tnvcert.com Open in urlscan Pro
88.198.102.81 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tnvcert.com/
Submission: On February 27 via manual (February 27th 2024, 2:21:32 pm UTC) from IT — Scanned from IT

Summary HTTP 14 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 14 HTTP transactions. The main IP is 88.198.102.81, located in Germany and belongs to HETZNER-AS, DE. The main domain is tnvcert.com.
TLS certificate: Issued by R3 on February 6th 2024. Valid for: 3 months.

This is the only time tnvcert.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Nexi (Banking)

Domain & IP information

	IP Address	AS Autonomous System
9	88.198.102.81 88.198.102.81	24940 (HETZNER-AS) (HETZNER-AS)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
2	185.198.118.126 185.198.118.126	35051 (NEXI-AS) (NEXI-AS)
14	4

9 88.198.102.81 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: s4.hostssdserver.com

tnvcert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.198.118.126 (Italy)

ASN35051 (NEXI-AS, IT)

www.nexi.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	tnvcert.com tnvcert.com	239 KB
2	nexi.it www.nexi.it	188 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 729	32 KB
14	3

	Domain	Requested by
9	tnvcert.com	tnvcert.com code.jquery.com
2	www.nexi.it	tnvcert.com
1	code.jquery.com	tnvcert.com
14	3

This site contains links to these domains. Also see Links.

Domain
www.nexi.it

Subject Issuer	Validity	Valid
*.tnvcert.com R3	`2024-02-06` - `2024-05-06`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
www.nexi.it GlobalSign RSA OV SSL CA 2018	`2023-08-04` - `2024-08-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://tnvcert.com/
Frame ID: 9043B7FC06F135F712F3E2FFDEE30FEA
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

86 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

460 kB
Transfer

1556 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.nexi.it/?openModal=login#tab-id-privati
Title: Privati

Search URL Search Domain Scan URL

URL: https://www.nexi.it/?openModal=login
Title: Non sei tu?

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
tnvcert.com/ 550 KB
27 KB 237ms
80ms Document
text/html 88.198.102.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tnvcert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

88.198.102.81 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

s4.hostssdserver.com

Software

LiteSpeed /

Resource Hash

82ab8c39632fe6180a81e496f21dec585bfb3faa3df59145ff7e6826b86b2970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: public, max-age=2592000
content-encoding: br
content-length: 27635
content-type: text/html
date: Tue, 27 Feb 2024 14:21:27 GMT
expires: Thu, 28 Mar 2024 14:21:27 GMT
last-modified: Tue, 12 Sep 2023 21:44:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 jquery-1.9.1.min.js Show response
code.jquery.com/ 90 KB
32 KB 448ms
38ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.9.1.min.js
Requested by: Host: tnvcert.com
URL: https://tnvcert.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tnvcert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:21:27 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 10435025
x-cache: HIT, HIT
content-length: 32772
x-served-by: cache-lga13625-LGA, cache-mxp6971-MXP
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1709043688.825603,VS0,VE0
etag: W/"28feccc0-169d5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 18, 233760

GET
H2 200 style.css
tnvcert.com/index_files/ 568 KB
66 KB 72ms
71ms Stylesheet
text/css 88.198.102.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tnvcert.com/index_files/style.css

Requested by

Host: tnvcert.com
URL: https://tnvcert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

88.198.102.81 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

s4.hostssdserver.com

Software

LiteSpeed /

Resource Hash

23ad197def9f4c983e658350fb1788aa32894df43eec7fa5d6ade80bc30cfdda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tnvcert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 26 Jul 2023 21:59:01 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 67612
x-xss-protection: 1; mode=block
expires: Thu, 28 Mar 2024 14:21:27 GMT

GET
H/1.1 200
OK style.css
www.nexi.it/cookieservice/nexi-it/ 21 KB
7 KB 258ms
52ms Stylesheet
text/css 185.198.118.126
NEXI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nexi.it/cookieservice/nexi-it/style.css

Requested by

Host: tnvcert.com
URL: https://tnvcert.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

