www.nexi.de Open in urlscan Pro
185.198.117.126 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://lp.nexi.de/
Effective URL:
https://www.nexi.de/de
Submission: On August 13 via automatic, source certstream-suspicious (August 13th 2024, 1:54:51 pm UTC) — Scanned from DE

Summary HTTP 40 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 7 domains to perform 40 HTTP transactions. The main IP is 185.198.117.126, located in Italy and belongs to NEXI-AS, IT. The main domain is www.nexi.de.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on May 16th 2024. Valid for: a year.

This is the only time www.nexi.de was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Nexi (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	217.31.84.121 217.31.84.121	29140 (HOSTSERVE...) (HOSTSERVER-AS Hostserver GmbH)
1 1	185.198.118.126 185.198.118.126	35051 (NEXI-AS) (NEXI-AS)
1 25	185.198.117.126 185.198.117.126	35051 (NEXI-AS) (NEXI-AS)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
3	2600:9000:20a... 2600:9000:20ab:8e00:5:b7cc:d3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6816:1cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
40	10

1 217.31.84.121 (Germany) 1 redirects

ASN29140 (HOSTSERVER-AS Hostserver GmbH, DE)
PTR: concardis-web3-ng.adns.de

lp.nexi.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.198.118.126 (Italy) 1 redirects

ASN35051 (NEXI-AS, IT)

nexi.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 185.198.117.126 (Italy) 1 redirects

ASN35051 (NEXI-AS, IT)

www.nexi.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20ab:8e00:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

sdk.privacy-center.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:cc (United States)

ASN13335 (CLOUDFLARENET, US)

acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1cc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	nexi.de 3 redirects lp.nexi.de nexi.de www.nexi.de	1 MB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	547 KB
3	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 157 ade.googlesyndication.com — Cisco Umbrella Rank: 370	880 B
3	acsbapp.com acsbapp.com — Cisco Umbrella Rank: 7038 cdn.acsbapp.com — Cisco Umbrella Rank: 7605	97 KB
3	privacy-center.org sdk.privacy-center.org — Cisco Umbrella Rank: 4906	170 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3123
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 641	31 KB
40	7

	Domain	Requested by
25	www.nexi.de	1 redirects www.nexi.de
6	www.googletagmanager.com	www.nexi.de www.googletagmanager.com
3	sdk.privacy-center.org	www.nexi.de sdk.privacy-center.org
2	ade.googlesyndication.com	1 redirects www.nexi.de
2	acsbapp.com	www.nexi.de acsbapp.com
1	region1.google-analytics.com	www.googletagmanager.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	cdn.acsbapp.com	acsbapp.com
1	ajax.googleapis.com	www.nexi.de
1	nexi.de	1 redirects
1	lp.nexi.de	1 redirects
40	11

This site contains links to these domains. Also see Links.

Domain
accessibe.com
apps.apple.com
play.google.com
www.nexigroup.com
lp.nexi.de
nexigroup.whistleblowernetwork.net
www.facebook.com
www.youtube.com
twitter.com
www.linkedin.com
www.xing.com

Subject Issuer	Validity	Valid
www.nexi.de GlobalSign RSA OV SSL CA 2018	`2024-05-16` - `2025-06-17`	a year	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.privacy-center.org Amazon RSA 2048 M03	`2024-03-10` - `2025-04-07`	a year	crt.sh
acsbapp.com WE1	`2024-06-20` - `2024-09-18`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.nexi.de/de
Frame ID: 998CD696CB51AE30697F54A6EB72B350
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kartenzahlung annehmen - Bargeldloses Bezahlen ganz einfach.

Page URL History Show full URLs

https://lp.nexi.de/ HTTP 303
https://nexi.de/ HTTP 301
https://www.nexi.de/ HTTP 301
https://www.nexi.de/de Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc\.clientlibs/

Didomi (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

sdk\.privacy-center\.org/.*/loader\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

98 %
HTTPS

64 %
IPv6

7
Domains

11
Subdomains

10
IPs

3
Countries

2363 kB
Transfer

5275 kB
Size

2
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://accessibe.com/blog/knowledgebase/screen-reader-guide
Title: Leitfaden für barrierefreie Bildschirmlesegeräte, Feedback und Fehlerberichte

Search URL Search Domain Scan URL

URL: https://apps.apple.com/de/app/mypayments-app/id1294739137
Title: Download App Store

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=eu.nets.mypayments&gl=DE
Title: Google Play

Search URL Search Domain Scan URL

URL: https://www.nexigroup.com/de/people/careers/job-openings/
Title: KARRIERE

Search URL Search Domain Scan URL

URL: https://lp.nexi.de/darstellung-der-waehrungskurse
Title: WÄHRUNGSUMRECHNER

Search URL Search Domain Scan URL

URL: https://nexigroup.whistleblowernetwork.net/frontpage
Title: Hinweisgebersystem

