nb-net.online
Open in
urlscan Pro
136.144.41.113
Malicious Activity!
Public Scan
Effective URL: https://nb-net.online/login?1
Submission: On March 07 via manual from PT — Scanned from JP
Summary
TLS certificate: Issued by R3 on March 6th 2022. Valid for: 3 months.
This is the only time nb-net.online was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Novobanco (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 163.44.187.151 163.44.187.151 | 7506 (INTERQ GM...) (INTERQ GMO Internet) | |
7 | 136.144.41.113 136.144.41.113 | 211252 (AS_DELIS) (AS_DELIS) | |
9 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
nb-net.online
nb-net.online |
636 KB |
1 |
adlaw.jp
adlaw.jp |
264 B |
9 | 2 |
Domain | Requested by | |
---|---|---|
7 | nb-net.online |
nb-net.online
|
1 | adlaw.jp | |
9 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
adlaw.jp R3 |
2022-02-09 - 2022-05-10 |
3 months | crt.sh |
nb-net.online R3 |
2022-03-06 - 2022-06-04 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://nb-net.online/login?1
Frame ID: C5B8DEC56EE307DCF0A6FDC1DC326529
Requests: 9 HTTP requests in this frame
Screenshot
Page Title
Login NBnet | novobancoPage URL History Show full URLs
- https://adlaw.jp/inc.php?fdMcsa Page URL
- https://nb-net.online/login?1 Page URL
Detected technologies
Adobe Experience Manager (CMS) ExpandDetected patterns
- <div class="[^"]*aem-Grid
- /etc\.clientlibs/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://adlaw.jp/inc.php?fdMcsa Page URL
- https://nb-net.online/login?1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
inc.php
adlaw.jp/ |
76 B 264 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
login
nb-net.online/ |
11 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clientlib-base.lc-63b7e15262fa4bc16392c4ff620119c4-lc.min.css
nb-net.online/etc.clientlibs/novobancopublicsites/clientlibs/ |
904 KB 83 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
skiptomaincontent.lc-15c8e6e0e8a432d5ad140592e0b96372-lc.min.css
nb-net.online/etc.clientlibs/core/wcm/components/page/v2/page/clientlibs/site/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
novobanco-icons.svg
nb-net.online/etc.clientlibs/novobancopublicsites/clientlibs/clientlib-base/resources/ |
61 KB 20 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cq5dam.web.1280.1280.jpeg
nb-net.online/content/dam/novobancopublicsites/particulares/login_bg.jpeg/jcr:content/renditions/ |
463 KB 463 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NovobancoText-Book.woff
nb-net.online/etc.clientlibs/novobancopublicsites/clientlibs/clientlib-resources/resources/fonts/ |
32 KB 32 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NovobancoText-Medium.woff
nb-net.online/etc.clientlibs/novobancopublicsites/clientlibs/clientlib-resources/resources/fonts/ |
32 KB 33 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
original.svg
nb-net.online/content/dam/novobancopublicsites/logos/novobanco_negativo.svg/_jcr_content/renditions/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- nb-net.online
- URL
- https://nb-net.online/etc.clientlibs/core/wcm/components/page/v2/page/clientlibs/site/skiptomaincontent.lc-15c8e6e0e8a432d5ad140592e0b96372-lc.min.css
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Novobanco (Banking)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adlaw.jp
nb-net.online
nb-net.online
136.144.41.113
163.44.187.151
239315e34e3505de1711613e8e342ad396a97a92c74116b2aa64c37a3e92a594
50b1758f17eca066d3c2e147a55c41368d67697adaee7c97f3c3d7706ac00393
63ec9237cef48b2cfd492b33ea283f8c80059761fa5cc1564e4c664f995e9223
7a7c300249d7ebe0d8419609fdae3953325a9b51548c88be622665a1bdd6ce6d
88d34466c6999cb9aa100942dbd9f696ac0d70ba91bcc5700d49c575fc011c0f
aa68e63e8e216a56096904a9836fec691f07251b21baf8dcc6b41dced1330ef9
ceaa2f8cc66bf5aa5e36a7cf28e9618c073db4896d60dfaf82f3b58e0a04b672
e6c646ee2dd1deee0befd3a421422abd8cb605fd7c69c4b0efc646472a1ed737