1f6bbe8591e650b3e139d0603cafb80ea3e5e76117a15c4960422b536bd419d0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tnvcert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 14:21:27 GMT
Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
Last-Modified: Thu, 01 Feb 2024 09:53:29 GMT
ETag: "52c6-6104ef7af84cf"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD
Content-Type: text/css
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=300, public
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=24

GET css
tnvcert.com/index_files/ 0
0

GET
H2 200 logo--dark.svg
tnvcert.com/index_files/ 2 KB
1 KB 61ms
61ms Image
image/svg+xml 88.198.102.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tnvcert.com/index_files/logo--dark.svg

Requested by

Host: tnvcert.com
URL: https://tnvcert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

88.198.102.81 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

s4.hostssdserver.com

Software

LiteSpeed /

Resource Hash

790272db4f81bd54720506a836a513fb2ef6520b5227ce392be7c1dac52f4621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tnvcert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 25 Jul 2023 22:46:35 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1005
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 14:21:27 GMT

GET
H2 200 logo--light.svg
tnvcert.com/index_files/ 2 KB
1 KB 87ms
87ms Image
image/svg+xml 88.198.102.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tnvcert.com/index_files/logo--light.svg

Requested by

Host: tnvcert.com
URL: https://tnvcert.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

88.198.102.81 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

s4.hostssdserver.com

Software

LiteSpeed /

Resource Hash

04410889c5251ebffe51063822311d828830abd030f73b6cdb5777e5b3238cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tnvcert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 25 Jul 2023 22:46:35 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1009
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 14:21:27 GMT

GET css
tnvcert.com/index_files/ 0
0

GET
H/1.1 200
OK Card_Login_IOSI-Plus_Desktop_786x694.jpg
www.nexi.it/content/dam/nexi/img/login/ 180 KB
181 KB 53ms
52ms Image
image/jpeg 185.198.118.126
NEXI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nexi.it/content/dam/nexi/img/login/Card_Login_IOSI-Plus_Desktop_786x694.jpg

Requested by

Host: tnvcert.com
URL: https://tnvcert.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

a38acfae433e9ec1c9d35ea1e226361942de99362ad13c183d502fdbe1e96273

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tnvcert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 14:21:27 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Thu, 01 Feb 2024 10:31:30 GMT
ETag: "2cee1-6104f7fa7f57d"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, HEAD
Content-Type: image/jpeg
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=300, public
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=22

GET
H2 200 karbon-regular-webfont.woff
tnvcert.com/index_files/fonts/ 24 KB
24 KB 67ms
66ms Font
font/woff 88.198.102.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tnvcert.com/index_files/fonts/karbon-regular-webfont.woff

Requested by

Host: tnvcert.com
URL: https://tnvcert.com/index_files/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

88.198.102.81 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

s4.hostssdserver.com

Software

LiteSpeed /

Resource Hash

ade827343407a2a81168acb91cabc1ed7d83de7010966dd1b7f06f4e0344b9e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tnvcert.com/index_files/style.css
Origin: https://tnvcert.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:21:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 26 Jul 2023 21:54:50 GMT
server: LiteSpeed
content-type: font/woff
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 24308
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 14:21:27 GMT

GET
H2 200 karbon-semibold-webfont.woff
tnvcert.com/index_files/fonts/ 24 KB
25 KB 104ms
104ms Font
font/woff 88.198.102.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tnvcert.com/index_files/fonts/karbon-semibold-webfont.woff

Requested by

Host: tnvcert.com
URL: https://tnvcert.com/index_files/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

88.198.102.81 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

s4.hostssdserver.com

Software

LiteSpeed /

Resource Hash

0696904b24ea3bdaf9ee857ded71391ccd44d40b84334571a5c5e71f93b4a0c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tnvcert.com/index_files/style.css
Origin: https://tnvcert.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:21:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 26 Jul 2023 21:54:31 GMT
server: LiteSpeed
content-type: font/woff
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25032
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 14:21:27 GMT

GET
H2 200 karbon-medium-webfont.woff
tnvcert.com/index_files/fonts/ 24 KB
24 KB 103ms
102ms Font
font/woff 88.198.102.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tnvcert.com/index_files/fonts/karbon-medium-webfont.woff

