbojRiJAcUob6d2kvD%2B6SddGU0%2BOLoto%2BjFdiLGRR63i%2F82df%2F4zsiu91r8NE1hgn0GG3OTaKqW8uHmBsEhq9D0%2F0hSgOspZFpLHZ9HZJQboM7ts2WtJnLXcdWVavlvKSM9OU6hbkrMxJjJcGABvNCTQrvukeVdzkZ%2FK1vH0eFCAVrnMMy2AXxOrnyufdAbngJjQKjG8Dxcd5evko5MgbUwTQ0yfnzZQjrR%2BfJaoX%2Fc9zblJvsDROV1N3C7pF3%2FLweeCoarfV7U%2Baq%2F1bDpfH0EUtSuDR%2FFwaoudX0jZE5jb5O7OF0ikjRepQX7YDtEof37rM%2FrsMvO8eWOLJKfUGwwBHINX5KU%2Fpej%2B89TYnD5kH0NKHcs5sMygdBctdhDLAnQO97J5k12c8vnLzvBaMQYqcz0PLd%2FzPZIzRrAbmA0cOhWkRKpxMqUuDYxFn4AE6Vp%2BfAN0HhrbeuXStfAsdyGUvDRCPt%2FURRZm5IFHi4L8PIn1v14EBiqZ2kVGAiVhfcfagsSV1FGs3gNwfY5HwfliLvm11l3UBvdWwH3N1JeGJ4n8rh5JuBzeMIuLxp1uoO5c%2BSfnUitzVvN%2FOwA9L4Y%2FLHfNB%2BrnzFHc4tNijcxQllp%2FgTCqdg5XaDS%2BPFdAnJt%2B%2FmG5GghO2ZKRRy%2Blgf%2BYiYGu%2F%2BhkBDD1Cg9dAvwZgieCn%2FZflbWCIjrheV7SJmPHjLb7lBSSYkRiXWCNV%2Fe2vjD16PWjSB%2FtEPVUr5ZcN%2FoUCC3yRNM%2B7oQuoTZ7F6m8UAC85aAbV1d%2BPxWJFHF%2BbuS7GAzmWnEyXozJquS0BKFdll0C2VM4Vfqt22WDaFaYXsADY%2Bhqg9gy8M7fQZfj05qXZwLP%2B3SaRm%2FniCKuq1SLxVJDeLHsbSh%2FvInDs%2FerdEENWy3F1%2BGtVRIV8x2DgYhn12sRXDTJwUmN%2F99QArXVaotkPswFpj4LAFBkjtCw9mdSvB4FYHN%2Fi54Uzq924ZDTf8FjkvJKUQW1adbmpPyOv5UiQiAsz1Q7AflMO9uRGa%2FQCeHZSQ%2F5MaLzZpB&ts=1614532471&ttl=345600&v=v3.3.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.206.168.5 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 109.206.168.5.serverel.net
Software: dspclick-v3.1.3 /
Resource Hash: bd9296bdbb12f48f5e44a9c0daf7732f84d6a3a7a627bf314af64ddb60f2cd7c