Search URL Search Domain Scan URL

URL: https://www.facebook.com/nexigermany

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCJ9y8d69JxduRmnUtTrotbg

Search URL Search Domain Scan URL

URL: https://twitter.com/nexigermany

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/nexi-germany/

Search URL Search Domain Scan URL

URL: https://www.xing.com/pages/nexi-germany-gmbh

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://lp.nexi.de/ HTTP 303
https://nexi.de/ HTTP 301
https://www.nexi.de/ HTTP 301
https://www.nexi.de/de Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://ade.googlesyndication.com/ddm/activity/src=10302488;type=count0;cat=fl-co0;ord=1;num=3203742106756;npa=1;u1=https%3A%2F%2Fwww.nexi.de%2Fde;gdid=dMTc4Zm;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4880v9181784027z89105342857za201zb9105342857;gcs=G100;gcd=13p3pPp2p5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.nexi.de%2Fde HTTP 302
https://ade.googlesyndication.com/ddm/activity/src=10302488;dc_pre=CJT4yp6P8ocDFS8bogMd5mEGUA;type=count0;cat=fl-co0;ord=1;num=3203742106756;npa=1;u1=https%3A%2F%2Fwww.nexi.de%2Fde;gdid=dMTc4Zm;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4880v9181784027z89105342857za201zb9105342857;gcs=G100;gcd=13p3pPp2p5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.nexi.de%2Fde

40 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request de Show response
www.nexi.de/
Redirect Chain

https://lp.nexi.de/
https://nexi.de/
https://www.nexi.de/
https://www.nexi.de/de

195 KB
14 KB

55ms
53ms

Document
text/html

185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nexi.de/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

5f17adb3a04dcf761b25925579a507c2dbb0f0e2c3296c6c465d80a2185ec11b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: br
Content-Length: 13157
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Aug 2024 13:54:45 GMT
ETag: "30d36-61f83c226d2e2-br"
Last-Modified: Mon, 12 Aug 2024 22:10:18 GMT
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Vary: Accept-Encoding,Origin
X-Frame-Options: SAMEORIGIN

Redirect headers

Connection: keep-alive
Content-Length: 230
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 13 Aug 2024 13:54:45 GMT
Location: https://www.nexi.de/de
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"

GET
H/1.1 200
OK clientlib-site.min.css
www.nexi.de/etc.clientlibs/nexinew/clientlibs/ 338 KB
51 KB 56ms
46ms Stylesheet
text/css 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.min.css

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

847e759833689557ade050140a92c620fcc008c5ea405470633eea089da19eaa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.nexi.de/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 13:54:45 GMT
Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: br
Last-Modified: Fri, 02 Aug 2024 15:07:12 GMT
ETag: "5490c-61eb4ae9bae33-br"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding,Origin
Content-Type: text/css
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=300, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51743

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 83ms
16ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nexi.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 03:59:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 554106
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Aug 2025 03:59:39 GMT

GET
H/1.1 200
OK nexi-logo-white.svg
www.nexi.de/content/dam/nexinew/icone/ 2 KB
2 KB 99ms
48ms Image
image/svg+xml 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nexi.de/content/dam/nexinew/icone/nexi-logo-white.svg

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

4c399d83f036f296ac9cdc6cbb47af8f77b8892218b7c0ae7c26b292f4eddd08

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.nexi.de/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 13:54:45 GMT
Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: br
Last-Modified: Fri, 02 Aug 2024 15:07:43 GMT
ETag: "72c-61eb4b06ca191-br"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding,Origin
Content-Type: image/svg+xml
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=300, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 772

GET
H/1.1 200
OK nexi-logo-dark.svg
www.nexi.de/content/dam/nexinew/icone/ 2 KB
2 KB 106ms
46ms Image
image/svg+xml 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nexi.de/content/dam/nexinew/icone/nexi-logo-dark.svg

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

2bef6e7b4bd23a7009ddf29a2896bbdc7e25a365b501b2c34b5fd42917e12337

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.nexi.de/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 13:54:45 GMT
Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: br
Last-Modified: Fri, 02 Aug 2024 15:06:48 GMT
ETag: "8fa-61eb4ad30b743-br"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding,Origin
Content-Type: image/svg+xml
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=300, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 892

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 366 KB
114 KB 124ms
43ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M7T2WFJ

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

25c923834c7f07f53822d7f504ce9414e45992821dc7f4129cc88056fa89bd5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nexi.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 13:54:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116478
x-xss-protection: 0
last-modified: Tue, 13 Aug 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Aug 2024 13:54:45 GMT

GET
H/1.1 200
OK sommer-homebanner-24.webp
www.nexi.de/content/dam/nexide/img/nexi-de-test/herobanner/ 239 KB
240 KB 65ms
64ms Image
image/webp 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nexi.de/content/dam/nexide/img/nexi-de-test/herobanner/sommer-homebanner-24.webp

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

16046c7f03e78e92c414b42e726f58647d623a4f2a49559a4d2ab0accf01f5e1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.nexi.de/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 13:54:45 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Fri, 02 Aug 2024 15:10:47 GMT
ETag: "3bcce-61eb4bb6f5d30"
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: image/webp
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 244942

GET
H/1.1 200
OK Nexi-Financing.webp
www.nexi.de/content/dam/nexide/img/nexi-de-test/herobanner/ 347 KB
348 KB 39ms
37ms Image
image/webp 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nexi.de/content/dam/nexide/img/nexi-de-test/herobanner/Nexi-Financing.webp

