Submitted URL: https://secure.nbinformation.com/
Effective URL: https://secure.nbinformation.com/login.php
Submission: On October 14 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main IP is 12.151.32.221, located in San Francisco, United States and belongs to ATT-INTERNET4, US. The main domain is secure.nbinformation.com.
TLS certificate: Issued by GeoTrust EV RSA CA G2 on September 26th 2023. Valid for: a year.
This is the only time secure.nbinformation.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 9 12.151.32.221 7018 (ATT-INTER...)
1 2a00:1450:400... 15169 (GOOGLE)
10 3
Apex Domain
Subdomains
Transfer
9 nbinformation.com
secure.nbinformation.com
99 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 412
31 KB
0 geotrust.com Failed
seal.geotrust.com Failed
10 3
Domain Requested by
9 secure.nbinformation.com 1 redirects secure.nbinformation.com
1 ajax.googleapis.com secure.nbinformation.com
0 seal.geotrust.com Failed secure.nbinformation.com
10 3

This site contains links to these domains. Also see Links.

Domain
www.nbinformation.com
www.yubico.com
www.geotrust.com
Subject Issuer Validity Valid
secure.nbinformation.com
GeoTrust EV RSA CA G2
2023-09-26 -
2024-10-26
a year crt.sh
upload.video.google.com
WR2
2024-09-24 -
2024-12-17
3 months crt.sh

This page contains 1 frames:

Primary Page: https://secure.nbinformation.com/login.php
Frame ID: F16EA82691A25919ED99B311D8740018
Requests: 10 HTTP requests in this frame

Screenshot

Page Title

MFR - Login

Page URL History Show full URLs

  1. https://secure.nbinformation.com/ HTTP 302
    https://secure.nbinformation.com/login.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

90 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

129 kB
Transfer

182 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://secure.nbinformation.com/ HTTP 302
    https://secure.nbinformation.com/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login.php
secure.nbinformation.com/
Redirect Chain
  • https://secure.nbinformation.com/
  • https://secure.nbinformation.com/login.php
7 KB
8 KB
Document
General
Full URL
https://secure.nbinformation.com/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
12.151.32.221 San Francisco, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
Apache /
Resource Hash
3f951489a0b7ace47fe34e10346b26e624ee50596a95e5491293196bde0713af
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Length
7598
Content-Type
text/html; charset=UTF-8
Date
Mon, 14 Oct 2024 17:44:15 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=99
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubdomains;
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Mon, 14 Oct 2024 17:44:15 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubdomains;
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
location
/login.php
style.min.css
secure.nbinformation.com/includes/
20 KB
20 KB
Stylesheet
General
Full URL
https://secure.nbinformation.com/includes/style.min.css
Requested by
Host: secure.nbinformation.com
URL: https://secure.nbinformation.com/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
12.151.32.221 San Francisco, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
Apache /
Resource Hash
e740f3b0f0c9337c3bdefe18282365daea6a0a2fd63481d41330927aab627bbc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.nbinformation.com/login.php

Response headers

Strict-Transport-Security
max-age=63072000; includeSubdomains;
ETag
"4f56-5cb08f3b54e7a"
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
20310
Keep-Alive
timeout=5, max=98
Date
Mon, 14 Oct 2024 17:44:15 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 02 Sep 2021 20:23:12 GMT
Content-Type
text/css
Server
Apache
X-Frame-Options
SAMEORIGIN
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/
87 KB
31 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: secure.nbinformation.com
URL: https://secure.nbinformation.com/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.nbinformation.com/

Response headers

content-encoding
gzip
age
73871
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Mon, 13 Oct 2025 21:13:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 13 Oct 2024 21:13:04 GMT
last-modified
Fri, 08 May 2020 07:05:03 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
31021
x-xss-protection
0
server
sffe
pwCheck.min.js
secure.nbinformation.com/includes/
3 KB
3 KB
Script
General
Full URL
https://secure.nbinformation.com/includes/pwCheck.min.js
Requested by
Host: secure.nbinformation.com
URL: https://secure.nbinformation.com/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
12.151.32.221 San Francisco, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
Apache /
Resource Hash
7c0203eb070486f3d0fa275111c62c3068839c1271d702b9fcd7572da8e7069a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.nbinformation.com/login.php

Response headers

Strict-Transport-Security
max-age=63072000; includeSubdomains;
ETag
"b0c-5aa56974b5c38"
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
2828
Keep-Alive
timeout=5, max=97
Date
Mon, 14 Oct 2024 17:44:16 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 13 Jul 2020 18:09:25 GMT
Content-Type
application/javascript
Server
Apache
X-Frame-Options
SAMEORIGIN
header1.nbi.png
secure.nbinformation.com/images/
38 KB
39 KB
Image
General
Full URL
https://secure.nbinformation.com/images/header1.nbi.png
Requested by
Host: secure.nbinformation.com
URL: https://secure.nbinformation.com/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
12.151.32.221 San Francisco, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
Apache /
Resource Hash
63e72b489931f4116f488843afb9036591cf8c2a185c48da996793cee63f5a3e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.nbinformation.com/login.php