Request headers

:method: GET
:authority: idelv.net
:scheme: https
:path: /b2/l/c/redir?eid=651&n=845948e529e51f2564a52997&nid=2&sid=YucmXRO1EmQDpZhMOQjE4lrQocuh5V6SD7IQgR%2FcGDpTZ4PESLjssgb97Wen2sjyzuk0RW%2FZynV2McC651GqMgZ3mdvXxkhxJXriEZ5NAkL%2B30RcaTTSDGaVv3b1%2BgEPMMai6ULuxZvsE4M2GO9vQfgDi4lgWzqZixe10NxfTfl0DY81IOhDFVlxAQexJodoei%2BywR6wW6OIupblBumA%2F2nSFSnQdnLC2xkD2JSWp4PbfOHdE4myUscRXsu9h2kDPA8%2BuqcRHUWkpGlsEIoFdOGpqu2F31A2jAQVQ%2Fmrkopr5mPKMhQIqROcwOkysP03gJY1rZkdQMNpweGW9K6n7%2FmOjcmZd4yER3%2Fyq%2By0ZEj0wMTWqRZgiNCKwciIP2wUnpRT9mZDOrjVfulfKd8Xt4KzvWZ359HevPjQN7%2BHFDnReIG6ACwNP%2FRA97OCeG9ZEiiQ5Q8%2FsEbojRiJAcUob6d2kvD%2B6SddGU0%2BOLoto%2BjFdiLGRR63i%2F82df%2F4zsiu91r8NE1hgn0GG3OTaKqW8uHmBsEhq9D0%2F0hSgOspZFpLHZ9HZJQboM7ts2WtJnLXcdWVavlvKSM9OU6hbkrMxJjJcGABvNCTQrvukeVdzkZ%2FK1vH0eFCAVrnMMy2AXxOrnyufdAbngJjQKjG8Dxcd5evko5MgbUwTQ0yfnzZQjrR%2BfJaoX%2Fc9zblJvsDROV1N3C7pF3%2FLweeCoarfV7U%2Baq%2F1bDpfH0EUtSuDR%2FFwaoudX0jZE5jb5O7OF0ikjRepQX7YDtEof37rM%2FrsMvO8eWOLJKfUGwwBHINX5KU%2Fpej%2B89TYnD5kH0NKHcs5sMygdBctdhDLAnQO97J5k12c8vnLzvBaMQYqcz0PLd%2FzPZIzRrAbmA0cOhWkRKpxMqUuDYxFn4AE6Vp%2BfAN0HhrbeuXStfAsdyGUvDRCPt%2FURRZm5IFHi4L8PIn1v14EBiqZ2kVGAiVhfcfagsSV1FGs3gNwfY5HwfliLvm11l3UBvdWwH3N1JeGJ4n8rh5JuBzeMIuLxp1uoO5c%2BSfnUitzVvN%2FOwA9L4Y%2FLHfNB%2BrnzFHc4tNijcxQllp%2FgTCqdg5XaDS%2BPFdAnJt%2B%2FmG5GghO2ZKRRy%2Blgf%2BYiYGu%2F%2BhkBDD1Cg9dAvwZgieCn%2FZflbWCIjrheV7SJmPHjLb7lBSSYkRiXWCNV%2Fe2vjD16PWjSB%2FtEPVUr5ZcN%2FoUCC3yRNM%2B7oQuoTZ7F6m8UAC85aAbV1d%2BPxWJFHF%2BbuS7GAzmWnEyXozJquS0BKFdll0C2VM4Vfqt22WDaFaYXsADY%2Bhqg9gy8M7fQZfj05qXZwLP%2B3SaRm%2FniCKuq1SLxVJDeLHsbSh%2FvInDs%2FerdEENWy3F1%2BGtVRIV8x2DgYhn12sRXDTJwUmN%2F99QArXVaotkPswFpj4LAFBkjtCw9mdSvB4FYHN%2Fi54Uzq924ZDTf8FjkvJKUQW1adbmpPyOv5UiQiAsz1Q7AflMO9uRGa%2FQCeHZSQ%2F5MaLzZpB&ts=1614532471&ttl=345600&v=v3.3.6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: dspclick-v3.1.3
date: Sun, 28 Feb 2021 18:01:37 GMT
content-type: text/html
content-length: 1426
set-cookie: adcsid-c-3385121929YYYMsyXZ=1; expires=Mon, 01 Mar 2021 18:01:38 GMT; path=/