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

3171f054ae6f43169b9fdda142391bbb11f458b7f70163ab755feeb83a17aa1d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.nexi.de/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 13:54:45 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Fri, 02 Aug 2024 15:16:13 GMT
ETag: "56b2a-61eb4ced65cc4"
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: image/webp
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 355114

GET
H/1.1 200
OK Tap_to_Pay_on_iPhone_hands.webp
www.nexi.de/content/dam/shopde/nexi-softpos/ 37 KB
38 KB 123ms
122ms Image
image/webp 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nexi.de/content/dam/shopde/nexi-softpos/Tap_to_Pay_on_iPhone_hands.webp

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

5f6e1d74b06220dd5545c2caaa6bfce51f998d643d51bfd34e293d3021611ef2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.nexi.de/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 13:54:45 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Wed, 07 Aug 2024 09:35:52 GMT
ETag: "9376-61f14a2dd5ea9"
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: image/webp
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37750

GET
H/1.1 200
OK eCom_Home.webp
www.nexi.de/content/dam/nexide/img/nexi-de-test/herobanner/ 66 KB
67 KB 72ms
69ms Image
image/webp 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nexi.de/content/dam/nexide/img/nexi-de-test/herobanner/eCom_Home.webp

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

68844220938760928ab8c74d8f7dc64d398167ad47455bb0be5895b56beae3ff

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.nexi.de/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 13:54:45 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Fri, 02 Aug 2024 15:15:20 GMT
ETag: "10978-61eb4cbb4966e"
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: image/webp
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 67960

GET
H/1.1 200
OK MyPaymentsApp.webp
www.nexi.de/content/dam/nexide/img/nexi-de-test/herobanner/ 28 KB
28 KB 103ms
61ms Image
image/webp 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nexi.de/content/dam/nexide/img/nexi-de-test/herobanner/MyPaymentsApp.webp

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

dbc19c319db65c1a8c3556c7f115338d3e40794e8bd06928ddaefe45f80f86e3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.nexi.de/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 13:54:45 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Fri, 02 Aug 2024 15:10:24 GMT
ETag: "6e14-61eb4ba113f53"
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: image/webp
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28180

GET
H/1.1 200
OK apple_AppStore.webp
www.nexi.de/content/dam/nexide/img/nexi-de-test/mypaymentsapp/ 2 KB
3 KB 103ms
61ms Image
image/webp 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nexi.de/content/dam/nexide/img/nexi-de-test/mypaymentsapp/apple_AppStore.webp

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

f0208b5ec10ee5ae4b97615ac8ee6d69d0fdc04616df544194731bce4db3dbb6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.nexi.de/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 13:54:45 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Fri, 02 Aug 2024 15:10:48 GMT
ETag: "88e-61eb4bb76ea95"
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: image/webp
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2190

GET
H/1.1 200
OK google-play-badge.webp
www.nexi.de/content/dam/nexide/img/nexi-de-test/mypaymentsapp/ 3 KB
3 KB 337ms
336ms Image
image/webp 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nexi.de/content/dam/nexide/img/nexi-de-test/mypaymentsapp/google-play-badge.webp

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

ee493db8f1bdaedc48fd9bb5b4d52cccb023d296f0ad9956227d1e51e926e26f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.nexi.de/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 13:54:46 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Fri, 02 Aug 2024 15:10:25 GMT
ETag: "a88-61eb4ba14b556"
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: image/webp
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2696

GET
H/1.1 200
OK clientlib-site.min.js Show response
www.nexi.de/etc.clientlibs/nexinew/clientlibs/ 692 KB
180 KB 50ms
49ms Script
application/javascript 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.min.js

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

d6efcc07574e8fb480979c1ba833497a20dd593b146ffe36d3af0e01b591c91a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.nexi.de/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 13:54:46 GMT
Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
Last-Modified: Fri, 02 Aug 2024 15:09:46 GMT
ETag: "ad148-61eb4b7ca931d-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding,Origin
Content-Type: application/javascript
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=300, public
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f15939181132a8ea3a1798da2a751abff0c0ffd3efae80b7229a921edc4f90b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eba9cb66701de4b335f4b2a1b7a9dd2eff9fedbc8b46d39635b21103ae1aa003

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK KarbonAppMedium-d094823381c0b7223a62.woff2
www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/nexinew/assets/ 39 KB
40 KB 136ms
72ms Font
font/woff2 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/nexinew/assets/KarbonAppMedium-d094823381c0b7223a62.woff2

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

87526f6a2177902e89ac67e69e6152671d38625024ae399ce3ba149599614bb9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.min.css
Origin: https://www.nexi.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 13:54:46 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Fri, 02 Aug 2024 15:10:25 GMT
ETag: "9a74-61eb4ba1af332"
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: font/woff2
Access-Control-Allow-Origin: https://www.nexi.de
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=300, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 39540

GET
H/1.1 200
OK nexinew-a07e9bf1518195ea4305.ttf
www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/nexinew/assets/ 21 KB
22 KB 187ms
91ms Font
font/ttf 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/nexinew/assets/nexinew-a07e9bf1518195ea4305.ttf?5goiff

