urlscan.io logo urlscan.io
SecurityTrails logo

nfinews.co.uk Open in urlscan Pro
104.16.208.86  Public Scan

Go To Rescan Add Verdict Report
URL: https://nfinews.co.uk/5KB-7BJUW-KWC8D7-4EV8HO-0/c.aspx
Submission: On April 16 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 2 HTTP transactions. The main IP is 104.16.208.86, located in United States and belongs to CLOUDFLARENET, US. The main domain is nfinews.co.uk.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 12th 2020. Valid for: a year.
This is the only time nfinews.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.16.208.86 13335 (CLOUDFLAR...)
1 155.131.144.68 8698 (Nationwid...)
2 2
Apex Domain
Subdomains		 Transfer
1 nationwide.co.uk
www.nationwide.co.uk
1 nfinews.co.uk
nfinews.co.uk
892 B
2 2
Domain Requested by
1 www.nationwide.co.uk
1 nfinews.co.uk
2 2

This site contains links to these domains. Also see Links.

Domain
www.nationwide.co.uk
Subject Issuer Validity Valid
nfinews.co.uk
Cloudflare Inc ECC CA-3		 2020-08-12 -
2021-08-12		 a year crt.sh
nationwide.co.uk
DigiCert EV RSA CA G2		 2020-07-11 -
2021-10-17		 a year crt.sh

This page contains 1 frames:

Frame: https://www.nationwide.co.uk/-/media/MainSite/documents/about/house-price-index/2021/Mar_Q1_2021.pdf?utm_source=NFI&utm_medium=email&utm_campaign=12296264_April%20Newsletter%2008.04.2021&dm_i=5KB,7BJUW,KWC8D7,TP5LZ,0
Frame ID: 92923E7CA0D779A751E152F71D64F800
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 50%
Detected patterns
  • url /\.aspx?(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • url /\.aspx?(?:$|\?)/i
Overall confidence: 50%
Detected patterns
  • url /\.aspx?(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1 kB
Transfer

1 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request c.aspx
nfinews.co.uk/5KB-7BJUW-KWC8D7-4EV8HO-0/ 		564 B
892 B 		Document
General
Check archive.org
Download Go to
Full URL
https://nfinews.co.uk/5KB-7BJUW-KWC8D7-4EV8HO-0/c.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.208.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
069a46ac944ea518ddc5a0127944d0191374a804b109ccc4f99d5368088a1170

Request headers

:method
GET
:authority
nfinews.co.uk
:scheme
https
:path
/5KB-7BJUW-KWC8D7-4EV8HO-0/c.aspx
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 13:04:45 GMT
content-type
text/html; charset=utf-8
content-length
416
set-cookie
__cfduid=d78136dd4558b4e64c9f61839f694d3d61618578284; expires=Sun, 16-May-21 13:04:44 GMT; path=/; domain=.nfinews.co.uk; HttpOnly; SameSite=Lax
cache-control
private
content-encoding
gzip
vary
Accept-Encoding
x-dm-activity-id
c50136f6b3bd440fb94655d8f0a051d8
cf-cache-status
DYNAMIC
cf-request-id
097c61b99c0000049bc1156000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
640d9f08fd22049b-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Cookie set Mar_Q1_2021.pdf
www.nationwide.co.uk/-/media/MainSite/documents/about/house-price-index/2021/ 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nationwide.co.uk/-/media/MainSite/documents/about/house-price-index/2021/Mar_Q1_2021.pdf?utm_source=NFI&utm_medium=email&utm_campaign=12296264_April%20Newsletter%2008.04.2021&dm_i=5KB,7BJUW,KWC8D7,TP5LZ,0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
155.131.144.68 Swindon, United Kingdom, ASN8698 (Nationwide Building Society, GB),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net collection.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net wss://collection.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; frame-ancestors nationwide.egain.cloud 'self'; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Strict-Transport-Security max-age=16070400
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
www.nationwide.co.uk
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://nfinews.co.uk/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://nfinews.co.uk/

Response headers

Cache-Control
public, no-cache, max-age=604800
Content-Length
548400
Content-Type
application/pdf
Expires
Fri, 23 Apr 2021 13:04:45 GMT
Last-Modified
Wed, 31 Mar 2021 06:02:10 GMT
ETag
f604327f634c404596f6486f6f572db7
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
Content-Security-Policy
default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net collection.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net wss://collection.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; frame-ancestors nationwide.egain.cloud 'self'; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Date
Fri, 16 Apr 2021 13:04:45 GMT
Set-Cookie
du=duNB;Path=/;Domain=www.nationwide.co.uk;Expires=Fri, 16-Apr-2021 13:24:45 GMT TS01d92654=01d658d16ab22748f28c885e87399baa8f0663b14e5c3af332e214deb65f620056c590d3e916cc0fb7929ece73492aec68e9bfa8eb2b24da9e6f56b4ef70ced5e787edec21; Path=/; Domain=.www.nationwide.co.uk TS30093fef027=08bb4bd859ab200036843ecea3e2990bb3e26d5d6fb9bab67cf4a063ab8b503d7943883070c38a7f08c34e1f75113000c4fd93fb3949145e7a0a72c2933e90238b711e7be7b7b9caec2384a2ad4b4eca06141d554b6dccad8ffee629ac9c525a;Path=/
Strict-Transport-Security
max-age=16070400

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated

1 Cookies

Domain/Path Name / Value
.nfinews.co.uk/ Name: __cfduid
Value: d78136dd4558b4e64c9f61839f694d3d61618578284

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

nfinews.co.uk
www.nationwide.co.uk
104.16.208.86
155.131.144.68
069a46ac944ea518ddc5a0127944d0191374a804b109ccc4f99d5368088a1170