Redirect headers

server: nginx
date: Sun, 28 Feb 2021 18:01:38 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=0c133681-7b12-496d-9dcb-9da818c72da1; expires=Tue, 30-Mar-2021 18:01:38 GMT; Max-Age=2592000; path=/; domain=mo22.biz hash=9e4208f4-cd73-4480-befa-944a40376a7e%2Bxles4o; expires=Tue, 30-Mar-2021 18:01:38 GMT; Max-Age=2592000; path=/; domain=mo22.biz
location: https://idelv.net/b2/l/c/redir?eid=651&n=845948e529e51f2564a52997&nid=2&sid=YucmXRO1EmQDpZhMOQjE4lrQocuh5V6SD7IQgR%2FcGDpTZ4PESLjssgb97Wen2sjyzuk0RW%2FZynV2McC651GqMgZ3mdvXxkhxJXriEZ5NAkL%2B30RcaTTSDGaVv3b1%2BgEPMMai6ULuxZvsE4M2GO9vQfgDi4lgWzqZixe10NxfTfl0DY81IOhDFVlxAQexJodoei%2BywR6wW6OIupblBumA%2F2nSFSnQdnLC2xkD2JSWp4PbfOHdE4myUscRXsu9h2kDPA8%2BuqcRHUWkpGlsEIoFdOGpqu2F31A2jAQVQ%2Fmrkopr5mPKMhQIqROcwOkysP03gJY1rZkdQMNpweGW9K6n7%2FmOjcmZd4yER3%2Fyq%2By0ZEj0wMTWqRZgiNCKwciIP2wUnpRT9mZDOrjVfulfKd8Xt4KzvWZ359HevPjQN7%2BHFDnReIG6ACwNP%2FRA97OCeG9ZEiiQ5Q8%2FsEbojRiJAcUob6d2kvD%2B6SddGU0%2BOLoto%2BjFdiLGRR63i%2F82df%2F4zsiu91r8NE1hgn0GG3OTaKqW8uHmBsEhq9D0%2F0hSgOspZFpLHZ9HZJQboM7ts2WtJnLXcdWVavlvKSM9OU6hbkrMxJjJcGABvNCTQrvukeVdzkZ%2FK1vH0eFCAVrnMMy2AXxOrnyufdAbngJjQKjG8Dxcd5evko5MgbUwTQ0yfnzZQjrR%2BfJaoX%2Fc9zblJvsDROV1N3C7pF3%2FLweeCoarfV7U%2Baq%2F1bDpfH0EUtSuDR%2FFwaoudX0jZE5jb5O7OF0ikjRepQX7YDtEof37rM%2FrsMvO8eWOLJKfUGwwBHINX5KU%2Fpej%2B89TYnD5kH0NKHcs5sMygdBctdhDLAnQO97J5k12c8vnLzvBaMQYqcz0PLd%2FzPZIzRrAbmA0cOhWkRKpxMqUuDYxFn4AE6Vp%2BfAN0HhrbeuXStfAsdyGUvDRCPt%2FURRZm5IFHi4L8PIn1v14EBiqZ2kVGAiVhfcfagsSV1FGs3gNwfY5HwfliLvm11l3UBvdWwH3N1JeGJ4n8rh5JuBzeMIuLxp1uoO5c%2BSfnUitzVvN%2FOwA9L4Y%2FLHfNB%2BrnzFHc4tNijcxQllp%2FgTCqdg5XaDS%2BPFdAnJt%2B%2FmG5GghO2ZKRRy%2Blgf%2BYiYGu%2F%2BhkBDD1Cg9dAvwZgieCn%2FZflbWCIjrheV7SJmPHjLb7lBSSYkRiXWCNV%2Fe2vjD16PWjSB%2FtEPVUr5ZcN%2FoUCC3yRNM%2B7oQuoTZ7F6m8UAC85aAbV1d%2BPxWJFHF%2BbuS7GAzmWnEyXozJquS0BKFdll0C2VM4Vfqt22WDaFaYXsADY%2Bhqg9gy8M7fQZfj05qXZwLP%2B3SaRm%2FniCKuq1SLxVJDeLHsbSh%2FvInDs%2FerdEENWy3F1%2BGtVRIV8x2DgYhn12sRXDTJwUmN%2F99QArXVaotkPswFpj4LAFBkjtCw9mdSvB4FYHN%2Fi54Uzq924ZDTf8FjkvJKUQW1adbmpPyOv5UiQiAsz1Q7AflMO9uRGa%2FQCeHZSQ%2F5MaLzZpB&ts=1614532471&ttl=345600&v=v3.3.6
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests

GET
H2

200

Primary Request index.html Show response
nbvcas.com/landers/antivirus/1/
Redirect Chain

https://qwertyhuerty.com/click.php?key=2l1r1nl0wufc1op1mvth&cost=0.07000000&source=35041510615329&creative=15888&camp=6211
https://nbvcas.com/landers/antivirus/1/index.html?lang=en-US&clickid=796bbyduouswja04&domain=qwertyhuerty.com&uclick=yduouswj&uclickhash=yduouswj-yduouswj-2t2t-h9fy-pmrn-scsy-1mxi-2f6982

4 KB
2 KB

96ms
27ms

Document
text/html

88.198.52.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://nbvcas.com/landers/antivirus/1/index.html?lang=en-US&clickid=796bbyduouswja04&domain=qwertyhuerty.com&uclick=yduouswj&uclickhash=yduouswj-yduouswj-2t2t-h9fy-pmrn-scsy-1mxi-2f6982

