ScanMalware.com

Security Scan Report: nubis-validado.vercel.app

Site favicon
Submitted: Dec 4, 2025, 9:07:23 AMCompleted: Dec 4, 2025, 9:08:22 AMpubliccompleted
Loading additional data...

Summary

This website contacted 53 IPs in 3 countries across 13 domains to perform 29 HTTP transactions. The main domain is nubis-validado.vercel.app.

Submitted URL: https://nubis-validado.vercel.app/

AI Security Verdict

High Risk

Confidence: 92%

10
Risk Score

Site impersonates Nubank and harvests CPF on a new untrusted domain – high‑risk phishing.

Risk Factors
Brand impersonation
Collection of sensitive personal data (CPF) on an untrusted domain
Circular redirect indicating possible URL manipulation
Newly registered / unranked domain
Potential credential harvesting
Domain age information unavailable

Details

Page Title

Nubаnk - Consulta de Indenizações

Scan Type

public

Language

🇵🇹

Portuguese

(80% confidence)

Category

finance banking

(72%)

Domain Information

The domain name 'nubis-validado.vercel.app' uses the application-focused generic top-level domain (.app), featuring subdomain 'nubis-validado'. The registrable portion 'vercel' spans 6 characters holding 2 vowels versus four consonants. Splitting it apart reveals two words: ver, cel. Expect three characters per word on average. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://nubis-validado.vercel.app/

Page Load Overview

0.78s
Total Load Time
29
HTTP Requests
13
Domains
2.0 MB
Total Size

Language Analysis

Primary Language

🇵🇹Portuguese
Code: pt
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:pt
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:pt-BR
Text Length:2,225 chars
Detector Agreement:80%

Website Classification

Primary Category

finance banking72% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

finance banking
72%
government public service
58%
technology software
50%
news media journalism
43%
adult content
42%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
29172.67.68.221United States
AS13335CLOUDFLARENET
8216.198.79.67United States
AS16509AMAZON-02
5157.240.0.35Frankfurt am Main, Hesse, Germany
AS32934FACEBOOK
4172.67.184.158United States
AS13335CLOUDFLARENET
234.143.72.2United States
AS396982GOOGLE-CLOUD-PLATFORM
2157.240.0.6Frankfurt am Main, Hesse, Germany
AS32934FACEBOOK
134.250.112.44Dublin, Leinster, Ireland
AS16509AMAZON-02
1172.67.74.152United States
AS13335CLOUDFLARENET
165.9.175.81United States
AS16509AMAZON-02
1104.18.38.10United States
AS13335CLOUDFLARENET
2953--

Detected Technologies2

Vercel
40%
HSTS
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1E1A2C8342481187A752385F1E267F719A9BAC70FD52BEC49B3AC81A27FC9C5449437E8

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

384:Tw1LR5g5ddnm+wtmJLkn5pVRoeVVjBFIBcKBMW4B8cBfsngkAy:Twxg5dpdwtmJL+/VeIV1FWcUMWG8Sfs9

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:23093:mAwFBAiMGFghpoEGAAb0AwHg5iRicCDwCiicECiHCkUhgQL0AAI7GURAoChAQAIDiEAEYxhDk7A5CFqRuLGkBkgHBVAI4AeG

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffdf3b1991f9991f
Perceptual Hash:a9e496e23cc3856e
Difference Hash:c23d727333133b33
Wavelet Hash:ff9f1b010199990f
Color Hash:#361f93

Other Hashes

Crop Resistant:c23d727333133b33,9f112d2747079e06,c9d99323064ead18,01285661691a2401

Scan History

Scan history not available

Unable to load historical scan data