Requested by

Host: tnvcert.com
URL: https://tnvcert.com/index_files/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

88.198.102.81 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

s4.hostssdserver.com

Software

LiteSpeed /

Resource Hash

4061275193aa1a5245941f7768b307219fc0f86f44dc1cf4d293168b93a72259

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tnvcert.com/index_files/style.css
Origin: https://tnvcert.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:21:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 26 Jul 2023 21:54:46 GMT
server: LiteSpeed
content-type: font/woff
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 24956
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 14:21:27 GMT

GET
H2 200 nexi.woff
tnvcert.com/index_files/fonts/ 70 KB
70 KB 78ms
78ms Font
font/woff 88.198.102.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tnvcert.com/index_files/fonts/nexi.woff

Requested by

Host: tnvcert.com
URL: https://tnvcert.com/index_files/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

88.198.102.81 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

s4.hostssdserver.com

Software

LiteSpeed /

Resource Hash

d1700915fc4144972b88e8a2d733e1bd5cfbc8ab94f91750878fa096e3d00903

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tnvcert.com/index_files/style.css
Origin: https://tnvcert.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:21:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 26 Jul 2023 21:55:04 GMT
server: LiteSpeed
content-type: font/woff
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 72020
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 14:21:27 GMT

GET
H2 200 access.php Show response
tnvcert.com/panel/ 88 B
183 B 1191ms
1191ms XHR
text/html 88.198.102.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tnvcert.com/panel/access.php

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.9.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

88.198.102.81 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

s4.hostssdserver.com

Software

LiteSpeed /

Resource Hash

fea1078f1c89033344ccd1179dfb9e24cd64acddbccbc9157997348f194e9367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://tnvcert.com/
X-Requested-With: XMLHttpRequest
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 14:21:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: LiteSpeed
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
content-length: 77
x-xss-protection: 1; mode=block
expires: Thu, 28 Mar 2024 14:21:29 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tnvcert.com
URL: https://tnvcert.com/index_files/css

Domain: tnvcert.com
URL: https://tnvcert.com/index_files/css

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Nexi (Banking)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| jQuery19102467164223958367

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://tnvcert.com/ Message: Refused to apply style from 'https://tnvcert.com/index_files/css' because its MIME type ('') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://tnvcert.com/ Message: Refused to apply style from 'https://tnvcert.com/index_files/css' because its MIME type ('') is not a supported stylesheet MIME type, and strict MIME checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
tnvcert.com
www.nexi.it
tnvcert.com
151.101.2.137
185.198.118.126
88.198.102.81
04410889c5251ebffe51063822311d828830abd030f73b6cdb5777e5b3238cb3
0696904b24ea3bdaf9ee857ded71391ccd44d40b84334571a5c5e71f93b4a0c6
1f6bbe8591e650b3e139d0603cafb80ea3e5e76117a15c4960422b536bd419d0
23ad197def9f4c983e658350fb1788aa32894df43eec7fa5d6ade80bc30cfdda
4061275193aa1a5245941f7768b307219fc0f86f44dc1cf4d293168b93a72259
790272db4f81bd54720506a836a513fb2ef6520b5227ce392be7c1dac52f4621
82ab8c39632fe6180a81e496f21dec585bfb3faa3df59145ff7e6826b86b2970
a38acfae433e9ec1c9d35ea1e226361942de99362ad13c183d502fdbe1e96273
ade827343407a2a81168acb91cabc1ed7d83de7010966dd1b7f06f4e0344b9e6
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
d1700915fc4144972b88e8a2d733e1bd5cfbc8ab94f91750878fa096e3d00903
fea1078f1c89033344ccd1179dfb9e24cd64acddbccbc9157997348f194e9367

tnvcert.com Open in urlscan Pro 88.198.102.81 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

14 Requests

86 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

4 IPs

3 Countries

460 kBTransfer

1556 kBSize

0 Cookies

2 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

0 Cookies

2 Console Messages

Security Headers

Indicators

tnvcert.com Open in urlscan Pro
88.198.102.81 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

86 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

460 kB
Transfer

1556 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!