Requested by

Host: idelv.net
URL: https://idelv.net/b2/l/c/redir?eid=651&n=845948e529e51f2564a52997&nid=2&sid=YucmXRO1EmQDpZhMOQjE4lrQocuh5V6SD7IQgR%2FcGDpTZ4PESLjssgb97Wen2sjyzuk0RW%2FZynV2McC651GqMgZ3mdvXxkhxJXriEZ5NAkL%2B30RcaTTSDGaVv3b1%2BgEPMMai6ULuxZvsE4M2GO9vQfgDi4lgWzqZixe10NxfTfl0DY81IOhDFVlxAQexJodoei%2BywR6wW6OIupblBumA%2F2nSFSnQdnLC2xkD2JSWp4PbfOHdE4myUscRXsu9h2kDPA8%2BuqcRHUWkpGlsEIoFdOGpqu2F31A2jAQVQ%2Fmrkopr5mPKMhQIqROcwOkysP03gJY1rZkdQMNpweGW9K6n7%2FmOjcmZd4yER3%2Fyq%2By0ZEj0wMTWqRZgiNCKwciIP2wUnpRT9mZDOrjVfulfKd8Xt4KzvWZ359HevPjQN7%2BHFDnReIG6ACwNP%2FRA97OCeG9ZEiiQ5Q8%2FsEbojRiJAcUob6d2kvD%2B6SddGU0%2BOLoto%2BjFdiLGRR63i%2F82df%2F4zsiu91r8NE1hgn0GG3OTaKqW8uHmBsEhq9D0%2F0hSgOspZFpLHZ9HZJQboM7ts2WtJnLXcdWVavlvKSM9OU6hbkrMxJjJcGABvNCTQrvukeVdzkZ%2FK1vH0eFCAVrnMMy2AXxOrnyufdAbngJjQKjG8Dxcd5evko5MgbUwTQ0yfnzZQjrR%2BfJaoX%2Fc9zblJvsDROV1N3C7pF3%2FLweeCoarfV7U%2Baq%2F1bDpfH0EUtSuDR%2FFwaoudX0jZE5jb5O7OF0ikjRepQX7YDtEof37rM%2FrsMvO8eWOLJKfUGwwBHINX5KU%2Fpej%2B89TYnD5kH0NKHcs5sMygdBctdhDLAnQO97J5k12c8vnLzvBaMQYqcz0PLd%2FzPZIzRrAbmA0cOhWkRKpxMqUuDYxFn4AE6Vp%2BfAN0HhrbeuXStfAsdyGUvDRCPt%2FURRZm5IFHi4L8PIn1v14EBiqZ2kVGAiVhfcfagsSV1FGs3gNwfY5HwfliLvm11l3UBvdWwH3N1JeGJ4n8rh5JuBzeMIuLxp1uoO5c%2BSfnUitzVvN%2FOwA9L4Y%2FLHfNB%2BrnzFHc4tNijcxQllp%2FgTCqdg5XaDS%2BPFdAnJt%2B%2FmG5GghO2ZKRRy%2Blgf%2BYiYGu%2F%2BhkBDD1Cg9dAvwZgieCn%2FZflbWCIjrheV7SJmPHjLb7lBSSYkRiXWCNV%2Fe2vjD16PWjSB%2FtEPVUr5ZcN%2FoUCC3yRNM%2B7oQuoTZ7F6m8UAC85aAbV1d%2BPxWJFHF%2BbuS7GAzmWnEyXozJquS0BKFdll0C2VM4Vfqt22WDaFaYXsADY%2Bhqg9gy8M7fQZfj05qXZwLP%2B3SaRm%2FniCKuq1SLxVJDeLHsbSh%2FvInDs%2FerdEENWy3F1%2BGtVRIV8x2DgYhn12sRXDTJwUmN%2F99QArXVaotkPswFpj4LAFBkjtCw9mdSvB4FYHN%2Fi54Uzq924ZDTf8FjkvJKUQW1adbmpPyOv5UiQiAsz1Q7AflMO9uRGa%2FQCeHZSQ%2F5MaLzZpB&ts=1614532471&ttl=345600&v=v3.3.6

