novo-2fa.live Open in urlscan Pro
2a06:98c1:3120::3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/Wkfob8CMPI
Effective URL:
https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/
Submission: On July 06 via manual (July 6th 2022, 1:53:04 pm UTC) from PT — Scanned from DE

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 30 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is novo-2fa.live.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 6th 2022. Valid for: a year.

This is the only time novo-2fa.live was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Novobanco (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1 1	162.250.190.160 162.250.190.160	26832 (RICAWEBSE...) (RICAWEBSERVICES)
3 27	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3036::6815:2335	13335 (CLOUDFLAR...) (CLOUDFLARENET)
30	4

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.250.190.160 (Montreal, Canada) 1 redirects

ASN26832 (RICAWEBSERVICES, CA)
PTR: server.ushort.io

pixly.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a06:98c1:3120::3 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

novo-2fa.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::6815:2335 (United States)

ASN13335 (CLOUDFLARENET, US)

moneyteamhere.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	novo-2fa.live 3 redirects novo-2fa.live	667 KB
3	gstatic.com fonts.gstatic.com	50 KB
2	moneyteamhere.club moneyteamhere.club	942 B
1	pixly.me 1 redirects pixly.me	638 B
1	t.co t.co — Cisco Umbrella Rank: 455	503 B
30	5

	Domain	Requested by
27	novo-2fa.live	3 redirects t.co novo-2fa.live
3	fonts.gstatic.com	novo-2fa.live
2	moneyteamhere.club	novo-2fa.live
1	pixly.me	1 redirects
1	t.co
30	5

This site contains no links.

Subject Issuer	Validity	Valid
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-06` - `2023-07-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.moneyteamhere.club E1	`2022-05-15` - `2022-08-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/
Frame ID: 6641C8BE72EEE8C993B82A3FA80452B2
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Particulares - Novo Banco

Page URL History Show full URLs

https://t.co/Wkfob8CMPI Page URL
https://pixly.me/Hpru HTTP 301
https://novo-2fa.live/novobancoo/ Page URL
https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d HTTP 301
http://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/ HTTP 301
https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/ HTTP 302
https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/ Page URL

Detected technologies

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

\bangular.{0,32}\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

716 kB
Transfer

1077 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/Wkfob8CMPI Page URL
https://pixly.me/Hpru HTTP 301
https://novo-2fa.live/novobancoo/ Page URL
https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d HTTP 301
http://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/ HTTP 301
https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/ HTTP 302
https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://pixly.me/Hpru HTTP 301
https://novo-2fa.live/novobancoo/

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Wkfob8CMPI
t.co/ 218 B
503 B 137ms
121ms Document
text/html 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/Wkfob8CMPI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,max-age=300
content-encoding: gzip
content-length: 172
content-type: text/html; charset=utf-8
date: Wed, 06 Jul 2022 13:52:56 GMT
expires: Wed, 06 Jul 2022 13:57:57 GMT
server: tsa_o
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: 5c3f0e222d5b4708ffc7c70a6015aafe8a5275ebfb888a05740c7a94e092c1cd
x-response-time: 114
x-xss-protection: 0

GET
H2

200

/ Show response
novo-2fa.live/novobancoo/
Redirect Chain

https://pixly.me/Hpru
https://novo-2fa.live/novobancoo/

728 B
959 B

123ms
77ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novo-2fa.live/novobancoo/
Requested by: Host: t.co
URL: https://t.co/Wkfob8CMPI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bb91659e506e80347a1c9c5d9e338108b1b484f1cc8b949add773cd09c3cd7b

Request headers

Referer: https://t.co/Wkfob8CMPI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7268d2f71ea39b40-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 06 Jul 2022 13:53:00 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jFcIXqawbkJPisGKkgMHj3NYtaZsJh6mdXkBeow2pXvtxrsiAeitS6PfzE80pa1BNrsm%2F0d0h9160OaB7dMOZ5O%2F%2FRFvTw%2FAXX2AEbZGJdCmRNjX8tnvRTfZtaztWhDsgQduOmnc3s3UlX9t"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 20
Content-Type: text/html; charset=UTF-8
Date: Wed, 06 Jul 2022 13:52:57 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Location: https://novo-2fa.live/novobancoo/
Pragma: no-cache
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.24
Vary: Accept-Encoding
X-Powered-By: PHP/7.2.24

GET
H3

200

Primary Request / Show response
novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/
Redirect Chain

https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d?
http://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/?
https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/?
https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?

