nbgservice-help.com Open in urlscan Pro
34.118.0.86 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://nbgservice-help.com/
Effective URL:
https://nbgservice-help.com/Login.php
Submission: On May 22 via api (May 22nd 2022, 12:06:37 pm UTC) from JP — Scanned from JP

Summary HTTP 20 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 20 HTTP transactions. The main IP is 34.118.0.86, located in Warsaw, Poland and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is nbgservice-help.com.
TLS certificate: Issued by R3 on May 18th 2022. Valid for: 3 months.

This is the only time nbgservice-help.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: NatWest (Banking)

Domain & IP information

	IP Address		AS Autonomous System
1 21	34.118.0.86 34.118.0.86		396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
20	1

21 34.118.0.86 (Warsaw, Poland) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 86.0.118.34.bc.googleusercontent.com

nbgservice-help.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	nbgservice-help.com 1 redirects nbgservice-help.com	960 KB
20	1

	Domain	Requested by
21	nbgservice-help.com	1 redirects nbgservice-help.com
20	1

This site contains links to these domains. Also see Links.

Domain
www.nwolb.com
www.natwest.com
personal.natwest.com
onetrust.com

Subject Issuer	Validity	Valid
nbgservice-help.com R3	`2022-05-18` - `2022-08-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://nbgservice-help.com/Login.php
Frame ID: 7763D25A83F06CF7AFC49F6273F218C3
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log in to Online Banking Back ButtonSearch IconFilter IconArrow

Page URL History Show full URLs

https://nbgservice-help.com/ HTTP 302
https://nbgservice-help.com/Login.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

960 kB
Transfer

955 kB
Size

1
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://www.nwolb.com/login.aspx
Title: Return to start of screen / Access key details

Search URL Search Domain Scan URL

URL: https://www.nwolb.com/login.aspx#menu
Title: Skip to Menu

Search URL Search Domain Scan URL

URL: https://www.nwolb.com/login.aspx#content
Title: Skip to main content

Search URL Search Domain Scan URL

URL: https://www.natwest.com/premier
Title: Premier

Search URL Search Domain Scan URL

URL: https://www.natwest.com/business.ashx
Title: Business

Search URL Search Domain Scan URL

URL: https://www.natwest.com/corporate
Title: Corporate

Search URL Search Domain Scan URL

URL: https://www.natwest.com/international.ashx
Title: International

Search URL Search Domain Scan URL

URL: https://www.natwest.com/

Search URL Search Domain Scan URL

URL: https://www.natwest.com/AOhome
Title: Products

Search URL Search Domain Scan URL

URL: https://www.natwest.com/AOsupport
Title: Support

Search URL Search Domain Scan URL

URL: https://www.natwest.com/AOlifemoments
Title: Life Moments

Search URL Search Domain Scan URL

URL: https://www.natwest.com/onlineguide
Title: Show me how to…

Search URL Search Domain Scan URL

URL: https://www.nwolb.com/Login.aspx
Title: Log in

Search URL Search Domain Scan URL

URL: https://personal.natwest.com/personal/fraud-and-security/fraud-guide/telephone-fraud.html

Search URL Search Domain Scan URL

URL: https://www.natwest.com/FSCSbrochure

Search URL Search Domain Scan URL

URL: https://www.nwolb.com/help.aspx?id=CN1
Title: Forgotten your customer number?

