urlscan.io logo urlscan.io
SecurityTrails logo

wvvwonline-promericasgt.com Open in urlscan Pro
2a06:98c1:3121::3  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://wvvwonline-promericasgt.com/
Submission: On April 24 via manual from GT — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is wvvwonline-promericasgt.com.
TLS certificate: Issued by GTS CA 1P5 on April 21st 2023. Valid for: 3 months.
This is the only time wvvwonline-promericasgt.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco Promerica (Banking)

Domain & IP information

IP Address AS Autonomous System
1 11 2a06:98c1:312... 13335 (CLOUDFLAR...)
10 1
Apex Domain
Subdomains		 Transfer
11 wvvwonline-promericasgt.com
wvvwonline-promericasgt.com
184 KB
10 1
Domain Requested by
11 wvvwonline-promericasgt.com 1 redirects wvvwonline-promericasgt.com
10 1

This site contains no links.

Subject Issuer Validity Valid
wvvwonline-promericasgt.com
GTS CA 1P5		 2023-04-21 -
2023-07-20		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://wvvwonline-promericasgt.com/
Frame ID: EAF0D5D639D05D5C7B585C0753A39171
Requests: 7 HTTP requests in this frame

Frame: https://wvvwonline-promericasgt.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/078c83c1/invisible.js
Frame ID: 534E88C004C16CAA842FB91A16769526
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Promeric@

Page Statistics

10
Requests

90 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

184 kB
Transfer

202 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://wvvwonline-promericasgt.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://wvvwonline-promericasgt.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/078c83c1/invisible.js