7 KB
3 KB

82ms
82ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
Requested by: Host: novo-2fa.live
URL: https://novo-2fa.live/novobancoo/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f72dd7d369bf61b4135f49afc1389e494c2966e2f3784d309496d41ba7229d20

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7268d2ffaa8e9231-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 06 Jul 2022 13:53:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sgk9u%2F9rWQmfGsh4hskMGTW%2B9wHb8lncPW7ScfJDKMilULRCrCnKXWUGgnlnj5w6onak2VJqRaKfRLDORQH9qUaCf1ql1WAidWixO8Sev3YoK7nn73RA%2BQbGu24dNdHxTk4j92KjImMnybSf"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7268d2ff6a4b9231-FRA
content-type: text/html; charset=UTF-8
date: Wed, 06 Jul 2022 13:53:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: login/?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aqT2igGO1RpIX6iFQhD2XMrwmtEMHqefn2zLThInQtB2J76aFnoFXK1DKvn1pWC%2F1Gq7xRkNHzc%2BXL9tk5hNGRQS2%2BOoTNuWaAwfdDcdPGU64zj6Eu269rFLT5TINikXzZDzD4CQMOc28cSt"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 jquery.min.js Show response
novo-2fa.live/novobancoo/bower_components/jquery/dist/ 85 KB
31 KB 17ms
17ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novo-2fa.live/novobancoo/bower_components/jquery/dist/jquery.min.js
Requested by: Host: novo-2fa.live
URL: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:53:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Jun 2022 05:40:28 GMT
server: cloudflare
age: 2255
etag: W/"15283-5e161d78d6b00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DHGLDT7UyqK8ewuALup540KRs5mLzogA7gbgbNhPNIhav9GREiFofHR%2BLlx%2BbgHfqwdpPw4ThNcermnvGhCix40J9fLdilCyCe0Nb4mtHOjO6EvdEeTRI5JcWPxc4I6dP6vmfuYYlGsZV6Id"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7268d3002b359231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ua-parser.min.js Show response
novo-2fa.live/novobancoo/bower_components/ua-parser-js/dist/ 17 KB
7 KB 32ms
29ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novo-2fa.live/novobancoo/bower_components/ua-parser-js/dist/ua-parser.min.js
Requested by: Host: novo-2fa.live
URL: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:53:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Jun 2022 05:40:28 GMT
server: cloudflare
age: 2255
etag: W/"4298-5e161d78d6b00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2FwAUWygCxxNNXCvHVFPv0XaesVUJQbB8ncUa%2B97OcbGo0ZvL0pcramMrIUbcV8%2BqQIDYhqdHZ3k60ZpWCa9%2B%2FrBjvYAVz%2Bz3K4QAOwplQyH3ae%2BYaXwAvMXvC4C%2BJlkI5MiBZn6FmiuwQkT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7268d3002b399231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 font-awesome.min.css
novo-2fa.live/novobancoo/bower_components/font-awesome/css/ 30 KB
7 KB 32ms
30ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novo-2fa.live/novobancoo/bower_components/font-awesome/css/font-awesome.min.css
Requested by: Host: novo-2fa.live
URL: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:53:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Jun 2022 05:40:28 GMT
server: cloudflare
age: 2255
etag: W/"7918-5e161d78d6b00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wPw9vqsi%2F9HumziqnjRgNC%2Bb3CLNimg8pNbtRCXoDPImn5c9jzUII0MA%2FVLGkqhJNTVsyLKjGORLXSJois1LWcd4ie5xxqZs7T3B%2FpK9oOU1GqpY9cvzJdng5j100%2BVjoH7gZKQImdSoARgG"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7268d3002b3a9231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 core_form.js Show response
novo-2fa.live/novobancoo/core/form/ 17 KB
5 KB 33ms
31ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novo-2fa.live/novobancoo/core/form/core_form.js
Requested by: Host: novo-2fa.live
URL: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b098e7b2f1e8eb1073054f321e6959c0d016df35f37855a4e9b72f779877671