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

88.198.52.40 Kassel, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

d24370fff.fastvps-server.com

Software

nginx/1.18.0 /

Resource Hash

4ab2ff9f2870fa06707b0e0eb4b03fda1b863b491123f9c83188b858c7b39315

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: nbvcas.com
:scheme: https
:path: /landers/antivirus/1/index.html?lang=en-US&clickid=796bbyduouswja04&domain=qwertyhuerty.com&uclick=yduouswj&uclickhash=yduouswj-yduouswj-2t2t-h9fy-pmrn-scsy-1mxi-2f6982
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://idelv.net/b2/l/c/redir?eid=651&n=845948e529e51f2564a52997&nid=2&sid=YucmXRO1EmQDpZhMOQjE4lrQocuh5V6SD7IQgR%2FcGDpTZ4PESLjssgb97Wen2sjyzuk0RW%2FZynV2McC651GqMgZ3mdvXxkhxJXriEZ5NAkL%2B30RcaTTSDGaVv3b1%2BgEPMMai6ULuxZvsE4M2GO9vQfgDi4lgWzqZixe10NxfTfl0DY81IOhDFVlxAQexJodoei%2BywR6wW6OIupblBumA%2F2nSFSnQdnLC2xkD2JSWp4PbfOHdE4myUscRXsu9h2kDPA8%2BuqcRHUWkpGlsEIoFdOGpqu2F31A2jAQVQ%2Fmrkopr5mPKMhQIqROcwOkysP03gJY1rZkdQMNpweGW9K6n7%2FmOjcmZd4yER3%2Fyq%2By0ZEj0wMTWqRZgiNCKwciIP2wUnpRT9mZDOrjVfulfKd8Xt4KzvWZ359HevPjQN7%2BHFDnReIG6ACwNP%2FRA97OCeG9ZEiiQ5Q8%2FsEbojRiJAcUob6d2kvD%2B6SddGU0%2BOLoto%2BjFdiLGRR63i%2F82df%2F4zsiu91r8NE1hgn0GG3OTaKqW8uHmBsEhq9D0%2F0hSgOspZFpLHZ9HZJQboM7ts2WtJnLXcdWVavlvKSM9OU6hbkrMxJjJcGABvNCTQrvukeVdzkZ%2FK1vH0eFCAVrnMMy2AXxOrnyufdAbngJjQKjG8Dxcd5evko5MgbUwTQ0yfnzZQjrR%2BfJaoX%2Fc9zblJvsDROV1N3C7pF3%2FLweeCoarfV7U%2Baq%2F1bDpfH0EUtSuDR%2FFwaoudX0jZE5jb5O7OF0ikjRepQX7YDtEof37rM%2FrsMvO8eWOLJKfUGwwBHINX5KU%2Fpej%2B89TYnD5kH0NKHcs5sMygdBctdhDLAnQO97J5k12c8vnLzvBaMQYqcz0PLd%2FzPZIzRrAbmA0cOhWkRKpxMqUuDYxFn4AE6Vp%2BfAN0HhrbeuXStfAsdyGUvDRCPt%2FURRZm5IFHi4L8PIn1v14EBiqZ2kVGAiVhfcfagsSV1FGs3gNwfY5HwfliLvm11l3UBvdWwH3N1JeGJ4n8rh5JuBzeMIuLxp1uoO5c%2BSfnUitzVvN%2FOwA9L4Y%2FLHfNB%2BrnzFHc4tNijcxQllp%2FgTCqdg5XaDS%2BPFdAnJt%2B%2FmG5GghO2ZKRRy%2Blgf%2BYiYGu%2F%2BhkBDD1Cg9dAvwZgieCn%2FZflbWCIjrheV7SJmPHjLb7lBSSYkRiXWCNV%2Fe2vjD16PWjSB%2FtEPVUr5ZcN%2FoUCC3yRNM%2B7oQuoTZ7F6m8UAC85aAbV1d%2BPxWJFHF%2BbuS7GAzmWnEyXozJquS0BKFdll0C2VM4Vfqt22WDaFaYXsADY%2Bhqg9gy8M7fQZfj05qXZwLP%2B3SaRm%2FniCKuq1SLxVJDeLHsbSh%2FvInDs%2FerdEENWy3F1%2BGtVRIV8x2DgYhn12sRXDTJwUmN%2F99QArXVaotkPswFpj4LAFBkjtCw9mdSvB4FYHN%2Fi54Uzq924ZDTf8FjkvJKUQW1adbmpPyOv5UiQiAsz1Q7AflMO9uRGa%2FQCeHZSQ%2F5MaLzZpB&ts=1614532471&ttl=345600&v=v3.3.6