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

525ffea0234afc7e31ca14912e889ef7d13a4c2b741db7e737a1244bbd9c0b73

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.min.css
Origin: https://www.nexi.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 13:54:46 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Fri, 02 Aug 2024 15:07:43 GMT
ETag: "5360-61eb4b07085ad"
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: font/ttf
Access-Control-Allow-Origin: https://www.nexi.de
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=300, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21344

GET
H/1.1 200
OK KarbonApp-247f6f4768829ff9e436.woff2
www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/nexinew/assets/ 40 KB
40 KB 202ms
65ms Font
font/woff2 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/nexinew/assets/KarbonApp-247f6f4768829ff9e436.woff2

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

53192495ec43c0d10022eb2fecefd9bd2967f56dab0fd98d3a3d5831422f7323

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.min.css
Origin: https://www.nexi.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 13:54:46 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Fri, 02 Aug 2024 15:06:49 GMT
ETag: "9e2c-61eb4ad337b03"
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: font/woff2
Access-Control-Allow-Origin: https://www.nexi.de
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=300, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40492

GET
H2 200 loader.js Show response
sdk.privacy-center.org/3b629be4-eb58-4096-bdbb-615b2c83c816/ 56 KB
20 KB 95ms
17ms Script
application/javascript 2600:9000:20ab:8e00:5:b7cc:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/3b629be4-eb58-4096-bdbb-615b2c83c816/loader.js?target=www.nexi.de
Requested by: Host: www.nexi.de
URL: https://www.nexi.de/de
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:8e00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d0dd0408b1557b3c09bd9778b8828f501876eb742a116924be99357e39eb9d7

Request headers

Referer: https://www.nexi.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 13:02:27 GMT
content-encoding: br
x-didomi-remote-config-metadata: multiReg:true;legacyGlobalGdpr:true
via: 1.1 2b4f91feaec910b23d827812b244c812.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 3139
x-amzn-requestid: 446dfa43-2bd0-4d45-8e02-1ae65726f96b
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-didomi-configs-version: 112
x-amzn-trace-id: root=1-66bb20b5-6a18825621d9f1d14996a1c7;parent=732274864e27ea39;sampled=0;lineage=eaae1266:0
etag: W/"0d366c77c5e539a93ce34be2bb7288f1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=7200, public
x-amz-cf-id: iJELZEYX4jyOc72INEaysSYdnf6tC4vaExb0-ciYMikKsH15GTDsmQ==

GET
H2 200 app.js Show response
acsbapp.com/apps/app/dist/js/ 311 KB
95 KB 184ms
145ms Script
application/javascript 2606:4700:10::6816:cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/app.js
Requested by: Host: www.nexi.de
URL: https://www.nexi.de/de
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2325344726abf7ba648bab24e57e841b6a5a526196efffc88c8d23001bfc4e1d

Request headers

Referer: https://www.nexi.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 13:54:46 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-guploader-uploadid: AHxI1nPRKxhJC_-4OaPDZiQtNvpn4x4o67kOKQIDySbSVUvDgKgVEsx05VB1Fj7AWOQZM4i4Pxk
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
last-modified: Mon, 12 Aug 2024 09:15:50 GMT
server: cloudflare
etag: W/"87bd835096dc46dfc0ae2bbfff15c324"
vary: Accept-Encoding
x-goog-hash: crc32c=+h+slg==, md5=h72DUJbcRt/Ariu//xXDJA==
x-goog-generation: 1723454150590744
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=300, must-revalidate
x-goog-stored-content-length: 318526
access-control-expose-headers: *
cf-ray: 8b2932ed5d47b8fc-AMS
expires: Wed, 13 Aug 2025 13:54:46 GMT

GET
H2 200 sdk.8b3a2afc5e89e41d4975ef688e9fc19efc001c53.js Show response
sdk.privacy-center.org/sdk/8b3a2afc5e89e41d4975ef688e9fc19efc001c53/modern/ 354 KB
91 KB 69ms
58ms Script
application/javascript 2600:9000:20ab:8e00:5:b7cc:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/sdk/8b3a2afc5e89e41d4975ef688e9fc19efc001c53/modern/sdk.8b3a2afc5e89e41d4975ef688e9fc19efc001c53.js
Requested by: Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/3b629be4-eb58-4096-bdbb-615b2c83c816/loader.js?target=www.nexi.de
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:8e00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d854280dae62685174cc5e77771cb2edda898a42fe4f15a0b205881d01c67c4f

Request headers

Referer: https://www.nexi.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 12:31:28 GMT
content-encoding: br
via: 1.1 2b4f91feaec910b23d827812b244c812.cloudfront.net (CloudFront)
last-modified: Mon, 12 Aug 2024 12:31:19 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
age: 91399
etag: W/"83b773e27159fe469ae9cabb558d79cf-1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 4mY58cxOu041beyyY70VlC6eWE50zaXbh0fGui2X0C0Oij0ip_F9Xw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 328 KB
108 KB 53ms
50ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZC6C4GYW78&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7T2WFJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6666577401f7a98f0168a4b1aca1e1ba3e442869b21d8466f14082cb8a4ba117