Search URL Search Domain Scan URL

URL: https://www.nwolb.com/Default.aspx?InnerPage=OLE
Title: Sign up here

Search URL Search Domain Scan URL

URL: https://www.nwolb.com/TermsAndConditions.aspx
Title: Legal Info

Search URL Search Domain Scan URL

URL: https://www.natwest.com/tools/general/nwolb_legals/security.htm
Title: Security

Search URL Search Domain Scan URL

URL: https://www.nwolb.com/cookiesPolicy.aspx
Title: Privacy & Cookies

Search URL Search Domain Scan URL

URL: https://www.natwest.com/tools/general/nwolb_legals/accessibility.htm
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

URL: https://www.nwolb.com/login.aspx?refererIdent=C0D374D305343333CF060729101BCF4318355E81&CookieCheck=2022-08-19T15:28:42
Title: View Privacy Notice

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://nbgservice-help.com/ HTTP 302
https://nbgservice-help.com/Login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Login.php Show response nbgservice-help.com/ Redirect Chain https://nbgservice-help.com/ https://nbgservice-help.com/Login.php	268 KB 269 KB	277ms 277ms	Document text/html	34.118.0.86 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://nbgservice-help.com/Login.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.118.0.86 Warsaw, Poland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 86.0.118.34.bc.googleusercontent.com Software Apache / Resource Hash `91e97bc3ae7e0ba5b63a0dbe92803d4b75ba5a01b69a60277936a5b6a5aaf575` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Sun, 22 May 2022 12:06:30 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=99 Pragma no-cache Server Apache Transfer-Encoding chunked Redirect headers Connection Keep-Alive Content-Length 0 Content-Type text/html; charset=UTF-8 Date Sun, 22 May 2022 12:06:29 GMT Keep-Alive timeout=5, max=100 Server Apache location Login.php
GET H/1.1	200 OK	master.css nbgservice-help.com/nu_filez/css/	238 KB 238 KB	269ms 268ms	Stylesheet text/css	34.118.0.86 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://nbgservice-help.com/nu_filez/css/master.css Requested by Host: nbgservice-help.com URL: https://nbgservice-help.com/Login.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.118.0.86 Warsaw, Poland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 86.0.118.34.bc.googleusercontent.com Software Apache / Resource Hash `b219825ac314d72c5e00b184dc8a4216a2fded34a5259ec133d3bc6fd8a11260` Request headers accept-language jp-JP,jp;q=0.9 Referer https://nbgservice-help.com/Login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Sun, 22 May 2022 12:06:30 GMT Last-Modified Wed, 19 Aug 2020 17:50:10 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 243837
GET H/1.1	200 OK	master_mobile.css nbgservice-help.com/nu_filez/css/	59 KB 59 KB	805ms 269ms	Stylesheet text/css	34.118.0.86 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://nbgservice-help.com/nu_filez/css/master_mobile.css Requested by Host: nbgservice-help.com URL: https://nbgservice-help.com/Login.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.118.0.86 Warsaw, Poland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 86.0.118.34.bc.googleusercontent.com Software Apache / Resource Hash `baa20494a5b43107d7e50b18d5644163dfef7524ae3d6c513c567418edf613dd` Request headers accept-language jp-JP,jp;q=0.9 Referer https://nbgservice-help.com/Login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Sun, 22 May 2022 12:06:30 GMT Last-Modified Mon, 31 Jan 2022 19:28:54 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 60540
GET H/1.1	200 OK	npc.css nbgservice-help.com/nu_filez/css/	50 KB 50 KB	810ms 270ms	Stylesheet text/css	34.118.0.86 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://nbgservice-help.com/nu_filez/css/npc.css Requested by Host: nbgservice-help.com URL: https://nbgservice-help.com/Login.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.118.0.86 Warsaw, Poland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 86.0.118.34.bc.googleusercontent.com Software Apache / Resource Hash `e6d03fb291fdf6036e3e04726f771d360b19353c35f10549b263e50e1f07a420` Request headers accept-language jp-JP,jp;q=0.9 Referer https://nbgservice-help.com/Login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Sun, 22 May 2022 12:06:30 GMT Last-Modified Wed, 19 Aug 2020 17:50:04 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 50960