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://idelv.net/b2/l/c/redir?eid=651&n=845948e529e51f2564a52997&nid=2&sid=YucmXRO1EmQDpZhMOQjE4lrQocuh5V6SD7IQgR%2FcGDpTZ4PESLjssgb97Wen2sjyzuk0RW%2FZynV2McC651GqMgZ3mdvXxkhxJXriEZ5NAkL%2B30RcaTTSDGaVv3b1%2BgEPMMai6ULuxZvsE4M2GO9vQfgDi4lgWzqZixe10NxfTfl0DY81IOhDFVlxAQexJodoei%2BywR6wW6OIupblBumA%2F2nSFSnQdnLC2xkD2JSWp4PbfOHdE4myUscRXsu9h2kDPA8%2BuqcRHUWkpGlsEIoFdOGpqu2F31A2jAQVQ%2Fmrkopr5mPKMhQIqROcwOkysP03gJY1rZkdQMNpweGW9K6n7%2FmOjcmZd4yER3%2Fyq%2By0ZEj0wMTWqRZgiNCKwciIP2wUnpRT9mZDOrjVfulfKd8Xt4KzvWZ359HevPjQN7%2BHFDnReIG6ACwNP%2FRA97OCeG9ZEiiQ5Q8%2FsEbojRiJAcUob6d2kvD%2B6SddGU0%2BOLoto%2BjFdiLGRR63i%2F82df%2F4zsiu91r8NE1hgn0GG3OTaKqW8uHmBsEhq9D0%2F0hSgOspZFpLHZ9HZJQboM7ts2WtJnLXcdWVavlvKSM9OU6hbkrMxJjJcGABvNCTQrvukeVdzkZ%2FK1vH0eFCAVrnMMy2AXxOrnyufdAbngJjQKjG8Dxcd5evko5MgbUwTQ0yfnzZQjrR%2BfJaoX%2Fc9zblJvsDROV1N3C7pF3%2FLweeCoarfV7U%2Baq%2F1bDpfH0EUtSuDR%2FFwaoudX0jZE5jb5O7OF0ikjRepQX7YDtEof37rM%2FrsMvO8eWOLJKfUGwwBHINX5KU%2Fpej%2B89TYnD5kH0NKHcs5sMygdBctdhDLAnQO97J5k12c8vnLzvBaMQYqcz0PLd%2FzPZIzRrAbmA0cOhWkRKpxMqUuDYxFn4AE6Vp%2BfAN0HhrbeuXStfAsdyGUvDRCPt%2FURRZm5IFHi4L8PIn1v14EBiqZ2kVGAiVhfcfagsSV1FGs3gNwfY5HwfliLvm11l3UBvdWwH3N1JeGJ4n8rh5JuBzeMIuLxp1uoO5c%2BSfnUitzVvN%2FOwA9L4Y%2FLHfNB%2BrnzFHc4tNijcxQllp%2FgTCqdg5XaDS%2BPFdAnJt%2B%2FmG5GghO2ZKRRy%2Blgf%2BYiYGu%2F%2BhkBDD1Cg9dAvwZgieCn%2FZflbWCIjrheV7SJmPHjLb7lBSSYkRiXWCNV%2Fe2vjD16PWjSB%2FtEPVUr5ZcN%2FoUCC3yRNM%2B7oQuoTZ7F6m8UAC85aAbV1d%2BPxWJFHF%2BbuS7GAzmWnEyXozJquS0BKFdll0C2VM4Vfqt22WDaFaYXsADY%2Bhqg9gy8M7fQZfj05qXZwLP%2B3SaRm%2FniCKuq1SLxVJDeLHsbSh%2FvInDs%2FerdEENWy3F1%2BGtVRIV8x2DgYhn12sRXDTJwUmN%2F99QArXVaotkPswFpj4LAFBkjtCw9mdSvB4FYHN%2Fi54Uzq924ZDTf8FjkvJKUQW1adbmpPyOv5UiQiAsz1Q7AflMO9uRGa%2FQCeHZSQ%2F5MaLzZpB&ts=1614532471&ttl=345600&v=v3.3.6