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nexi.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 13:54:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 110010
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 13 Aug 2024 13:54:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
85 KB 47ms
46ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-808584846&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7T2WFJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5844d1d230a83ddc71f9c5e1d3c7df0b2ce47a3390a72b5d4afccbc2748d321c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nexi.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 13:54:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87388
x-xss-protection: 0
last-modified: Tue, 13 Aug 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Aug 2024 13:54:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
77 KB 49ms
47ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10302488&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7T2WFJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7025d7d1ae9b8f37c4ebccc6625fe4ba18aa98638beb29d4d7c47452b610ce19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nexi.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 13:54:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79205
x-xss-protection: 0
last-modified: Tue, 13 Aug 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Aug 2024 13:54:46 GMT

GET
H2 200 config.json Show response
cdn.acsbapp.com/config/nexi.de/ 164 B
706 B 200ms
151ms Fetch
application/json 2606:4700:10::6816:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/config/nexi.de/config.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f7744b49b428848b90c08edacdf376301b5a72360d27c4b996fc4bbba70dd74

Request headers

Referer: https://www.nexi.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 13:54:46 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABPtcPq1R1q1d37ZGcawRo8F16BxPqHRERQdXSTWqjiBDEZfQJLWu7M6I9xyOj6BfLWqlZ6rKGw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Mon, 18 Sep 2023 09:58:15 GMT
server: cloudflare
etag: W/"67b3d55b6d36201775c681d5106b9b27"
vary: Accept-Encoding
x-goog-hash: crc32c=ZtX91w==, md5=Z7PVW202IBd1xoHVEGubJw==
x-goog-generation: 1695031095097503
access-control-allow-origin: *
content-type: application/json
cache-control: public, max-age=300, must-revalidate
x-goog-stored-content-length: 164
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cf-ray: 8b2932f01c289ff4-AMS
expires: Wed, 13 Aug 2025 13:54:46 GMT

GET
H/1.1 200
OK NexiSansPro-Medium-23fe8fc7211bc16e9c31.woff2
www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/nexinew/assets/ 50 KB
51 KB 51ms
50ms Font
font/woff2 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/nexinew/assets/NexiSansPro-Medium-23fe8fc7211bc16e9c31.woff2

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

04b49de58e76a8c7a7a2a95bb8b9b0a01424b8564b1b9f0ac9b6da368b1fb3b2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.min.css
Origin: https://www.nexi.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 13:54:46 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Fri, 02 Aug 2024 15:08:33 GMT
ETag: "c980-61eb4b36b2b95"
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: font/woff2
Access-Control-Allow-Origin: https://www.nexi.de
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=300, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51584

GET
H3 200 ui-gdpr-en-web.8b3a2afc5e89e41d4975ef688e9fc19efc001c53.js Show response
sdk.privacy-center.org/sdk/8b3a2afc5e89e41d4975ef688e9fc19efc001c53/modern/ 268 KB
59 KB 18ms
18ms Script
application/javascript 2600:9000:20ab:8e00:5:b7cc:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/sdk/8b3a2afc5e89e41d4975ef688e9fc19efc001c53/modern/ui-gdpr-en-web.8b3a2afc5e89e41d4975ef688e9fc19efc001c53.js
Requested by: Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk/8b3a2afc5e89e41d4975ef688e9fc19efc001c53/modern/sdk.8b3a2afc5e89e41d4975ef688e9fc19efc001c53.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:20ab:8e00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a7001f5af99b5bceeb069bdf07be3268e00737495f65b6f834b30698036527f

Request headers

Referer: https://www.nexi.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 12:32:14 GMT
content-encoding: gzip
via: 1.1 e1ffe469ec59bbd0f64b14eb9c83d0d4.cloudfront.net (CloudFront)
last-modified: Mon, 12 Aug 2024 12:31:21 GMT
server: AmazonS3
age: 91353
x-amz-cf-pop: AMS58-P3
etag: W/"d3599ffe4c51fd531d78a33e300a9138-1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: ZW5h1OcMXR9WuCVvV1DaYkyT0CpC6JxtezPe6mHWPLUTcNTZ9xjwtw==

POST
H3 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
64 B 40ms
17ms Ping
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13p3p3p2p5&tag_exp=0&rnd=85335636.1723557286&url=https%3A%2F%2Fwww.nexi.de%2Fde&dma_cps=-&dma=1&npa=1&gtm=45He4880n81M7T2WFJv9105342857za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7T2WFJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nexi.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 13:54:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 216 KB
77 KB 26ms
25ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-10302488&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7T2WFJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

18b29aa2f0fd0bdce0fcb1dea1848b3981de1e4aced991d0381e4d8652db9cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nexi.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 13:54:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79226
x-xss-protection: 0
last-modified: Tue, 13 Aug 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Aug 2024 13:54:46 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 241 KB
85 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-808584846&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7T2WFJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fae29a3c08610fe12eac11fa36c2fa5601f53f718e004b035712cb632d7e2801