GET H/1.1	200 OK	overlayPromptMaster.css nbgservice-help.com/nu_filez/css/	1 KB 2 KB	819ms 270ms	Stylesheet text/css	34.118.0.86 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://nbgservice-help.com/nu_filez/css/overlayPromptMaster.css Requested by Host: nbgservice-help.com URL: https://nbgservice-help.com/Login.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.118.0.86 Warsaw, Poland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 86.0.118.34.bc.googleusercontent.com Software Apache / Resource Hash `42e70c32efffee33a1d8bddf152d6b754fa8abb83c6166444b8d41b217d9dae6` Request headers accept-language jp-JP,jp;q=0.9 Referer https://nbgservice-help.com/Login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Sun, 22 May 2022 12:06:30 GMT Last-Modified Wed, 19 Aug 2020 12:29:34 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1378
GET H/1.1	200 OK	overlayPrompt.css nbgservice-help.com/nu_filez/css/	76 B 316 B	832ms 274ms	Stylesheet text/css	34.118.0.86 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://nbgservice-help.com/nu_filez/css/overlayPrompt.css Requested by Host: nbgservice-help.com URL: https://nbgservice-help.com/Login.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.118.0.86 Warsaw, Poland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 86.0.118.34.bc.googleusercontent.com Software Apache / Resource Hash `ef7db794b4a6b5c42d2535919d91fb11da1e5cd1147f35196db382197b35fdee` Request headers accept-language jp-JP,jp;q=0.9 Referer https://nbgservice-help.com/Login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Sun, 22 May 2022 12:06:30 GMT Last-Modified Wed, 19 Aug 2020 12:29:34 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 76
GET H/1.1	200 OK	jquery.js Show response nbgservice-help.com/nu_filez/js/	266 KB 266 KB	362ms 271ms	Script application/javascript	34.118.0.86 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://nbgservice-help.com/nu_filez/js/jquery.js Requested by Host: nbgservice-help.com URL: https://nbgservice-help.com/Login.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.118.0.86 Warsaw, Poland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 86.0.118.34.bc.googleusercontent.com Software Apache / Resource Hash `84086bb634fc6fd223918894c6b74641811e06e84007937c5809942b7a02ddff` Request headers accept-language jp-JP,jp;q=0.9 Referer https://nbgservice-help.com/Login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Sun, 22 May 2022 12:06:31 GMT Last-Modified Sat, 24 Aug 2019 04:25:18 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 272153
GET H/1.1	200 OK	n-w-logo.svg nbgservice-help.com/nu_filez/img/	5 KB 5 KB	272ms 272ms	Image image/svg+xml	34.118.0.86 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://nbgservice-help.com/nu_filez/img/n-w-logo.svg Requested by Host: nbgservice-help.com URL: https://nbgservice-help.com/Login.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.118.0.86 Warsaw, Poland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 86.0.118.34.bc.googleusercontent.com Software Apache / Resource Hash `668faa210a0e0cabb9aa13a1a6ad4e3b22b0f9cad90c43694ba37a8a4714b0e6` Request headers accept-language jp-JP,jp;q=0.9 Referer https://nbgservice-help.com/Login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Sun, 22 May 2022 12:06:31 GMT Last-Modified Wed, 19 Aug 2020 12:41:22 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 4874
GET H/1.1	200 OK	nw-security-banner-vishing-194x443.gif nbgservice-help.com/nu_filez/img/	14 KB 14 KB	272ms 272ms	Image image/gif	34.118.0.86 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://nbgservice-help.com/nu_filez/img/nw-security-banner-vishing-194x443.gif Requested by Host: nbgservice-help.com URL: https://nbgservice-help.com/Login.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.118.0.86 Warsaw, Poland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 86.0.118.34.bc.googleusercontent.com Software Apache / Resource Hash `1aea65aeda4e39957158bacd84556ed7a77ab468265e2a163265b346b7f60965` Request headers accept-language jp-JP,jp;q=0.9 Referer https://nbgservice-help.com/Login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Sun, 22 May 2022 12:06:31 GMT Last-Modified Wed, 19 Aug 2020 12:29:40 GMT Server Apache Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 14375
GET H/1.1	200 OK	FSCS_Protected_Logo.png nbgservice-help.com/nu_filez/img/	6 KB 6 KB	271ms 270ms	Image image/png	34.118.0.86 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://nbgservice-help.com/nu_filez/img/FSCS_Protected_Logo.png Requested by Host: nbgservice-help.com URL: https://nbgservice-help.com/Login.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.118.0.86 Warsaw, Poland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 86.0.118.34.bc.googleusercontent.com Software Apache / Resource Hash `f2b557317fb851b3ed73c2d8203192e9ed433bd006ca5025ccb3317ef15e1b8d` Request headers accept-language jp-JP,jp;q=0.9 Referer https://nbgservice-help.com/Login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Sun, 22 May 2022 12:06:32 GMT Last-Modified Wed, 19 Aug 2020 12:29:40 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 5679