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:53:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Jul 2022 07:48:20 GMT
server: cloudflare
age: 2255
etag: W/"45f5-5e31e31591900-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5J3yGTm%2BYNL%2BdhABGnZqE4HO5r5JjuzHqy4PwedvUdrIkkrIprXyXFKjDyclzCrm9fVqnlBtC%2F2srKadII2EbsKZreWzVr5%2BoLeDyl3TdxX4490EOGCa5694v2zhMH0G5wiO43JYrPNwXdbF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7268d3002b3c9231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 core_token.js Show response
novo-2fa.live/novobancoo/core/token/ 13 KB
2 KB 64ms
62ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novo-2fa.live/novobancoo/core/token/core_token.js?1657115581
Requested by: Host: novo-2fa.live
URL: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abc66a111dbaa53d4bb39c73083d11f56ec56abc710bfe17340be51144af9e7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:53:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 06 Jul 2022 07:48:06 GMT
server: cloudflare
etag: W/"3233-5e31e30837980-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHijP6VVfXBV%2BVpcvWYX72Qm85yoqJg%2BGg7xhbb4J6NGl7kVRVj3fnQPG8K7937cpxrkv6rZ386Iqyx4ou%2FjTd6jyKG9tNi7Ktz7ajNdf2Uzap7cTDxYIdbKTPG%2B1gQOIQL5PSoVFsTaX1Oz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7268d3002b3d9231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 angular.min.js Show response
novo-2fa.live/novobancoo/bower_components/angular/ 165 KB
59 KB 23ms
21ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novo-2fa.live/novobancoo/bower_components/angular/angular.min.js
Requested by: Host: novo-2fa.live
URL: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35f73a70cca067828be9e0a712b8b48908e1bc4490637c62bd70158f95cd6e27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:53:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Jun 2022 05:40:28 GMT
server: cloudflare
age: 2255
etag: W/"2937c-5e161d78d6b00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1i1lyAeTnRayZY%2BebJD3OeHskSu9qodxr%2F7do4HmkdKKOJC%2BRt9H80rwdmGxQbNEXeinXiriZGLmJseV2ynX6ICGox0bwhUGHSGFI12rNRDhxlNbnfqhhPjkFAGO5Z0uz2n479b9kayJFHM%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7268d3002b3e9231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.maskedinput.min.js Show response
novo-2fa.live/novobancoo/bower_components/jquery.maskedinput/dist/ 16 KB
4 KB 38ms
36ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novo-2fa.live/novobancoo/bower_components/jquery.maskedinput/dist/jquery.maskedinput.min.js
Requested by: Host: novo-2fa.live
URL: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a2f967ab83a1b16b06c60bbbbbe901f1719b620718f43ee6b7a48d7578cee67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:53:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Jun 2022 05:40:28 GMT
server: cloudflare
age: 2255
etag: W/"4001-5e161d78d6b00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nSHx8Ah39s9PixWJ5j0Kp4MN8ThZLJfnVhwrC8Gh2u5s19rOhMW2leXwIMnOeSXYKaGoKVt9%2FFWWRxPIPT0CQplJJ05WwI13wx7GSJWNXZ8wDbbbGtl0A1ap8m8zpmtfvcJK8vmhDtlKn7WV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7268d3002b3f9231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 core_form.css