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nexi.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 13:54:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87379
x-xss-protection: 0
last-modified: Tue, 13 Aug 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Aug 2024 13:54:46 GMT

GET
H/1.1 200
OK 622-d3e9bd2b1edfbf57bdab.js Show response
www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/chunks/ 4 KB
2 KB 37ms
37ms Script
application/javascript 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/chunks/622-d3e9bd2b1edfbf57bdab.js

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

61615468365911d6594b324b9c2d02e665d7ddbd628d72d1abe07c6df7781ff1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.nexi.de/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 13:54:46 GMT
Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
Last-Modified: Fri, 02 Aug 2024 15:08:01 GMT
ETag: "105e-61eb4b17e85b2-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding,Origin
Content-Type: application/javascript
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=300, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1538

GET
H/1.1 200
OK 761-3e5daa85bb1333b352be.js Show response
www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/chunks/ 144 KB
41 KB 55ms
54ms Script
application/javascript 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/chunks/761-3e5daa85bb1333b352be.js

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

0ebc2fa89cced373c73819be658755b0c1410b3893e7e68239acbe4b2cc25ffc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.nexi.de/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 13:54:46 GMT
Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
Last-Modified: Fri, 02 Aug 2024 15:10:15 GMT
ETag: "241ff-61eb4b9858fa7-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding,Origin
Content-Type: application/javascript
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=300, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40670

GET
H/1.1 200
OK MobileTerminal_A920.png
www.nexi.de/content/dam/nexide/img/nexi-de-test/terminals/ 70 KB
71 KB 44ms
43ms Image
image/png 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nexi.de/content/dam/nexide/img/nexi-de-test/terminals/MobileTerminal_A920.png

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

55d421c2be2e53f5559feaaf7aa83cf3978b352ab3e987c5e0d58dd954ed4a19

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.nexi.de/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 13:54:46 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Fri, 02 Aug 2024 15:10:16 GMT
ETag: "118f9-61eb4b99239e6"
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: image/png
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=300, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 71929

GET
H/1.1 200
OK MobileTerminal_A77.png
www.nexi.de/content/dam/nexide/img/nexi-de-test/terminals/ 87 KB
88 KB 68ms
68ms Image
image/png 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nexi.de/content/dam/nexide/img/nexi-de-test/terminals/MobileTerminal_A77.png

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

587bcea34aba9f3ebf5af996e04c4fa567a4fbf5fd7ec2cffbea8e9dd7ed15fb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.nexi.de/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 13:54:46 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Fri, 02 Aug 2024 15:10:27 GMT
ETag: "15c9a-61eb4ba375113"
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: image/png
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=300, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89242

GET
H/1.1 200
OK Online-Zahlungen.png
www.nexi.de/content/dam/nexide/img/nexi-de-test/situationen/ 108 KB
109 KB 42ms
42ms Image
image/png 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nexi.de/content/dam/nexide/img/nexi-de-test/situationen/Online-Zahlungen.png

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

1b9cad2c18a34a662717cce755f47da91bf81ef7b450dbe788024c7ab9db677b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.nexi.de/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 13:54:46 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Fri, 02 Aug 2024 15:22:36 GMT
ETag: "1b103-61eb4e5aab451"
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: image/png
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=300, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 110851

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 76ms
17ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ZC6C4GYW78&gtm=45je4880v9119449089z89105342857za200zb9105342857&_p=1723557285818&gcs=G100&gcd=13p3pPp2p5&npa=1&dma_cps=-&dma=1&tag_exp=0&gdid=dMTc4Zm&tt=external&cid=1304342166.1723557287&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_s=1&sid=1723557286&sct=1&seg=0&dl=https%3A%2F%2Fwww.nexi.de%2Fde&dt=Kartenzahlung%20annehmen%20-%20Bargeldloses%20Bezahlen%20ganz%20einfach.&en=slider&_fv=1&_nsi=1&_ss=1&ep.container_id=GTM-M7T2WFJ&ep.container_version=52&ep.connection_speed=4g&epn.is_internal_traffic=0&epn.device_pixel_ratio=1&ep.content_language=DE&ep.action=impression&ep.label=Kartenzahlungen%20annehmen&ep.click_url=https%3A%2F%2Fwww.nexi.de%2Fde%2Fbezahlloesungen-pos%2Fsmartpay&epn.position=1&tfd=1612
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZC6C4GYW78&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.nexi.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 13:54:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nexi.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK KarbonAppSemibold-1880360c464ca67c5be4.woff2
www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/nexinew/assets/ 39 KB
40 KB 62ms
62ms Font
font/woff2 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/nexinew/assets/KarbonAppSemibold-1880360c464ca67c5be4.woff2

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

83e9a25bc3d65aa88a683b34f650213f0c74e657b29436a37ef138c2ea689dda

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.min.css
Origin: https://www.nexi.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 13:54:46 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Fri, 02 Aug 2024 15:10:29 GMT
ETag: "9b3c-61eb4ba5b9e42"
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: font/woff2
Access-Control-Allow-Origin: https://www.nexi.de
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=300, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 39740