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
wvvwonline-promericasgt.com/ 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wvvwonline-promericasgt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.17
Resource Hash
a42258d387b5e305300411967c4261a777cd6a349db600c71bf752dfa9bddb2b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7bd1d7d84f480b5c-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 24 Apr 2023 22:39:36 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ICGYwAjP%2FG9TZCIkg8bkAtMoVuG5kD7lJDL%2FnOlh5RsbZ28L5cMsjT6uDRcgF2aEIsR2V5QQTzUYkIm89L1qU5rC0hQ1Kin4XcJ65%2Bvg28o6YUUGRvP3kH9eykh5RyLntQGmdqDXWzMI%2BdWS%2FEm7l%2Bp%2FPqoNNi1pP1s%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/8.1.17
x-served-by
cache-ams21055-AMS
x-timer
S1682375976.737249,VS0,VE289
style1.css
wvvwonline-promericasgt.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wvvwonline-promericasgt.com/style1.css
Requested by
Host: wvvwonline-promericasgt.com
URL: https://wvvwonline-promericasgt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26a2ef22b262a61f88d848cab76a437db09dedc3e59e434c07804cbdbe41bc7e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wvvwonline-promericasgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 22:39:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 varnish
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-ams21083-AMS
last-modified
Thu, 05 Jan 2023 02:39:24 GMT
server
cloudflare
x-timer
S1682375976.059367,VS0,VE284
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P0VQ5ExHeGS6F65mKAqtbZ%2B98cg%2FFbutxKlKPaaaIeI%2FoJgrkSi7geqOfpanJtWdoXdS3ZilEjJEq2Qk8phWe%2BdP1x9VRvXgJP9g5hWd%2BbySJf8TtRcJM6xoEmET1VPOcQgsEd7YuELK0uAc63qmFTFCHg8waJYYYB0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7bd1d7da48ef0b5c-AMS
x-cache-hits
0
index1.js
wvvwonline-promericasgt.com/ 		1 KB
795 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wvvwonline-promericasgt.com/index1.js
Requested by
Host: wvvwonline-promericasgt.com
URL: https://wvvwonline-promericasgt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1cccba9536f10d409f63655fc65c66c81dae3d67ea691d61a22c07942343faa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wvvwonline-promericasgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 22:39:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 varnish
content-encoding
br
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-ams21053-AMS
last-modified
Wed, 22 Mar 2023 00:57:16 GMT
server
cloudflare
x-timer
S1682375976.058114,VS0,VE302
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y6ENHrSMi5AHGapiL%2Bl31RyhnVFM9HFvU2I5%2FU4xJtRKsPT%2BLKvei1lxOHrVITf5taeeNoQ7CZeT9HHfS33pVTC7VdqIo2OsEJ0BpwhdaLtOUEl361v92j72e12efnm66YX%2Fig300M24fMc7hGeNreuWgS3EONQhU8o%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7bd1d7da48f00b5c-AMS
x-cache-hits
0
delay1.png
wvvwonline-promericasgt.com/media/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wvvwonline-promericasgt.com/media/delay1.png
Requested by
Host: wvvwonline-promericasgt.com
URL: https://wvvwonline-promericasgt.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a8e7cd802c66571fea3dc0723d829c521704187acb2c417a1f0e806def1a147
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wvvwonline-promericasgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 22:39:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 varnish
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-ams21080-AMS
last-modified
Wed, 04 Jan 2023 23:01:42 GMT
server
cloudflare
x-timer
S1682375976.374109,VS0,VE430
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0GId7w9vP36DgSjY2mBRX%2Bs5gGKGijuBT%2B9aNklZ1gueKT%2FAOiymkwosccRxariieXGqqbtpenOoWRTsNvdQBfC5YWsrx0StpJAkw9omQ1lPJpFbs4T3QOQInUu4bPYbS9YTznoUbOLoeI6Qsy3dH3k7R3c1eSADc8c%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7bd1d7dc4bd61c7c-AMS
x-cache-hits
0
img1.gif
wvvwonline-promericasgt.com/media/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wvvwonline-promericasgt.com/media/img1.gif
Requested by
Host: wvvwonline-promericasgt.com
URL: https://wvvwonline-promericasgt.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c1294b70210120e92c044bc38a7fb7fae66c20c248ab80c125181ffbce1e8b8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wvvwonline-promericasgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 22:39:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 varnish
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-ams21057-AMS
last-modified
Fri, 30 Dec 2022 04:23:52 GMT
server
cloudflare
x-timer
S1682375976.400002,VS0,VE291
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/gif
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEtKC0Ky2iYT8IZGIAB1ahp05D0yaYhAb%2BMxOQjgPW92Sl%2BHT6xMMZtxpfnF2ALoJOdbjfZHT%2BccRIV6tLtcgtiBaGOZ2g%2FM2zCn4ouwhnsFOsytnrci8hmkAqi5pCem6Xzw1nIvUhGHqmHZVcepqChQMgdwJyia2NQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7bd1d7dc5bef1c7c-AMS
x-cache-hits
0
img5.jpg
wvvwonline-promericasgt.com/media/ 		103 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wvvwonline-promericasgt.com/media/img5.jpg
Requested by
Host: wvvwonline-promericasgt.com
URL: https://wvvwonline-promericasgt.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a45513dc262f6da005e1eb5326beef8c796bfdae76052775a609286f8f429bb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wvvwonline-promericasgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 22:39:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 varnish