Response headers

server: nginx/1.18.0
date: Sun, 28 Feb 2021 18:01:38 GMT
content-type: text/html
last-modified: Thu, 26 Nov 2020 15:01:12 GMT
etag: W/"5fbfc338-1168"
strict-transport-security: max-age=31536000
content-encoding: gzip

Redirect headers

server: nginx/1.18.0
date: Sun, 28 Feb 2021 18:01:38 GMT
content-type: text/html; charset=UTF-8
location: https://nbvcas.com/landers/antivirus/1/index.html?lang=en-US&clickid=796bbyduouswja04&domain=qwertyhuerty.com&uclick=yduouswj&uclickhash=yduouswj-yduouswj-2t2t-h9fy-pmrn-scsy-1mxi-2f6982
set-cookie: uclick=yduouswj; expires=Mon, 01-Mar-2021 18:01:38 GMT; Max-Age=86400; path=/; secure; SameSite=none uclickhash=yduouswj-yduouswj-2t2t-h9fy-pmrn-scsy-1mxi-2f6982; expires=Mon, 01-Mar-2021 18:01:38 GMT; Max-Age=86400; path=/; secure; SameSite=none
strict-transport-security: max-age=31536000

GET
H2 200 css_land1.css
nbvcas.com/landers/antivirus/1/files/ 6 KB
6 KB 31ms
30ms Stylesheet
text/css 88.198.52.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://nbvcas.com/landers/antivirus/1/files/css_land1.css

Requested by

Host: nbvcas.com
URL: https://nbvcas.com/landers/antivirus/1/index.html?lang=en-US&clickid=796bbyduouswja04&domain=qwertyhuerty.com&uclick=yduouswj&uclickhash=yduouswj-yduouswj-2t2t-h9fy-pmrn-scsy-1mxi-2f6982

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

88.198.52.40 Kassel, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

d24370fff.fastvps-server.com

Software

nginx/1.18.0 /

Resource Hash

2339c1879c2976708dbd486566affece53ced60b847a7437b1aef82b7aeee97f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://nbvcas.com/landers/antivirus/1/index.html?lang=en-US&clickid=796bbyduouswja04&domain=qwertyhuerty.com&uclick=yduouswj&uclickhash=yduouswj-yduouswj-2t2t-h9fy-pmrn-scsy-1mxi-2f6982
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 18:01:38 GMT
last-modified: Thu, 26 Nov 2020 15:01:26 GMT
server: nginx/1.18.0
etag: "5fbfc346-17a0"
strict-transport-security: max-age=31536000
content-type: text/css
accept-ranges: bytes
content-length: 6048

GET
H2 200 bootstrap.css
nbvcas.com/landers/antivirus/1/files/ 141 KB
142 KB 46ms
45ms Stylesheet
text/css 88.198.52.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://nbvcas.com/landers/antivirus/1/files/bootstrap.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

88.198.52.40 Kassel, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

d24370fff.fastvps-server.com

Software

nginx/1.18.0 /

Resource Hash

f9f1ce2a9079ebe7445ff10ac12b8f049abc43c499f4978297ec5dd23283a2e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://nbvcas.com/landers/antivirus/1/index.html?lang=en-US&clickid=796bbyduouswja04&domain=qwertyhuerty.com&uclick=yduouswj&uclickhash=yduouswj-yduouswj-2t2t-h9fy-pmrn-scsy-1mxi-2f6982
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 18:01:38 GMT
last-modified: Thu, 26 Nov 2020 15:01:27 GMT
server: nginx/1.18.0
etag: "5fbfc347-235c0"
strict-transport-security: max-age=31536000
content-type: text/css
accept-ranges: bytes
content-length: 144832

GET
H2 200 font-awesome.css
nbvcas.com/landers/antivirus/1/files/ 27 KB
27 KB 60ms
60ms Stylesheet
text/css 88.198.52.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://nbvcas.com/landers/antivirus/1/files/font-awesome.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

88.198.52.40 Kassel, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

d24370fff.fastvps-server.com

Software

nginx/1.18.0 /

Resource Hash

c91328144122a2b3196a7aa5379fc26e2be6015342f9fd1b40d63763b01c198a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://nbvcas.com/landers/antivirus/1/index.html?lang=en-US&clickid=796bbyduouswja04&domain=qwertyhuerty.com&uclick=yduouswj&uclickhash=yduouswj-yduouswj-2t2t-h9fy-pmrn-scsy-1mxi-2f6982
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 18:01:38 GMT
last-modified: Thu, 26 Nov 2020 15:01:27 GMT
server: nginx/1.18.0
etag: "5fbfc347-6acc"
strict-transport-security: max-age=31536000
content-type: text/css
accept-ranges: bytes
content-length: 27340

