https://privovte.com/notes/
62.60.226.244 · Femo IT Solutions Limited
Frankfurt am Main, Germany
3 days ⚠
200 · 14.5s
Valid· YR2, Let's Encrypt, US
COMPLETED
Linked Phishing Report
This scan is attached to a vendor submission report
Brand
privnote (likely typosquat on privovte.com)
Vendors
27/31
Status
partial
No KB/IOK detections were recorded for this scan.
technology | finance | ecommerce | other · 7/19/2026
The page on privovte.com/notes presents a note-sharing UI that visually clones Privnote branding (logo assets named privnote, page mentions self-destruct notes). Domain intelligence shows a typosquat proximity to Privnote (privovte vs privnote) and a very new domain (3 days old). The page includes a password field and an endpoint hint (notes/api/send.php) that could be used for data exfiltration. All signs point to impersonation attempts rather than a legitimate Privnote site, suggesting credential collection or data harvesting potential.
Capture
Stages: 2
Canonical: Settled Render
Changed: No
Credential Signals
Forms: 1
Password fields: 3
Late-stage login UI: No
Resource Signals
Resources: 8
Hosts: 1
Domains: 1
Suspicious Endpoints
hxxps://privovte[.]com/notes/
hxxps://privovte[.]com/notes/api/send.php
The scan indicates a high likelihood of impersonation involving Privnote branding on a typosquatted, newly-registered domain. Visual assets and page title align with Privnote’s concept of self-destructing notes, yet the hostname privovte.com is not Privnote’s official domain. The presence of a password field and a suspicious API endpoint heighten the risk of credential collection or data leakage. Given these indicators, this domain should be treated as abusive impersonation and blocked until provenance is clarified.
Suspend Domain