Response headers

Strict-Transport-Security
max-age=63072000; includeSubdomains;
ETag
"98de-5759c9a24bc40"
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
39134
Keep-Alive
timeout=5, max=100
Date
Mon, 14 Oct 2024 17:44:16 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 11 Sep 2018 18:25:45 GMT
Content-Type
image/png
Server
Apache
X-Frame-Options
SAMEORIGIN
header2.png
secure.nbinformation.com/images/
9 KB
10 KB
Image
General
Full URL
https://secure.nbinformation.com/images/header2.png
Requested by
Host: secure.nbinformation.com
URL: https://secure.nbinformation.com/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
12.151.32.221 San Francisco, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
Apache /
Resource Hash
a6d648c125fb2dcda0106ca809f808652850f8cb3a07cb0fc69e8adacc0e9308
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.nbinformation.com/login.php

Response headers

Strict-Transport-Security
max-age=63072000; includeSubdomains;
ETag
"25c2-4c498c8a25ec0"
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
9666
Keep-Alive
timeout=5, max=100
Date
Mon, 14 Oct 2024 17:44:16 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 12 Jul 2012 02:33:07 GMT
Content-Type
image/png
Server
Apache
X-Frame-Options
SAMEORIGIN
yubikeySm.jpg
secure.nbinformation.com/images/
11 KB
11 KB
Image
General
Full URL
https://secure.nbinformation.com/images/yubikeySm.jpg
Requested by
Host: secure.nbinformation.com
URL: https://secure.nbinformation.com/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
12.151.32.221 San Francisco, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
Apache /
Resource Hash
d1bbdb7cbf2222e15f236ee1f548fbb83d5bdcdcf68fb35f54566c845204c791
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.nbinformation.com/login.php

Response headers

Strict-Transport-Security
max-age=63072000; includeSubdomains;
ETag
"2c29-4c498c8a25ec0"
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
11305
Keep-Alive
timeout=5, max=96
Date
Mon, 14 Oct 2024 17:44:16 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 12 Jul 2012 02:33:07 GMT
Content-Type
image/jpeg
Server
Apache
X-Frame-Options
SAMEORIGIN
getgeotrustsslseal
seal.geotrust.com/
0
0

background_3col.png
secure.nbinformation.com/images/
296 B
725 B
Image
General
Full URL
https://secure.nbinformation.com/images/background_3col.png
Requested by
Host: secure.nbinformation.com
URL: https://secure.nbinformation.com/includes/style.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
12.151.32.221 San Francisco, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
Apache /
Resource Hash
68c70d89f99bf44af4f9d499d0acc1f072476a7eb2b6f99f89d74390822e6496
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.nbinformation.com/includes/style.min.css

Response headers

Strict-Transport-Security
max-age=63072000; includeSubdomains;
ETag
"128-4c498c8a25ec0"
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
296
Keep-Alive
timeout=5, max=100
Date
Mon, 14 Oct 2024 17:44:16 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 12 Jul 2012 02:33:07 GMT
Content-Type
image/png
Server
Apache
X-Frame-Options
SAMEORIGIN
favicon.ico
secure.nbinformation.com/
6 KB
6 KB
Other
General
Full URL
https://secure.nbinformation.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
12.151.32.221 San Francisco, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
Apache /
Resource Hash
826031421b5e798f2b0a6ce6b8674637dbcacaead84700c9f10ca5cea6991d20
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.nbinformation.com/login.php

Response headers

Strict-Transport-Security
max-age=63072000; includeSubdomains;
ETag
"1636-4c3a7a28dcf40"
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
5686
Keep-Alive
timeout=5, max=99
Date
Mon, 14 Oct 2024 17:44:16 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Sat, 30 Jun 2012 02:51:01 GMT
Content-Type
image/x-icon
Server
Apache
X-Frame-Options
SAMEORIGIN

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
seal.geotrust.com
URL
https://seal.geotrust.com/getgeotrustsslseal?host_name=%3C?php%20echo(Config::HOSTNAME)%20?%3E&size=M&lang=en

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| focusIt function| pwOldCheck function| pwReCheck function| pwCheck function| usernameCheck function| toggle function| setLogin

1 Cookies

Domain/Path Name / Value
.secure.nbinformation.com/ Name: MFR
Value: ucp9rgphsogpa875nrqbt8hs2f

3 Console Messages

Source Level URL
Text
network error URL: https://seal.geotrust.com/getgeotrustsslseal?host_name=%3C?php%20echo(Config::HOSTNAME)%20?%3E&size=M&lang=en
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
recommendation warning URL: https://secure.nbinformation.com/login.php
Message:
[DOM] Found 2 elements with non-unique id #password: (More info: https://goo.gl/9p2vKq) %o %o
recommendation warning URL: https://secure.nbinformation.com/login.php
Message:
[DOM] Found 2 elements with non-unique id #submit: (More info: https://goo.gl/9p2vKq) %o %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block