www.nuovisoldi.com - urlscan.io

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 5 HTTP transactions. The main IP is 35.185.208.175, located in The Dalles, United States and belongs to GOOGLE, US. The main domain is www.nuovisoldi.com.
TLS certificate: Issued by R3 on December 2nd 2023. Valid for: 3 months.

This is the only time www.nuovisoldi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	35.185.208.175 35.185.208.175	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::54	15169 (GOOGLE) (GOOGLE)
1	23.212.209.109 23.212.209.109	16625 (AKAMAI-AS) (AKAMAI-AS)
5	3

3 35.185.208.175 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 175.208.185.35.bc.googleusercontent.com

www.nuovisoldi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.209.109 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-209-109.deploy.static.akamaitechnologies.com

www.citibank.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	nuovisoldi.com www.nuovisoldi.com	255 KB
1	citibank.com.sg www.citibank.com.sg — Cisco Umbrella Rank: 484485	62 KB
1	google.com accounts.google.com — Cisco Umbrella Rank: 23	79 KB
5	3

	Domain	Requested by
3	www.nuovisoldi.com	www.nuovisoldi.com
1	www.citibank.com.sg
1	accounts.google.com	www.nuovisoldi.com
5	3

This site contains links to these domains. Also see Links.

Domain
www.citibank.com.sg
www.uob.com.sg

Subject Issuer	Validity	Valid
nuovisoldi.com R3	`2023-12-02` - `2024-03-01`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.citibank.com.sg DigiCert EV RSA CA G2	`2023-07-03` - `2024-07-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.nuovisoldi.com/
Frame ID: 932EC24BE6F849FFE71FD40CFA57C7A5
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

nuovisoldi

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

<meta[^>]*google-signin-client_id
accounts\.google\.com/gsi/client

Page Statistics

5
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

396 kB
Transfer

521 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.citibank.com.sg/credit-cards/travel/premiermiles-card/
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://www.uob.com.sg/personal/cards/cashback/evol-card
Title: Sign Up

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.nuovisoldi.com/ 466 B
704 B 450ms
144ms Document
text/html 35.185.208.175
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nuovisoldi.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.208.175 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 175.208.185.35.bc.googleusercontent.com
Software: nginx/1.24.0 /
Resource Hash: aa0ddb4c3bcb0bc9deec7b8534c025b5ffa9463b1940e657cf0e336120fa6c83

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Length: 466
Content-Type: text/html
Date: Sat, 02 Dec 2023 18:47:25 GMT
ETag: "656a5d29-1d2"
Last-Modified: Fri, 01 Dec 2023 22:24:41 GMT
Server: nginx/1.24.0

GET
H2 200 client Show response
accounts.google.com/gsi/ 205 KB
79 KB 330ms
170ms Script
application/javascript 2a00:1450:400c:c0c::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: www.nuovisoldi.com
URL: https://www.nuovisoldi.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d006b8e18a5756196c8a3f18ed9ccb0da3bc0f8def44cf6489db4b1df0ad4d7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cuD3bhNf_GA88ptRz8nYFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nuovisoldi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:47:25 GMT
content-security-policy: script-src 'report-sample' 'nonce-cuD3bhNf_GA88ptRz8nYFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Sat, 02 Dec 2023 18:47:25 GMT

GET
H/1.1 200
OK 810.js Show response
www.nuovisoldi.com/ 208 KB
208 KB 329ms
290ms Script
text/plain 35.185.208.175
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nuovisoldi.com/810.js
Requested by: Host: www.nuovisoldi.com
URL: https://www.nuovisoldi.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.208.175 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 175.208.185.35.bc.googleusercontent.com
Software: nginx/1.24.0 /
Resource Hash: 8a87a6cac37b7fe78486ad2b05c7b3f7459c1aa09a5f090ebc44834fd801d952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nuovisoldi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:47:25 GMT
Last-Modified: Fri, 01 Dec 2023 22:24:41 GMT
Server: nginx/1.24.0
ETag: "656a5d29-33eb0"
Content-Type: text/plain
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 212656

GET
H/1.1 200
OK main.js Show response
www.nuovisoldi.com/ 46 KB
46 KB 580ms
288ms Script
text/plain 35.185.208.175
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nuovisoldi.com/main.js
Requested by: Host: www.nuovisoldi.com
URL: https://www.nuovisoldi.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.208.175 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 175.208.185.35.bc.googleusercontent.com
Software: nginx/1.24.0 /
Resource Hash: 0a1934ccc5a53e01d11729e83224b4d0a826a148ce120093a42c1cf15af76213

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nuovisoldi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:47:25 GMT
Last-Modified: Fri, 01 Dec 2023 22:39:07 GMT
Server: nginx/1.24.0
ETag: "656a608b-b75c"
Content-Type: text/plain
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 46940

GET
H2 200 Citi-PremierMiles-Credit-Card-V2.png
www.citibank.com.sg//files/images/ 61 KB
62 KB 225ms
154ms Image
image/avif 23.212.209.109
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citibank.com.sg//files/images/Citi-PremierMiles-Credit-Card-V2.png

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

23.212.209.109 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-209-109.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

7f2498599190badd26b058ffca5e7242cd45cc7c1d926e6e64ffaba26a43a340

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nuovisoldi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:47:26 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
last-modified: Thu, 23 Nov 2023 11:42:31 GMT
server: Akamai Image Manager
x-permitted-cross-domain-policies: NONE
akamai-grn: 0.8ce22517.1701542846.4cf7ffbb
etag: "1a847cd-25784-5a58227c35ec0"
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: private, no-transform, max-age=604800
server-timing: cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1701542846320_388358796_1291321275_213_140524_6_10_219";dur=1
content-length: 62919
expires: Sat, 09 Dec 2023 18:47:26 GMT

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
www.citibank.com.sg
www.nuovisoldi.com
23.212.209.109
2a00:1450:400c:c0c::54
35.185.208.175
0a1934ccc5a53e01d11729e83224b4d0a826a148ce120093a42c1cf15af76213
1d006b8e18a5756196c8a3f18ed9ccb0da3bc0f8def44cf6489db4b1df0ad4d7
7f2498599190badd26b058ffca5e7242cd45cc7c1d926e6e64ffaba26a43a340
8a87a6cac37b7fe78486ad2b05c7b3f7459c1aa09a5f090ebc44834fd801d952
aa0ddb4c3bcb0bc9deec7b8534c025b5ffa9463b1940e657cf0e336120fa6c83

www.nuovisoldi.com Open in urlscan Pro 35.185.208.175 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

5 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

396 kBTransfer

521 kBSize

0 Cookies

2 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

0 Cookies

Indicators

www.nuovisoldi.com Open in urlscan Pro
35.185.208.175 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

396 kB
Transfer

521 kB
Size

0
Cookies

5 HTTP transactions
0 data transactions