GET
H2

200

src=10302488;dc_pre=CJT4yp6P8ocDFS8bogMd5mEGUA;type=count0;cat=fl-co0;ord=1;num=3203742106756;npa=1;u1=https%3A%2F%2Fwww.nexi.de%2Fde;gdid=dMTc4Zm;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscd...
ade.googlesyndication.com/ddm/activity/
Redirect Chain

https://ade.googlesyndication.com/ddm/activity/src=10302488;type=count0;cat=fl-co0;ord=1;num=3203742106756;npa=1;u1=https%3A%2F%2Fwww.nexi.de%2Fde;gdid=dMTc4Zm;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uap...
https://ade.googlesyndication.com/ddm/activity/src=10302488;dc_pre=CJT4yp6P8ocDFS8bogMd5mEGUA;type=count0;cat=fl-co0;ord=1;num=3203742106756;npa=1;u1=https%3A%2F%2Fwww.nexi.de%2Fde;gdid=dMTc4Zm;uaa...

42 B
118 B

45ms
45ms

Image
image/gif

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/src=10302488;dc_pre=CJT4yp6P8ocDFS8bogMd5mEGUA;type=count0;cat=fl-co0;ord=1;num=3203742106756;npa=1;u1=https%3A%2F%2Fwww.nexi.de%2Fde;gdid=dMTc4Zm;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4880v9181784027z89105342857za201zb9105342857;gcs=G100;gcd=13p3pPp2p5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.nexi.de%2Fde?

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/de

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nexi.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 13:54:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Aug 2024 13:54:46 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://ade.googlesyndication.com/ddm/activity/src=10302488;dc_pre=CJT4yp6P8ocDFS8bogMd5mEGUA;type=count0;cat=fl-co0;ord=1;num=3203742106756;npa=1;u1=https%3A%2F%2Fwww.nexi.de%2Fde;gdid=dMTc4Zm;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4880v9181784027z89105342857za201zb9105342857;gcs=G100;gcd=13p3pPp2p5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.nexi.de%2Fde?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 de-app.json Show response
acsbapp.com/apps/app/dist/js/locale/ 4 KB
2 KB 153ms
146ms Fetch
application/json 2606:4700:10::6816:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/locale/de-app.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b06d837458d194658b3a4744b4b0a7a012a0b26d3473a99b7aab66d56e321944

Request headers

Referer: https://www.nexi.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 13:54:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
age: 0
x-guploader-uploadid: AHxI1nNVFtAVrVxFZ-V0oOwUZwz-LVacP7Wt1uN14SAFjLxPHKCkgbnVf9_7JDeRVVgPtKZHfNw
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
last-modified: Mon, 12 Aug 2024 09:16:30 GMT
server: cloudflare
etag: W/"4b20464e59c71221b5a003350aa73d2c"
x-goog-hash: crc32c=1wpTwA==, md5=SyBGTlnHEiG1oAM1Cqc9LA==
x-goog-generation: 1723454190524858
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cache-control: public, max-age=300, must-revalidate
x-goog-stored-content-length: 3682
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cf-ray: 8b2932f17e0b9ff4-AMS
expires: Wed, 13 Aug 2025 13:54:46 GMT

GET
H/1.1 200
OK favicon.png
www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/favicons/ 801 B
2 KB 58ms
58ms Other
image/png 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/favicons/favicon.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

e5c0e42bb6a3f3a244f8724587feb409c48a467a098e94c708bbb58117d41369

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.nexi.de/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 13:54:47 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Fri, 02 Aug 2024 15:11:09 GMT
ETag: "321-61eb4bcb4ad0a"
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: image/png
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=300, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 801

GET
H/1.1 200
OK favicon.ico
www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/favicons/ 34 KB
35 KB 58ms
58ms Other
image/vnd.microsoft.icon 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/favicons/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

ddcb12028caf567e0f9d6af1adc7e51df78b7c800f99eab2608c11ca47f9b77e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.nexi.de/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 13:54:47 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Fri, 02 Aug 2024 15:09:48 GMT
ETag: "86be-61eb4b7df643f"
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: image/vnd.microsoft.icon
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=300, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34494

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Nexi (Banking)