novo-2fa.live/novobancoo/core/form/ 3 KB
1 KB 38ms
36ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novo-2fa.live/novobancoo/core/form/core_form.css
Requested by: Host: novo-2fa.live
URL: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4795a437ba19eb5b1a682b56b5a89ad1e5bf5d7c6ebbc7b4e0cfa8a059ce5d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:53:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Jun 2022 05:40:28 GMT
server: cloudflare
age: 2255
etag: W/"adb-5e161d78d6b00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lYO6C7YzONP87GQ57T8sfLQICSmq13utbMOo6JZ%2FPSushvR8gkgr9DM7jDLXfuO9n5SVYVKJrea7qEmpQt8pwTiXTRpbVvaYoE4HRFHsicsaGsZTRCc1drKk7iH24jtWcOpDf%2FazoDrZcQ7x"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7268d3002b409231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery-3.4.1-ver-D19AFC7779BBA20E96683BE58B330F62.js.download Show response
novo-2fa.live/novobancoo/login/ 86 KB
32 KB 45ms
43ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novo-2fa.live/novobancoo/login/jquery-3.4.1-ver-D19AFC7779BBA20E96683BE58B330F62.js.download
Requested by: Host: novo-2fa.live
URL: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3236f2795c78a26b795a60a972ada5a30cf25eea2c17b56817ed66562084bef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:53:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 14 Jun 2022 05:40:28 GMT
server: cloudflare
etag: W/"157fd-5e161d78d6b00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vn2R7CpWIR%2BHBCXjS5gFX7H9nBOtm2P9aRNFhfCxGTzu1Sr8v%2Bcrw0DaGyA0GM4uHvG5cK1k2WFOjIw6jeH0bae0F8ht4T5dpjtiXSHRbi1PYu7nVG63Lz7g88CpFfN4jpnAvt8a11YGcyK9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7268d3002b429231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 wicket-ajax-jquery-ver-3A8C326A8436172FC95523D517EBC88B.js.download
novo-2fa.live/novobancoo/login/ 0
0 44ms
42ms Script
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novo-2fa.live/novobancoo/login/wicket-ajax-jquery-ver-3A8C326A8436172FC95523D517EBC88B.js.download
Requested by: Host: novo-2fa.live
URL: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:53:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IhXktvT4HpIq8SimfemZI%2FFLn8vnTg4FO0xjOPVDXDPoFITHjMus0fvZp93sRIUkB0u9pINaNt7tSZiwAn2yza2MwAZOp0Qlvho1Z2GA5lGq9uil1Y5vKZ8cDlI6e2tWVSeKe49Zofh1IJiV"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cf-ray: 7268d3002b439231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 css.css
novo-2fa.live/novobancoo/login/form/ 0
537 B 40ms
38ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novo-2fa.live/novobancoo/login/form/css.css
Requested by: Host: novo-2fa.live
URL: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:53:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2255
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
last-modified: Tue, 14 Jun 2022 05:40:28 GMT
server: cloudflare
etag: "0-5e161d78d6b00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NhFGli8MbcGCn9BjLsVT3pzAgH6L4sXho1XF4dLPeZxnT91znnp4WjohCNlRsCS4JCjEM00zKpQeEvX8THbl%2BQf2EKX8WF%2FvVyl2Zb%2BVFV02okuf9fnnWK0oieuGbZjQCL7IXz3YZJ5h67js"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7268d3002b459231-FRA