GET
H2 200 headerlogo.png
nbvcas.com/landers/antivirus/1/files/ 19 KB
19 KB 30ms
30ms Image
image/png 88.198.52.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nbvcas.com/landers/antivirus/1/files/headerlogo.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

88.198.52.40 Kassel, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

d24370fff.fastvps-server.com

Software

nginx/1.18.0 /

Resource Hash

df711b9f04a047ebf38ee2df5456d64f425e1e76438d2542cafe0db53a324358

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://nbvcas.com/landers/antivirus/1/index.html?lang=en-US&clickid=796bbyduouswja04&domain=qwertyhuerty.com&uclick=yduouswj&uclickhash=yduouswj-yduouswj-2t2t-h9fy-pmrn-scsy-1mxi-2f6982
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 18:01:38 GMT
last-modified: Thu, 26 Nov 2020 15:01:27 GMT
server: nginx/1.18.0
etag: "5fbfc347-4cf3"
strict-transport-security: max-age=31536000
content-type: image/png
accept-ranges: bytes
content-length: 19699

GET
H2 200 hd.png
nbvcas.com/landers/antivirus/1/files/ 57 KB
57 KB 29ms
29ms Image
image/png 88.198.52.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nbvcas.com/landers/antivirus/1/files/hd.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

88.198.52.40 Kassel, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

d24370fff.fastvps-server.com

Software

nginx/1.18.0 /

Resource Hash

829b3d94556673c71f759f4e157e4e149779185b4540cc331bdc3ce888710f61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://nbvcas.com/landers/antivirus/1/index.html?lang=en-US&clickid=796bbyduouswja04&domain=qwertyhuerty.com&uclick=yduouswj&uclickhash=yduouswj-yduouswj-2t2t-h9fy-pmrn-scsy-1mxi-2f6982
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 18:01:38 GMT
last-modified: Thu, 26 Nov 2020 15:01:27 GMT
server: nginx/1.18.0
etag: "5fbfc347-e21c"
strict-transport-security: max-age=31536000
content-type: image/png
accept-ranges: bytes
content-length: 57884

GET
H2 200 css_land1.css
nbvcas.com/landers/antivirus/1/files/ 6 KB
6 KB 31ms
30ms Image
text/css 88.198.52.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nbvcas.com/landers/antivirus/1/files/css_land1.css

Requested by

Host: nbvcas.com
URL: https://nbvcas.com/landers/antivirus/1/files/css_land1.css

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

88.198.52.40 Kassel, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

d24370fff.fastvps-server.com

Software

nginx/1.18.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://nbvcas.com/landers/antivirus/1/files/css_land1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 18:01:38 GMT
last-modified: Thu, 26 Nov 2020 15:01:26 GMT
server: nginx/1.18.0
etag: "5fbfc346-17a0"
strict-transport-security: max-age=31536000
content-type: text/css
accept-ranges: bytes
content-length: 6048

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

idelv.net
mo22.biz
nbvcas.com
qwertyhuerty.com
109.206.168.5
143.198.248.64
88.198.52.40
2339c1879c2976708dbd486566affece53ced60b847a7437b1aef82b7aeee97f
4ab2ff9f2870fa06707b0e0eb4b03fda1b863b491123f9c83188b858c7b39315
829b3d94556673c71f759f4e157e4e149779185b4540cc331bdc3ce888710f61
bd9296bdbb12f48f5e44a9c0daf7732f84d6a3a7a627bf314af64ddb60f2cd7c
c91328144122a2b3196a7aa5379fc26e2be6015342f9fd1b40d63763b01c198a
df711b9f04a047ebf38ee2df5456d64f425e1e76438d2542cafe0db53a324358
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f9f1ce2a9079ebe7445ff10ac12b8f049abc43c499f4978297ec5dd23283a2e5

nbvcas.com Open in urlscan Pro 88.198.52.40 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

8 Requests

100 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

2 IPs

2 Countries

260 kBTransfer

261 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

0 Cookies

Indicators

nbvcas.com Open in urlscan Pro
88.198.52.40 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

2
IPs

2
Countries

260 kB
Transfer

261 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions