![](/screenshots/753752c6-60d7-4556-8db8-fb308f1be8da.png)
nvbvnco.com
Open in
urlscan Pro
172.67.221.43
Malicious Activity!
Public Scan
Effective URL: https://nvbvnco.com/Q88P1D4YSMITKRBDQPV2P8W509/login
Submission: On June 26 via api from US — Scanned from DE
Summary
TLS certificate: Issued by E5 on June 21st 2024. Valid for: 3 months.
This is the only time nvbvnco.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Cloudflare (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 29 | 172.67.221.43 172.67.221.43 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a04:4e42::649 2a04:4e42::649 | 54113 (FASTLY) (FASTLY) | |
1 | 172.67.70.233 172.67.70.233 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
29 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
29 |
nvbvnco.com
2 redirects
nvbvnco.com |
292 KB |
1 |
geojs.io
get.geojs.io — Cisco Umbrella Rank: 17918 |
844 B |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 816 |
30 KB |
29 | 3 |
Domain | Requested by | |
---|---|---|
29 | nvbvnco.com |
2 redirects
nvbvnco.com
code.jquery.com |
1 | get.geojs.io |
nvbvnco.com
|
1 | code.jquery.com |
nvbvnco.com
|
29 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
nvbvnco.com E5 |
2024-06-21 - 2024-09-19 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
geojs.io E1 |
2024-05-09 - 2024-08-07 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://nvbvnco.com/Q88P1D4YSMITKRBDQPV2P8W509/login
Frame ID: 97904CDB104152AF41DF8C892192856B
Requests: 29 HTTP requests in this frame
Screenshot
![](/screenshots/753752c6-60d7-4556-8db8-fb308f1be8da.png)
Page Title
-::Page URL History Show full URLs
-
https://nvbvnco.com/FDCV1V2PF5OAV8VBHMPGH4CN0I/login
HTTP 302
https://nvbvnco.com/ Page URL
-
https://nvbvnco.com/cdn-cgi/phish-bypass?atok=LeNgWm43POM9AWysY0VkoD6F72.70e6bA_gbimyp9Ro-171942...
HTTP 301
https://nvbvnco.com/ Page URL
- https://nvbvnco.com/Q88P1D4YSMITKRBDQPV2P8W509/login Page URL
Detected technologies
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Detected patterns
- jquery-ui[.-]([\d.]*\d)[^/]*\.js
- jquery-ui.*\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://nvbvnco.com/FDCV1V2PF5OAV8VBHMPGH4CN0I/login
HTTP 302
https://nvbvnco.com/ Page URL
-
https://nvbvnco.com/cdn-cgi/phish-bypass?atok=LeNgWm43POM9AWysY0VkoD6F72.70e6bA_gbimyp9Ro-1719425474-0.0.1.1-%2F
HTTP 301
https://nvbvnco.com/ Page URL
- https://nvbvnco.com/Q88P1D4YSMITKRBDQPV2P8W509/login Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://nvbvnco.com/FDCV1V2PF5OAV8VBHMPGH4CN0I/login HTTP 302
- https://nvbvnco.com/
- https://nvbvnco.com/cdn-cgi/phish-bypass?atok=LeNgWm43POM9AWysY0VkoD6F72.70e6bA_gbimyp9Ro-1719425474-0.0.1.1-%2F HTTP 301
- https://nvbvnco.com/
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
/
nvbvnco.com/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cf.errors.css
nvbvnco.com/cdn-cgi/styles/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-exclamation.png
nvbvnco.com/cdn-cgi/images/ |
452 B 634 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
nvbvnco.com/ Redirect Chain
|
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
all.css
nvbvnco.com/public/styles/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
loader.gif
nvbvnco.com/public/images/ |
5 KB 6 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
geo.js
get.geojs.io/v1/ip/ |
355 B 844 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Q88P1D4YSMITKRBDQPV2P8W509.html
nvbvnco.com/ |
80 B 657 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
login
nvbvnco.com/Q88P1D4YSMITKRBDQPV2P8W509/ |
21 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
tpl.css
nvbvnco.com/css/ |
35 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
controlos.css
nvbvnco.com/css/ |
21 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
nav.css
nvbvnco.com/css/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.css