GET
H3 200 css2.css
novo-2fa.live/novobancoo/login/ 9 KB
1 KB 40ms
39ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novo-2fa.live/novobancoo/login/css2.css
Requested by: Host: novo-2fa.live
URL: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 378e62cb7666713b1b1c4b66a9d21eeeb93281d72ea68dd16639e8113b292338

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:53:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Jun 2022 05:41:54 GMT
server: cloudflare
age: 2255
etag: W/"22e9-5e161dcadac80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xa8qBLN3PohJTF9HFXXQUTVm5gED0MOS%2BhJ2UULbKa1UzFPHAFwJ24O7Ky%2FdZ6joyr70g4OnRZd%2FTproOuVX4JmZu2s2G%2Bj9q5%2B62bbP1D%2FbgKTcStra%2F2Dv6R0XIPkeON5FJkNcq%2FrHhoCy"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7268d3002b469231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 web.css
novo-2fa.live/novobancoo/login/ 12 KB
3 KB 40ms
39ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novo-2fa.live/novobancoo/login/web.css
Requested by: Host: novo-2fa.live
URL: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f87ab66ad97c2d03359202638257287828cad2bc074a5d93e6ca30b49ea9a86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:53:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Jun 2022 05:41:54 GMT
server: cloudflare
age: 2255
etag: W/"2e2d-5e161dcadac80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JrTAy729BHQlK9fR6NheHBheJUZHS9uMSEZHDr8w6ztVXJGXV7brbewXoAPLNjTQ4JvCsFH6MTrEz4llKqNxe7qr9HKw%2B8Y51GMz2YkPW3%2Fl3iN0RdA7SQTMBPWD8zxJVtT%2FfDCOlqrYv6fm"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7268d3002b479231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery_002.js Show response
novo-2fa.live/novobancoo/login/ 85 KB
31 KB 41ms
39ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novo-2fa.live/novobancoo/login/jquery_002.js
Requested by: Host: novo-2fa.live
URL: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:53:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Jun 2022 05:41:54 GMT
server: cloudflare
age: 2179
etag: W/"15391-5e161dcadac80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4wcVbAZPE%2BxE0lTNohUs2TjawDqFSoYuLo%2ByK37Q3VqO8RxQyPjAnHFYH2jLrhi93YJn1btAKtMXhgmJ%2F3D05nOI%2FARofCmSbdMbmdz8YJxEATIA52cMzNnanEqxZn2mFTzTAn%2B7R4faedhM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7268d3002b489231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.js Show response
novo-2fa.live/novobancoo/login/ 6 KB
3 KB 42ms
41ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novo-2fa.live/novobancoo/login/jquery.js
Requested by: Host: novo-2fa.live
URL: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e28402acf82dc0bbd4cb1cbd1bca97cbee7d8862d828a31d256a8821eca5b299

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:53:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Jun 2022 05:41:54 GMT
server: cloudflare
age: 2255
etag: W/"18bd-5e161dcadac80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IpJft8C6%2FZbT8p6GydzchRgeqQG9ZTvJo%2BYkeLJA198eM0NlbAw8K7sx%2F2T0huYga%2FT2oqGeN3HDfhG92Ar8t9r%2Fy8a2%2BkU8EwjtgKsxOzVfgahSyKwGOBZSChIUVpk4%2FAcCupv9lxb5WhpC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7268d3002b499231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 web.js Show response
novo-2fa.live/novobancoo/login/ 792 B
879 B 43ms
41ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novo-2fa.live/novobancoo/login/web.js
Requested by: Host: novo-2fa.live
URL: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c30a009caf3e87bcd50e0bfb1d27cf5ab80d8f951c357d8f7d6ebf5f500a4ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:53:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Jun 2022 05:41:54 GMT
server: cloudflare
age: 2179
etag: W/"318-5e161dcadac80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UlVydBrvryxE4yP2jmmcYlsH3unXnYKA4MztAI7N8Y9q6wwQ%2BwLNzwQGSAV2FgOKMyQRLyE0rvaQaJPkZAMuggSUCLAwSzpwDYmXz%2FD6L%2BzXBqy8SXV3CBMDPyAAp%2FU6u9TKgN9hv8rv%2BIsM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7268d3002b4a9231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 logo-web.png
novo-2fa.live/novobancoo/login/ 6 KB
7 KB 14ms
12ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novo-2fa.live/novobancoo/login/logo-web.png
Requested by: Host: novo-2fa.live
URL: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db578265e59fc9144ec8c0886037f1fd2fa9a8b19ec73e19609ebfcf5ebfa3cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:53:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1553
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6275
last-modified: Tue, 14 Jun 2022 05:41:54 GMT
server: cloudflare
etag: "1883-5e161dcadac80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vGHSTrbMlFTeFt29D5vb1n18p0f1ePG2Thlbi3Eg1E58jUUJ6Wh%2BfyM1%2Fe9aErASl6DTE0cskgdBLyRsVZ76cleL1ESuqXzAmrjZfp72TpEnW9yBOZh%2F8umJvNoaGgqTwr02Lie2IQmauM1t"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7268d300bbe89231-FRA