GET H/1.1	200 OK	error-marker.png nbgservice-help.com/nu_filez/img/	1 KB 1 KB	271ms 271ms	Image image/png	34.118.0.86 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://nbgservice-help.com/nu_filez/img/error-marker.png Requested by Host: nbgservice-help.com URL: https://nbgservice-help.com/Login.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.118.0.86 Warsaw, Poland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 86.0.118.34.bc.googleusercontent.com Software Apache / Resource Hash `27f324f2ad60091d5e8f76adfef83f9122dc8aa8df29d0a8d970bfe06aaa5005` Request headers accept-language jp-JP,jp;q=0.9 Referer https://nbgservice-help.com/Login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Sun, 22 May 2022 12:06:32 GMT Last-Modified Wed, 19 Aug 2020 12:29:40 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 1090
GET H/1.1	200 OK	white-lock.png nbgservice-help.com/nu_filez/img/	285 B 526 B	270ms 270ms	Image image/png	34.118.0.86 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://nbgservice-help.com/nu_filez/img/white-lock.png Requested by Host: nbgservice-help.com URL: https://nbgservice-help.com/nu_filez/css/npc.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.118.0.86 Warsaw, Poland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 86.0.118.34.bc.googleusercontent.com Software Apache / Resource Hash `b465d00b89619e9899ec7d618559157db09f935d318466d67deb036157fadcf2` Request headers accept-language jp-JP,jp;q=0.9 Referer https://nbgservice-help.com/nu_filez/css/npc.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Sun, 22 May 2022 12:06:32 GMT Last-Modified Wed, 19 Aug 2020 12:40:48 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 285
GET H/1.1	200 OK	RNHouseSansW05-Regular.woff2 nbgservice-help.com/nu_filez/fonts/	21 KB 21 KB	269ms 268ms	Font font/woff2	34.118.0.86 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://nbgservice-help.com/nu_filez/fonts/RNHouseSansW05-Regular.woff2 Requested by Host: nbgservice-help.com URL: https://nbgservice-help.com/nu_filez/css/master.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.118.0.86 Warsaw, Poland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 86.0.118.34.bc.googleusercontent.com Software Apache / Resource Hash `9be8b2c42ad2d6f7327f62a7d03995a5a4615770154941d59493473186e5140c` Request headers Referer https://nbgservice-help.com/nu_filez/css/master.css Origin https://nbgservice-help.com accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Sun, 22 May 2022 12:06:32 GMT Last-Modified Wed, 19 Aug 2020 12:30:10 GMT Server Apache Content-Type font/woff2 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 21572
GET H/1.1	404 Not Found	li5_outer_frame_top_curve.gif nbgservice-help.com/nu_filez/images/	315 B 315 B	273ms 272ms	Image text/html	34.118.0.86 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://nbgservice-help.com/nu_filez/images/li5_outer_frame_top_curve.gif Requested by Host: nbgservice-help.com URL: https://nbgservice-help.com/nu_filez/css/master.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.118.0.86 Warsaw, Poland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 86.0.118.34.bc.googleusercontent.com Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers accept-language jp-JP,jp;q=0.9 Referer https://nbgservice-help.com/nu_filez/css/master.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Sun, 22 May 2022 12:06:32 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=98 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	radio-selected.png nbgservice-help.com/nu_filez/img/	2 KB 2 KB	273ms 273ms	Image image/png	34.118.0.86 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://nbgservice-help.com/nu_filez/img/radio-selected.png Requested by Host: nbgservice-help.com URL: https://nbgservice-help.com/nu_filez/css/npc.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.118.0.86 Warsaw, Poland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 86.0.118.34.bc.googleusercontent.com Software Apache / Resource Hash `d81db57832f4742b67755f90f8c3d37735cb9f58dbb10e312f931343d27552c6` Request headers accept-language jp-JP,jp;q=0.9 Referer https://nbgservice-help.com/nu_filez/css/npc.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Sun, 22 May 2022 12:06:32 GMT Last-Modified Wed, 19 Aug 2020 12:43:34 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1633