nvbvnco.com/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
b20top.js
nvbvnco.com/web/Resources/js/ |
43 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
b20srv.js
nvbvnco.com/web/Resources/js/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
loader_anim.gif
nvbvnco.com/Resources/ |
5 KB 6 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
EsColors.js
nvbvnco.com/web/Resources/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery-1.4.4.min.js
nvbvnco.com/web/Resources/js/ |
77 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery-1.10.2.min.js
nvbvnco.com/web/Resources/js/ |
91 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery-ui-1.11.4.min.js
nvbvnco.com/web/Resources/js/ |
235 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.reject.min.js
nvbvnco.com/web/Resources/js/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.png
nvbvnco.com/web/Resources/Login/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
NovobancoText-Bold.woff
nvbvnco.com/css/fonts/ |
30 KB 31 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icons.png
nvbvnco.com/web/Resources/Login/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Slider_B.png
nvbvnco.com/web/Resources/Login/ |
482 B 970 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon_arrow_left.png
nvbvnco.com/web/Resources/Login/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
NovobancoText-Book.woff
nvbvnco.com/css/fonts/ |
32 KB 32 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
NovobancoText-Light.woff
nvbvnco.com/css/fonts/ |
29 KB 29 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Cloudflare (Online)159 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage object| bNet object| Topo boolean| sessionExpiringAlert function| bNet$Util$ShowHelp function| bNet$Util$getUrl20 function| allowReplace function| bNet$Val$_MostraAEA function| bNet$Timer$Mais function| bNet$Timer$_Render function| bNet$Timer$_Calculate function| startAnimation function| behave function| stopBehave function| disableAnimation function| switchToFV20 function| navigateToFV function| navigateToNMA function| navigateToURL function| navigateTo function| obtemImagem function| navegaServico function| navegaDetalhePedido function| copiaDadosRetorno function| guardaDadosRetorno function| navegaNMADetalheAssinatura function| navegaFlexViewDetalheAssinatura function| navegaDetalheAssinatura function| navegaVoltarServicoUtilizador function| FV$loaded function| FV$printout function| FV$exportar function| FV$error function| FV$isActive function| FV$resize function| FV$updQuickLinks function| FV$NavegaServicoUser function| FV$NavegaDetalhePedido function| FV$NavegaVoltar function| bNet$Util$getNavigationUrl function| getNavigationUrl function| bNet$Val$ValidaTecla function| validaTecla function| bNet$Val$ValidaSoNumeros function| validaSoNumeros function| bNet$Val$VerificaCampo function| verificaCampo function| bNet$Val$ValidaNumericoReal function| validaNumericoReal function| bNet$Val$ValidaNumerico function| validaNumerico function| bNet$Val$ValidaTelemovel function| validaTelemovel function| bNet$Val$VerificaNumericoReal function| verificaNumericoReal function| bNet$Val$VerificaNumerico function| verificaNumerico function| bNet$Val$VerificaTelemovel function| verificaTelemovel function| bNet$Val$VerificaEmail function| verificaEmail function| bNet$Val$ObtemCodigoTecla function| obtemCodigoTecla function| bNet$Val$ValidaCaracterEspecial function| validaCaracterEspecial function| bNet$Val$ProcessaSalto function| processaSalto function| bNet$Val$MostraCalendario function| mostraCalendario function| bNet$Val$MostraAlerta function| mostraAlerta function| bNet$Val$MostraErro function| mostraErro function| bNet$Val$MostraAviso function| mostraAviso function| bNet$Val$MostraInfo function| mostraInfo function| bNet$Val$ValidaData function| validaData function| bNet$Val$ValidaHora function| validaHora