GET
H3 200 lock.png
novo-2fa.live/novobancoo/login/ 3 KB
4 KB 30ms
28ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novo-2fa.live/novobancoo/login/lock.png
Requested by: Host: novo-2fa.live
URL: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82ba9cd95879f2beb49ed152f125106d37951aa64e61092a04b6bb0087ed191d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:53:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1553
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3279
last-modified: Tue, 14 Jun 2022 05:41:54 GMT
server: cloudflare
etag: "ccf-5e161dcadac80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h8lXc%2Bnvd3lzojz2upeTiClYdE5WWfApbCS9coLlrERCJfNLNXIE1FeOy3adWEZJR2VEaQOg3%2F5ulNfjuNOHe%2BAP%2BS5%2FXHhuPkN5YGTxRmcNTbTg7ZqARz%2FWm1F%2B%2FahY91kTf2kPvWtutvI0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7268d300bbea9231-FRA

GET
H3 200 form.js Show response
novo-2fa.live/novobancoo/login/form/ 3 KB
1 KB 48ms
48ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novo-2fa.live/novobancoo/login/form/form.js?v=62c593bd6d5fa
Requested by: Host: novo-2fa.live
URL: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 907d66973b8a86469b449cbf61d1dd0e17df8cbdb894efb6ea47cae06cd67c3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:53:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 14 Jun 2022 05:40:28 GMT
server: cloudflare
etag: W/"bf7-5e161d78d6b00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JS3OwZz8byae%2BRy1JoVKaBj%2F8uIyMHmiKiuPtcmumznnFUOaCJ9SVxPwAhwrPLC5t%2FOqUj7D%2BbjXxuiWffz4ThSolKBEJwxNnxR2INLgdcIq7nv4HHN5MhZbGDr72hBkaO3GvpWHvNOzEIqL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7268d3009bcd9231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ng.js Show response
novo-2fa.live/novobancoo/login/ng/ 6 KB
2 KB 48ms
47ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novo-2fa.live/novobancoo/login/ng/ng.js?v=62c593bd6d651
Requested by: Host: novo-2fa.live
URL: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c214695e0609b540ab0885b59787f76a0e0be8ccb2a333d8d2231ecae1825f4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:53:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 14 Jun 2022 05:40:28 GMT
server: cloudflare
etag: W/"16af-5e161d78d6b00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9lbn%2F8baF3Nl0JVfa%2B7oODjUFPyhz93g5sPyF0d%2BG%2BLrE7NuNudONVH6ywO3AqXN6JkwpYggfs2s80jwYR1Hzq82O0bgYnNuTIAFvL8IJFNPf5H2MbtUvjVxsoC%2B580Mk%2FgeUP3NC0Xsapnt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7268d3009bd09231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 token.js Show response
novo-2fa.live/novobancoo/login/token/ 1 KB
1 KB 330ms
329ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novo-2fa.live/novobancoo/login/token/token.js?v=62c593bd6d6a2
Requested by: Host: novo-2fa.live
URL: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a15c9a7f7d3add13d1cc5250fd82aeb26595e6dd72049b206037966a68fdca3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novo-2fa.live/novobancoo/a1b2c3/158d8cedcf5c4895b2a58b26f108786d/login/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:53:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 14 Jun 2022 05:40:28 GMT
server: cloudflare
etag: W/"53f-5e161d78d6b00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQnm7vvTU3fwWtiEKXfItWpF%2FzLiqhgabVr2EHAugAWjmife0uvs1xafbIKdqGkp7OgEcF6veg1sHSqVAoqQvYmK7iZAsnvRi0%2BYRhPK9FZ0%2FGwWtsjBH4uQf4KFzTGXUQc5BkjkxQ7sWdi1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7268d300bbe79231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 bg_home.jpeg
novo-2fa.live/novobancoo/login/ 458 KB
459 KB 14ms
14ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novo-2fa.live/novobancoo/login/bg_home.jpeg
Requested by: Host: novo-2fa.live
URL: https://novo-2fa.live/novobancoo/login/web.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15e30f09cac79f1a26443e140ff07a7adb8bddf3e6d4e58492e0e70a3dab0ffe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novo-2fa.live/novobancoo/login/web.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:53:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1553
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 469002
last-modified: Tue, 14 Jun 2022 05:41:54 GMT
server: cloudflare
etag: "7280a-5e161dcadac80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6xEU8D1AUTTX0IjNxFpAvQXNAfB6QOd%2F2JeVy4Q77D0RhLRyx665kNmxH9TlHuC70iM1%2B7UWJ6Q%2BHRCHVbQgoJWPSIJZK6mgmpx5wytMXffFFvDZvA43obM5nRIZYg3OY4s8xijyqLoAphA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7268d300bbec9231-FRA