GET H/1.1	200 OK	combined-shape.png nbgservice-help.com/nu_filez/img/	359 B 600 B	268ms 267ms	Image image/png	34.118.0.86 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://nbgservice-help.com/nu_filez/img/combined-shape.png Requested by Host: nbgservice-help.com URL: https://nbgservice-help.com/nu_filez/css/npc.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.118.0.86 Warsaw, Poland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 86.0.118.34.bc.googleusercontent.com Software Apache / Resource Hash `d1c878b4e69d9da5292c53b1f46708de74c435144895bdfd697208406466a814` Request headers accept-language jp-JP,jp;q=0.9 Referer https://nbgservice-help.com/nu_filez/css/npc.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Sun, 22 May 2022 12:06:32 GMT Last-Modified Wed, 19 Aug 2020 14:51:30 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 359
GET H/1.1	200 OK	radio-normal.png nbgservice-help.com/nu_filez/img/	1 KB 2 KB	496ms 270ms	Image image/png	34.118.0.86 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://nbgservice-help.com/nu_filez/img/radio-normal.png Requested by Host: nbgservice-help.com URL: https://nbgservice-help.com/nu_filez/css/npc.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.118.0.86 Warsaw, Poland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 86.0.118.34.bc.googleusercontent.com Software Apache / Resource Hash `1ec277d20cb0b2b9d72322f3cc32d988435978a6a8f72b28e0f8ac8b1bf17a72` Request headers accept-language jp-JP,jp;q=0.9 Referer https://nbgservice-help.com/nu_filez/css/npc.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Sun, 22 May 2022 12:06:32 GMT Last-Modified Wed, 19 Aug 2020 12:43:46 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 1317
GET H/1.1	200 OK	check-box.png nbgservice-help.com/nu_filez/img/	157 B 398 B	273ms 272ms	Image image/png	34.118.0.86 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://nbgservice-help.com/nu_filez/img/check-box.png Requested by Host: nbgservice-help.com URL: https://nbgservice-help.com/nu_filez/css/npc.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.118.0.86 Warsaw, Poland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 86.0.118.34.bc.googleusercontent.com Software Apache / Resource Hash `d2955b58d801a021737f025d1716a68fd2a143ddac3e0b749fcc053deba6e082` Request headers accept-language jp-JP,jp;q=0.9 Referer https://nbgservice-help.com/nu_filez/css/npc.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Sun, 22 May 2022 12:06:32 GMT Last-Modified Wed, 19 Aug 2020 12:48:00 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 157
GET H/1.1	200 OK	down-chevron.png nbgservice-help.com/nu_filez/img/	295 B 536 B	273ms 271ms	Image image/png	34.118.0.86 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://nbgservice-help.com/nu_filez/img/down-chevron.png Requested by Host: nbgservice-help.com URL: https://nbgservice-help.com/nu_filez/css/npc.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.118.0.86 Warsaw, Poland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 86.0.118.34.bc.googleusercontent.com Software Apache / Resource Hash `4f5a022467e927b5b385cc335e58434a49bad0520ed018fc059075069d695c79` Request headers accept-language jp-JP,jp;q=0.9 Referer https://nbgservice-help.com/nu_filez/css/npc.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Sun, 22 May 2022 12:06:32 GMT Last-Modified Wed, 19 Aug 2020 13:20:20 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 295
GET H/1.1	200 OK	RNHouseSansW05-Bold.woff2 nbgservice-help.com/nu_filez/fonts/	22 KB 22 KB	297ms 270ms	Font font/woff2	34.118.0.86 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://nbgservice-help.com/nu_filez/fonts/RNHouseSansW05-Bold.woff2 Requested by Host: nbgservice-help.com URL: https://nbgservice-help.com/nu_filez/css/master.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.118.0.86 Warsaw, Poland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 86.0.118.34.bc.googleusercontent.com Software Apache / Resource Hash `ce64c0d35d4ad8fd2fa79ecd45d6db37982940958b7f51448b697bad342ce55b` Request headers Referer https://nbgservice-help.com/nu_filez/css/master.css Origin https://nbgservice-help.com accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Sun, 22 May 2022 12:06:32 GMT Last-Modified Wed, 19 Aug 2020 12:30:04 GMT Server Apache Content-Type font/woff2 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 22184