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.nexi.de/	1969-12-31 23:59:59	Name: TS0168694d Value: 01d37309fcb3b02361f485f062f9ceadae3807623724b72ddbbac4abaf9728bb31effa1e3e48434f36e2cb36dd8190b6c279edfee9
			.nexi.de/	1970-01-21 07:32:59	Name: didomi_token Value: eyJ1c2VyX2lkIjoiMTkxNGMwNTEtMWZlZi02NDJiLWExOTYtNTdhNmEzZDNjNDU1IiwiY3JlYXRlZCI6IjIwMjQtMDgtMTNUMTM6NTQ6NDYuMzk4WiIsInVwZGF0ZWQiOiIyMDI0LTA4LTEzVDEzOjU0OjQ2LjM5OFoiLCJ2ZXJzaW9uIjpudWxsfQ==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acsbapp.com
ade.googlesyndication.com
ajax.googleapis.com
cdn.acsbapp.com
lp.nexi.de
nexi.de
pagead2.googlesyndication.com
region1.google-analytics.com
sdk.privacy-center.org
www.googletagmanager.com
www.nexi.de
142.250.185.66
185.198.117.126
185.198.118.126
2001:4860:4802:32::36
217.31.84.121
2600:9000:20ab:8e00:5:b7cc:d3c0:93a1
2606:4700:10::6816:1cc
2606:4700:10::6816:cc
2a00:1450:4001:801::2008
2a00:1450:4001:802::2002
2a00:1450:4001:80b::200a
04b49de58e76a8c7a7a2a95bb8b9b0a01424b8564b1b9f0ac9b6da368b1fb3b2
0ebc2fa89cced373c73819be658755b0c1410b3893e7e68239acbe4b2cc25ffc
0f7744b49b428848b90c08edacdf376301b5a72360d27c4b996fc4bbba70dd74
16046c7f03e78e92c414b42e726f58647d623a4f2a49559a4d2ab0accf01f5e1
18b29aa2f0fd0bdce0fcb1dea1848b3981de1e4aced991d0381e4d8652db9cc7
1b9cad2c18a34a662717cce755f47da91bf81ef7b450dbe788024c7ab9db677b
2325344726abf7ba648bab24e57e841b6a5a526196efffc88c8d23001bfc4e1d
25c923834c7f07f53822d7f504ce9414e45992821dc7f4129cc88056fa89bd5b
2bef6e7b4bd23a7009ddf29a2896bbdc7e25a365b501b2c34b5fd42917e12337
3171f054ae6f43169b9fdda142391bbb11f458b7f70163ab755feeb83a17aa1d
3f15939181132a8ea3a1798da2a751abff0c0ffd3efae80b7229a921edc4f90b
4c399d83f036f296ac9cdc6cbb47af8f77b8892218b7c0ae7c26b292f4eddd08
525ffea0234afc7e31ca14912e889ef7d13a4c2b741db7e737a1244bbd9c0b73
53192495ec43c0d10022eb2fecefd9bd2967f56dab0fd98d3a3d5831422f7323
55d421c2be2e53f5559feaaf7aa83cf3978b352ab3e987c5e0d58dd954ed4a19
5844d1d230a83ddc71f9c5e1d3c7df0b2ce47a3390a72b5d4afccbc2748d321c
587bcea34aba9f3ebf5af996e04c4fa567a4fbf5fd7ec2cffbea8e9dd7ed15fb
5f17adb3a04dcf761b25925579a507c2dbb0f0e2c3296c6c465d80a2185ec11b
5f6e1d74b06220dd5545c2caaa6bfce51f998d643d51bfd34e293d3021611ef2
61615468365911d6594b324b9c2d02e665d7ddbd628d72d1abe07c6df7781ff1
6666577401f7a98f0168a4b1aca1e1ba3e442869b21d8466f14082cb8a4ba117
68844220938760928ab8c74d8f7dc64d398167ad47455bb0be5895b56beae3ff
7025d7d1ae9b8f37c4ebccc6625fe4ba18aa98638beb29d4d7c47452b610ce19
83e9a25bc3d65aa88a683b34f650213f0c74e657b29436a37ef138c2ea689dda
847e759833689557ade050140a92c620fcc008c5ea405470633eea089da19eaa
87526f6a2177902e89ac67e69e6152671d38625024ae399ce3ba149599614bb9
8d0dd0408b1557b3c09bd9778b8828f501876eb742a116924be99357e39eb9d7
9a7001f5af99b5bceeb069bdf07be3268e00737495f65b6f834b30698036527f
b06d837458d194658b3a4744b4b0a7a012a0b26d3473a99b7aab66d56e321944
d6efcc07574e8fb480979c1ba833497a20dd593b146ffe36d3af0e01b591c91a
d854280dae62685174cc5e77771cb2edda898a42fe4f15a0b205881d01c67c4f
dbc19c319db65c1a8c3556c7f115338d3e40794e8bd06928ddaefe45f80f86e3
ddcb12028caf567e0f9d6af1adc7e51df78b7c800f99eab2608c11ca47f9b77e
e5c0e42bb6a3f3a244f8724587feb409c48a467a098e94c708bbb58117d41369
eba9cb66701de4b335f4b2a1b7a9dd2eff9fedbc8b46d39635b21103ae1aa003
ee493db8f1bdaedc48fd9bb5b4d52cccb023d296f0ad9956227d1e51e926e26f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0208b5ec10ee5ae4b97615ac8ee6d69d0fdc04616df544194731bce4db3dbb6
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fae29a3c08610fe12eac11fa36c2fa5601f53f718e004b035712cb632d7e2801

www.nexi.de Open in urlscan Pro 185.198.117.126 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

40 Requests

98 %HTTPS

64 %IPv6

7 Domains

11 Subdomains

10 IPs

3 Countries

2363 kBTransfer

5275 kBSize

2 Cookies

11 Outgoing links

Page URL History

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nexi.de Open in urlscan Pro
185.198.117.126 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

98 %
HTTPS

64 %
IPv6

7
Domains

11
Subdomains

10
IPs

3
Countries

2363 kB
Transfer

5275 kB
Size

2
Cookies

40 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!