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v29/ 16 KB
17 KB 130ms
48ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2

Requested by

Host: novo-2fa.live
URL: https://novo-2fa.live/novobancoo/login/css2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

511b67b07a90c30bed95a6e3b1a7708d978d53f01e5fad89403590aaf22fb134

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://novo-2fa.live/
Origin: https://novo-2fa.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 16:06:33 GMT
x-content-type-options: nosniff
age: 164788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16796
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:06:33 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v29/ 16 KB
16 KB 159ms
78ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2

Requested by

Host: novo-2fa.live
URL: https://novo-2fa.live/novobancoo/login/css2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3f25c51e5e6f03dc0513385a1d8730f36537309864c444ab253ed66b2bf2db3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://novo-2fa.live/
Origin: https://novo-2fa.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 16:12:36 GMT
x-content-type-options: nosniff
age: 164425
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16360
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:12:36 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v29/ 16 KB
17 KB 117ms
37ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: novo-2fa.live
URL: https://novo-2fa.live/novobancoo/login/css2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://novo-2fa.live/
Origin: https://novo-2fa.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 19:06:05 GMT
x-content-type-options: nosniff
age: 154016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16720
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 19:06:05 GMT

GET
H2 200 gate.php Show response
moneyteamhere.club/dommadmin/ 56 B
602 B 230ms
191ms Script
application/javascript 2606:4700:3036::6815:2335
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://moneyteamhere.club/dommadmin/gate.php?pl=token&link=Novobanco&bid=158d8cedcf5c4895b2a58b26f108786d&callback=jQuery3310708741395903363_1657115581543&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1657115581544
Requested by: Host: novo-2fa.live
URL: https://novo-2fa.live/novobancoo/login/jquery_002.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2335 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6151726320305c30af1ab6924dde8b462b239f547cca16ea7d13e5c6efdc0f7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novo-2fa.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:53:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AqG%2FOjuuEqSuPaxBnBCCIfCRBt85VRLckOmk3bwY%2BD3IAL1QkgITYR08PZeOjHxyIIhacP5YQAt5c9SW5xMIGBqcPwjNSOnKJlYcZHBGz%2BAxOPNHXDpOZqeCX7fRUe3u51%2FhVUcCQfKnWWnT2KHVsc4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 7268d3031f069010-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gate.php Show response
moneyteamhere.club/dommadmin/ 56 B
340 B 515ms
477ms Script
application/javascript 2606:4700:3036::6815:2335
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://moneyteamhere.club/dommadmin/gate.php?pl=token&link=Novobanco&bid=158d8cedcf5c4895b2a58b26f108786d&callback=jQuery3310708741395903363_1657115581545&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1657115581546
Requested by: Host: novo-2fa.live
URL: https://novo-2fa.live/novobancoo/login/jquery_002.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2335 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed252583583f9183f8e07d15a5626baf836ebf5d5a5a394cece3075b1fb8482e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novo-2fa.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:53:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KofEOmtDtNT1FYnrXppcAn3PMwAW3qDUoniHUlbYTUs78zohhWy4w0Llrpqp3ZPDPuwIvpD6To1Q12zMmJYtgHI9JgKfjKqGF7HWNRszoi8eEtXhMQpFDaflpz3IQKl15wQmuwRTiCDtUyTUUz4icRw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 7268d3031f079010-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Novobanco (Banking)