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: NatWest (Banking)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			nbgservice-help.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 56e315f5445b66031ce973f0639b9c28

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://nbgservice-help.com/nu_filez/images/li5_outer_frame_top_curve.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

nbgservice-help.com
34.118.0.86
1aea65aeda4e39957158bacd84556ed7a77ab468265e2a163265b346b7f60965
1ec277d20cb0b2b9d72322f3cc32d988435978a6a8f72b28e0f8ac8b1bf17a72
27f324f2ad60091d5e8f76adfef83f9122dc8aa8df29d0a8d970bfe06aaa5005
42e70c32efffee33a1d8bddf152d6b754fa8abb83c6166444b8d41b217d9dae6
4f5a022467e927b5b385cc335e58434a49bad0520ed018fc059075069d695c79
668faa210a0e0cabb9aa13a1a6ad4e3b22b0f9cad90c43694ba37a8a4714b0e6
84086bb634fc6fd223918894c6b74641811e06e84007937c5809942b7a02ddff
91e97bc3ae7e0ba5b63a0dbe92803d4b75ba5a01b69a60277936a5b6a5aaf575
9be8b2c42ad2d6f7327f62a7d03995a5a4615770154941d59493473186e5140c
b219825ac314d72c5e00b184dc8a4216a2fded34a5259ec133d3bc6fd8a11260
b465d00b89619e9899ec7d618559157db09f935d318466d67deb036157fadcf2
baa20494a5b43107d7e50b18d5644163dfef7524ae3d6c513c567418edf613dd
ce64c0d35d4ad8fd2fa79ecd45d6db37982940958b7f51448b697bad342ce55b
d1c878b4e69d9da5292c53b1f46708de74c435144895bdfd697208406466a814
d2955b58d801a021737f025d1716a68fd2a143ddac3e0b749fcc053deba6e082
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d81db57832f4742b67755f90f8c3d37735cb9f58dbb10e312f931343d27552c6
e6d03fb291fdf6036e3e04726f771d360b19353c35f10549b263e50e1f07a420
ef7db794b4a6b5c42d2535919d91fb11da1e5cd1147f35196db382197b35fdee
f2b557317fb851b3ed73c2d8203192e9ed433bd006ca5025ccb3317ef15e1b8d

nbgservice-help.com Open in urlscan Pro 34.118.0.86 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

960 kBTransfer

955 kBSize

1 Cookies

23 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

nbgservice-help.com Open in urlscan Pro
34.118.0.86 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

960 kB
Transfer

955 kB
Size

1
Cookies

20 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!