function| bNet$Val$ValidaDataHora function| validaDataHora function| bNet$Val$ParseDate function| parseDate function| bNet$Val$ParseTime function| parseTime function| bNet$Val$AnoBisexto function| anoBisexto function| bNet$Val$ParseTimestamp function| parseTimestamp function| bNet$Val$ValidaAgendamento function| validaAgendamento function| bNet$Val$InicializaAgendamento function| inicializaAgendamento function| bNet$Val$LimpaAgendamento function| limpaAgendamento function| bNet$Val$DateDiff function| dateDiff function| bNet$Val$MoveTo function| move_to boolean| bNet$Val$salta function| FV$setHeight function| bNet$Ctx$ValidaTop function| bNet$Ctx$MudaUtilizador function| bNet$Ctx$IniContexto function| bNet$Ctx$Print function| bNet$Ctx$IniPrint function| bNet$Ctx$IniAlerta function| bNet$Ctx$IniHelp function| bNet$Ctx$IniSave function| bNet$Ctx$IniCorreio function| bNet$Ctx$AlteraIdioma function| bNet$Ctx$alteraPaginaInicial function| bNet$Ctx$Resize function| bNet$Ctx$FimSessao function| bNet$Sombra$Navigate function| bNet$Sombra$MeToMain function| bNet$Sombra$MainFromSombra function| __iniCtx function| doOnLoad function| Mk function| char2hex function| hex2bin function| bin2hex function| cvt1 function| $ function| jQuery object| metaTag object| headTag object| metaTag2 undefined| scriptTag number| num_bt number| num_bt2 number| zp number| zp2 number| cnt boolean| act number| ch_st number| ch_st2 string| pin string| pinentry string| le1 string| le2 string| le3 function| lmp function| pK function| pK2 function| cA function| disablePostback function| fillSlots function| fillSlots2 function| changeSlots function| changeSlots2 function| changeActionMessage undefined| elements function| handleSliderChanges4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.nvbvnco.com/ | Name: __cf_mw_byp Value: LeNgWm43POM9AWysY0VkoD6F72.70e6bA_gbimyp9Ro-1719425474-0.0.1.1-/ |
|
nvbvnco.com/ | Name: csrf-token Value: 905W8P2VPQDBRKTIMSY4D1P88Q |
|
nvbvnco.com/ | Name: visitor Value: 667c59c78df893b4c9df8537 |
|
nvbvnco.com/ | Name: userId Value: GS8X3HS4L1KQF |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
code.jquery.com
get.geojs.io
nvbvnco.com
172.67.221.43
172.67.70.233
2a04:4e42::649
1685c781117c24031003268a9e323f0e131342440b154af30bf4d342f6965189
247dc4367f865f503c0310137e4a84a9e3a845720235b4fb0d6eb619a60830c9
29c9e8752f25b17961e3c6ff72de34b1f1a157dfc5fabb68bd148b8ec9002b17
3497aea099b8be66c4fc9ed34fe0d82d07065bbdbde635447821317373f59a68
400ba1e8002e0b8d9de32989904cc8c1a1d6e4c84f196e70e92bf4b4fa1289da
428e875bd060f5e0af7f6eecd8e9c4a917decc1c8585647f8e379a67af373c80
45c9e547e5f07c7ff02a59d1d549e50470c9395d18a30622391f8136e4c3bcd2
48d685402b465594e6ec567be7f1cddcedadc9b6721f5eed1ffe7555c15ef0dc
5379dd3b86e90aab11fb3abcc9ba7ab14bee52baf759b43ad9726a124e054f59
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
89fdccc94fc61b12f81d6aa81b22f406eabc5196f2d18b17c151253ae4bb0842
967924ef1b394a41daa11900a5771ed04eb164ec7ba906eb9221f573b9fc9e17
990f3452736f1806199700baf0c66068b20b77c542daedec6959ec0fa2e73c15
9f6fd6019e47fd1139f12de91b5583ec98399886b625f9c1ce12465f7cc77aee
a7fc3f128492bb8d6e6a71e4fa7ff756f159c1f49874dd40cc3fb6a3e271478f
a875900196d150d9ef234163eec5c6135577f2b68fdf265747383089a05b9020
a9ca39976d34bdf231cc9be2e890f01a9f63fc6b59a25fb2a985e59526cad470
b4597411ffacb57b34f0701ee0363eba9d1af6c7f0f3950890d33b0810151b29
cd0cf9d1e908630afaa6994b1f9af84717d09abfb29c16b64aa68d9d75475f1f
cd13896ab186c6b592a29edda3b6b3add02d94665263c13852b0770fbbeef097
ceaa2f8cc66bf5aa5e36a7cf28e9618c073db4896d60dfaf82f3b58e0a04b672
d20f325f58c81e04c5191c01bf0b300f3010ce3a575c520e800e2644109eecb4
d93c25136f398021e42f2a3c47da3a4c6f794bf173b3aa1a9ada4e0739d95b30
da60d2cee31ebd8a5723bd1506da6dbb6987301f6a8508ff86317ed321ceed57
e80b0756cad7e1b29b4ad6293ad292fb18d9bb723a25035b3f6ea258b999d98f
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e