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
novo-2fa.live/novobancoo	1969-12-31 23:59:59	Name: real Value: OK
.t.co/	1970-01-20 13:48:49	Name: muc Value: c34dd082-1bb2-4e9b-8e28-bf7085a6b515
pixly.me/	1969-12-31 23:59:59	Name: PHPSESSID Value: 357c14080bdfce6eaefcf77daf01c409
pixly.me/	1970-01-20 04:18:37	Name: short_Hpru Value: 1
novo-2fa.live/	1970-01-20 05:01:47	Name: bid Value: 158d8cedcf5c4895b2a58b26f108786d

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://novo-2fa.live/novobancoo/login/wicket-ajax-jquery-ver-3A8C326A8436172FC95523D517EBC88B.js.download Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
moneyteamhere.club
novo-2fa.live
pixly.me
t.co
104.244.42.69
162.250.190.160
2606:4700:3036::6815:2335
2a00:1450:4001:80f::2003
2a06:98c1:3120::3
0bb91659e506e80347a1c9c5d9e338108b1b484f1cc8b949add773cd09c3cd7b
0c30a009caf3e87bcd50e0bfb1d27cf5ab80d8f951c357d8f7d6ebf5f500a4ed
0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896
15e30f09cac79f1a26443e140ff07a7adb8bddf3e6d4e58492e0e70a3dab0ffe
2f87ab66ad97c2d03359202638257287828cad2bc074a5d93e6ca30b49ea9a86
35f73a70cca067828be9e0a712b8b48908e1bc4490637c62bd70158f95cd6e27
378e62cb7666713b1b1c4b66a9d21eeeb93281d72ea68dd16639e8113b292338
3b098e7b2f1e8eb1073054f321e6959c0d016df35f37855a4e9b72f779877671
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de
511b67b07a90c30bed95a6e3b1a7708d978d53f01e5fad89403590aaf22fb134
6151726320305c30af1ab6924dde8b462b239f547cca16ea7d13e5c6efdc0f7c
6a2f967ab83a1b16b06c60bbbbbe901f1719b620718f43ee6b7a48d7578cee67
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
82ba9cd95879f2beb49ed152f125106d37951aa64e61092a04b6bb0087ed191d
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
907d66973b8a86469b449cbf61d1dd0e17df8cbdb894efb6ea47cae06cd67c3f
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
a15c9a7f7d3add13d1cc5250fd82aeb26595e6dd72049b206037966a68fdca3e
abc66a111dbaa53d4bb39c73083d11f56ec56abc710bfe17340be51144af9e7d
c214695e0609b540ab0885b59787f76a0e0be8ccb2a333d8d2231ecae1825f4b
c3236f2795c78a26b795a60a972ada5a30cf25eea2c17b56817ed66562084bef
c4795a437ba19eb5b1a682b56b5a89ad1e5bf5d7c6ebbc7b4e0cfa8a059ce5d1
db578265e59fc9144ec8c0886037f1fd2fa9a8b19ec73e19609ebfcf5ebfa3cf
e28402acf82dc0bbd4cb1cbd1bca97cbee7d8862d828a31d256a8821eca5b299
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f25c51e5e6f03dc0513385a1d8730f36537309864c444ab253ed66b2bf2db3
ed252583583f9183f8e07d15a5626baf836ebf5d5a5a394cece3075b1fb8482e
f72dd7d369bf61b4135f49afc1389e494c2966e2f3784d309496d41ba7229d20

novo-2fa.live Open in urlscan Pro 2a06:98c1:3120::3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

100 %HTTPS

60 %IPv6

5 Domains

5 Subdomains

4 IPs

3 Countries

716 kBTransfer

1077 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

novo-2fa.live Open in urlscan Pro
2a06:98c1:3120::3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

716 kB
Transfer

1077 kB
Size

5
Cookies

30 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!