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-ams21078-AMS
last-modified
Fri, 30 Dec 2022 15:23:56 GMT
server
cloudflare
x-timer
S1682375976.389214,VS0,VE699
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mryGR7RfQ7Tnwtq6BBqvVhpKkzJ%2BtddzEHoSn2PZS5uYgdoTF2lHzpncQKQ6vcL%2BmiTRodE79tYmZR3mpObNACc0%2FMTfJcMuqC2sm7vQjftps5DhURSBw87zGweDafTyaAoW9FdOA4fA8%2FxIv4TbGgYpFWmf838dBPg%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7bd1d7dc5bf01c7c-AMS
x-cache-hits
0
img6.png
wvvwonline-promericasgt.com/media/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wvvwonline-promericasgt.com/media/img6.png
Requested by
Host: wvvwonline-promericasgt.com
URL: https://wvvwonline-promericasgt.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f64352d61ee287a001ed71d0fbbce62978ee99865b263961ffa8157e826fe4d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wvvwonline-promericasgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 22:39:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 varnish
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-ams21083-AMS
last-modified
Fri, 30 Dec 2022 20:35:04 GMT
server
cloudflare
x-timer
S1682375976.387114,VS0,VE285
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1hkAb0oBA6SAFSDJtSVhi%2BAUTh1vfJZceIeXtpmrkBAtM%2BtZqMeD%2FrkYbSKmVdDUddeu6QV8rS4l9Qo%2FJ4qEGbbpmy7ugLDn9IqSCxGXYFdGyNI51iSxmk05%2FppUijKlXxhxApPNXIOv9euvCU65w2Jh8kVs1lVFHPM%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7bd1d7dc5bf21c7c-AMS
x-cache-hits
0
invisible.js
wvvwonline-promericasgt.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/078c83c1/ Frame 534E
Redirect Chain
  • https://wvvwonline-promericasgt.com/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://wvvwonline-promericasgt.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/078c83c1/invisible.js
26 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wvvwonline-promericasgt.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/078c83c1/invisible.js
Requested by
Host: wvvwonline-promericasgt.com
URL: https://wvvwonline-promericasgt.com/
Protocol
H3
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd3e6a0638d72741b0abf9652b7057bf08001c046b78dad466e002b817c11130
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 22:39:36 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dtFqPt%2FULeIGXyJu1RI%2FHdzHBG1ISuw%2BuhjsQruRXh%2FO5inOtpkgpkFPIbFLbSnX6LBvTQ1QAvCsNSzd8tgrbU1Zmc%2FpizWHU%2Bff9BsE%2BuC%2FcGOrIoPOEPo5G5zkUXXdBx0Wkwi2wdvv2q3Zi9WgMdk9Q83SoHkugFQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7bd1d7dcac3c1c7c-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Mon, 24 Apr 2023 22:39:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XzmWXnszxzedekUsyaZsZZdwu%2BSOxmiCRQ2hvryN0VFvh1WuHtrBYf5uqKQqFeLUpW93cQnA3BVhIW3VskHC2Ylk%2FN8p2NuXD0BUsvIUbharQvzE4zQcEBmyokvupepG92HQ%2BgoReBS2MxvWsz%2F1dd8fzpnCNek9%2F68%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/078c83c1/invisible.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
7bd1d7dc7c141c7c-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
wvvwonline-promericasgt.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 534E 		6 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://wvvwonline-promericasgt.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: wvvwonline-promericasgt.com
URL: https://wvvwonline-promericasgt.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4636b1fe58b49961750edc37dc71cada8d772f7785e42fe2a04a87471365e3a2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 22:39:36 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WEjRV6XgZzYOKTFEFWqBihUkXJwJUB6Y%2FKQHeyVLWLfQYJq4rE7s5G48NE1RT1g5i0Vj5yr2qyo5rV%2FnlPI6Ch5ic5dGKszkQhiNNbjwv6QMAwSuML5F4BmKCFMr4yR9hs6ElNELCCqS40N90h6TYY1MBH%2FcdPaHi8o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7bd1d7dcec821c7c-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
7bd1d7d84f480b5c
wvvwonline-promericasgt.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 534E 		2 B
658 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wvvwonline-promericasgt.com/cdn-cgi/challenge-platform/h/b/cv/result/7bd1d7d84f480b5c
Requested by
Host: wvvwonline-promericasgt.com
URL: https://wvvwonline-promericasgt.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 24 Apr 2023 22:39:36 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EED3x1YPjAz6%2Fh56uL76SEXGWNwvY1tywmQoViXCCK1eWdJnrtAPT8skcv8tOxDfJwRjVQ1I0zzEuSFSNrBRUka%2BqOJwtwe4pGutGRt3lfdiCp58SzqwqWJIAQoaQlDK8ljQszv9WLQ2JimSCLDdVFaaxwuiHQj7Hck%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7bd1d7de2dbf1c7c-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Promerica (Banking)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| jNums function| chk_tok_change function| manejador1 function| showModal function| hideModal function| inicializar function| demonio1 function| submit1

2 Cookies

Domain/Path Name / Value
wvvwonline-promericasgt.com/ Name: PHPSESSID
Value: ml6ephvvpgt10ukmqjta28cnm0
.wvvwonline-promericasgt.com/ Name: __cf_bm
Value: ANENncI9nFiMhSsx8ejhVnbF0CxNrleVT_XcHYDMhsg-1682375976-0-AVheYnx9cPmxszp/Fc+KqoZbOohwVOgdh8xoaiwJaayYJ6hbpQ2T93WSBbkNQoBEx8f7fSfUDDHY9wQ/IiEm1+nZpuiKMBjRL9J9ghAsHQli

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN