urlscan.io logo urlscan.io
SecurityTrails logo

www.nexi.it Open in urlscan Pro
185.198.118.126  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.message.nexi.it/?qs=30b61c5744797b1c783a31246840b7aa7a86e7eb3cec3ab5929852df7d504d27bace6dea6894e97dc5a8e19f0a5f...
Effective URL: https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4...
Submission Tags: phishing malicious Search All
Submission: On December 05 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 7 countries across 15 domains to perform 57 HTTP transactions. The main IP is 185.198.118.126, located in Italy and belongs to NEXI-AS, IT. The main domain is www.nexi.it.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on June 23rd 2021. Valid for: a year.
This is the only time www.nexi.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 161.71.96.178 14340 (SALESFORCE)
31 185.198.118.126 35051 (NEXI-AS)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 34.252.195.31 16509 (AMAZON-02)
1 63.32.69.142 16509 (AMAZON-02)
1 1 54.194.191.134 16509 (AMAZON-02)
1 34.249.52.209 16509 (AMAZON-02)
1 34.250.204.30 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.66.97.49 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.222.236.74 16509 (AMAZON-02)
5 54.165.220.208 14618 (AMAZON-AES)
1 18.66.139.28 16509 (AMAZON-02)
1 13.36.218.177 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.75.159.38 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
57 19
1    161.71.96.178 (London, United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: click.message.nexi.it
click.message.nexi.it
31    185.198.118.126 (Italy)

ASN35051 (NEXI-AS, IT)
www.nexi.it
2    2a02:26f0:6c00:28a::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    34.252.195.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-195-31.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    63.32.69.142 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-69-142.eu-west-1.compute.amazonaws.com
nexipayments.demdex.net
1    54.194.191.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-191-134.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    34.249.52.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-52-209.eu-west-1.compute.amazonaws.com
nexipayments.tt.omtrdc.net
1    34.250.204.30 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-204-30.eu-west-1.compute.amazonaws.com
apps.mypurecloud.ie
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
static.hotjar.com
1    2606:4700::6810:7c60 (United States)

ASN13335 (CLOUDFLARENET, US)
www.cloudflare.com
1    52.222.236.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-74.fra56.r.cloudfront.net
script.hotjar.com
5    54.165.220.208 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-220-208.compute-1.amazonaws.com
apps.mypurecloud.com
1    18.66.139.28 (United States)

ASN16509 (AMAZON-02, US)
vars.hotjar.com
1    13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
nexipayments.sc.omtrdc.net
1    2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    54.75.159.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-159-38.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.it
Domain Requested by
31 www.nexi.it www.nexi.it
apps.mypurecloud.ie
apps.mypurecloud.com
5 apps.mypurecloud.com apps.mypurecloud.ie
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 dpm.demdex.net assets.adobedtm.com
www.nexi.it
2 www.google.com www.nexi.it
2 assets.adobedtm.com www.nexi.it
assets.adobedtm.com
1 www.google.it www.nexi.it
1 in.hotjar.com script.hotjar.com
1 stats.g.doubleclick.net www.google-analytics.com
1 nexipayments.sc.omtrdc.net www.nexi.it
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 www.cloudflare.com www.nexi.it
1 static.hotjar.com www.googletagmanager.com
1 www.gstatic.com www.google.com
1 apps.mypurecloud.ie www.nexi.it
1 nexipayments.tt.omtrdc.net assets.adobedtm.com
1 cm.everesttech.net 1 redirects
1 nexipayments.demdex.net assets.adobedtm.com
1 www.googletagmanager.com www.nexi.it
1 click.message.nexi.it 1 redirects
57 21
Subject Issuer Validity Valid
www.nexi.it
GlobalSign RSA OV SSL CA 2018		 2021-06-23 -
2022-07-25		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-10 -
2022-09-10		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.tt.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-11 -
2022-10-12		 a year crt.sh
mypurecloud.ie
Amazon		 2021-10-21 -
2022-11-18		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
www.cloudflare.com
Cloudflare Inc ECC CA-3		 2021-09-18 -
2022-09-17		 a year crt.sh
mypurecloud.com
Amazon		 2021-10-21 -
2022-11-18		 a year crt.sh
*.sc.omtrdc.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-10-05 -
2022-03-04		 5 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.it
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
Frame ID: 9AD19E63FB96FEA7D7BB45F3318F4576
Requests: 55 HTTP requests in this frame

Frame: https://nexipayments.demdex.net/dest5.html?d_nsid=0
Frame ID: C0791CF50ACEE633B22422A44835C42B
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Frame ID: 5186E71749C15011C610609C82BC7ED3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Servizi informativi e di sicurezza per titolari di carte di credito | Nexi

Page URL History Show full URLs

  1. https://click.message.nexi.it/?qs=30b61c5744797b1c783a31246840b7aa7a86e7eb3cec3ab5929852df7d504d27bace6dea... HTTP 302
    https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=1839... Page URL

Page Statistics

57
Requests

98 %
HTTPS

38 %
IPv6

15
Domains

21
Subdomains

19
IPs

7
Countries

1685 kB
Transfer

4412 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.message.nexi.it/?qs=30b61c5744797b1c783a31246840b7aa7a86e7eb3cec3ab5929852df7d504d27bace6dea6894e97dc5a8e19f0a5f9a2e2e93b26b6eecb496b7ff9e5a770fc083 HTTP 302
    https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://cm.everesttech.net/cm/dd?d_uuid=54028521376906148280000231953962672668 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YayE1wAAAGeKAgQz

57 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sicurezza.html
www.nexi.it/privati/servizi/
Redirect Chain
  • https://click.message.nexi.it/?qs=30b61c5744797b1c783a31246840b7aa7a86e7eb3cec3ab5929852df7d504d27bace6dea6894e97dc5a8e19f0a5f9a2e2e93b26b6eecb496b7ff9e5a770fc083
  • https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a8...
128 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
c6bcefcac3a3e1f7c5669b4dc0751d5301cdf6c04c651074e54b08a9306b57be

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
it-IT,it;q=0.9

Response headers

Date
Sun, 05 Dec 2021 09:22:30 GMT
Last-Modified
Fri, 03 Dec 2021 11:59:04 GMT
ETag
"200ee-5d23ca232835d-gzip"
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Access-Control-Allow-Methods
GET, HEAD
Keep-Alive
timeout=5, max=95
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Transfer-Encoding
chunked

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing#phishing
Date
Sun, 05 Dec 2021 09:22:30 GMT
Connection
close
Content-Length
422
launch-a40afd213c32.min.js
assets.adobedtm.com/9dd8bdfc74c3/cd37bd923e2c/ 		228 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/9dd8bdfc74c3/cd37bd923e2c/launch-a40afd213c32.min.js
Requested by
Host: www.nexi.it
URL: https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c96d6c44d50646e4096806c2f0ba110954d52f55150d7b34d0d7ba6872486266

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 09:22:30 GMT
content-encoding
gzip
last-modified
Wed, 17 Nov 2021 16:15:25 GMT
server
AkamaiNetStorage
etag
"d068da0182385583de2372f508b671d3:1637165725.169441"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.nexi.it
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
74048
expires
Sun, 05 Dec 2021 10:22:30 GMT
style.css
www.nexi.it/etc/designs/nexi/clientlib-node/ 		537 KB
100 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nexi.it/etc/designs/nexi/clientlib-node/style.css
Requested by
Host: www.nexi.it
URL: https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
0a6860b639d3f65209ac59599c26f7027aef515187c186b306a2e07c2c32e338

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 05 Dec 2021 09:22:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Dec 2021 18:08:45 GMT
ETag
"8647c-5d219909f3691-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
text/css
Keep-Alive
timeout=5, max=94
widgets.css
www.nexi.it/etc/designs/nexi/styles/ 		153 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nexi.it/etc/designs/nexi/styles/widgets.css
Requested by
Host: www.nexi.it
URL: https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
d174a8eddf55d6543e19f6bbc7ed997682871695506bfee71e6a8e10d134d80a

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 05 Dec 2021 09:22:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Dec 2021 18:08:57 GMT
ETag
"2641a-5d21991574b91-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
text/css
Keep-Alive
timeout=5, max=93
jquery-3.5.1.min.js
www.nexi.it/etc/designs/icbpi-common/libs/ 		87 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nexi.it/etc/designs/icbpi-common/libs/jquery-3.5.1.min.js
Requested by
Host: www.nexi.it
URL: https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 05 Dec 2021 09:22:30 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Nov 2020 10:42:38 GMT
ETag
"15d83-5b31d67b35ce7-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Keep-Alive
timeout=5, max=100
logo--dark-double.svg
www.nexi.it/content/dam/nexi/img/logo/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nexi.it/content/dam/nexi/img/logo/logo--dark-double.svg
Requested by
Host: www.nexi.it
URL: https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
64e35e6e3e1969550eda7af80ded7e8e7ffdc15dd6a2bfdc4ed9bf1cb82cc762

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 05 Dec 2021 09:22:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Dec 2021 18:08:48 GMT
ETag
"5c8-5d21990c41029-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
image/svg+xml
Keep-Alive
timeout=5, max=91
Content-Length
795
logo--light-double.svg
www.nexi.it/content/dam/nexi/img/logo/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nexi.it/content/dam/nexi/img/logo/logo--light-double.svg
Requested by
Host: www.nexi.it
URL: https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
c37a1253313f01ecf7b8d5ac83025a8059d161d955ecbe5254c99d4edf6989fc

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 05 Dec 2021 09:22:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Dec 2021 18:08:54 GMT
ETag
"5c4-5d21991217651-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
image/svg+xml
Keep-Alive
timeout=5, max=90
Content-Length
795
logo--dark.svg
www.nexi.it/content/dam/nexi/img/logo/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nexi.it/content/dam/nexi/img/logo/logo--dark.svg
Requested by
Host: www.nexi.it
URL: https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
790272db4f81bd54720506a836a513fb2ef6520b5227ce392be7c1dac52f4621

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 05 Dec 2021 09:22:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Dec 2021 18:08:50 GMT
ETag
"938-5d21990e04ea1-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
image/svg+xml
Keep-Alive
timeout=5, max=89
Content-Length
1066
logo--light.svg
www.nexi.it/content/dam/nexi/img/logo/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nexi.it/content/dam/nexi/img/logo/logo--light.svg
Requested by
Host: www.nexi.it
URL: https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
04410889c5251ebffe51063822311d828830abd030f73b6cdb5777e5b3238cb3

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 05 Dec 2021 09:22:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Dec 2021 18:08:44 GMT
ETag
"94f-5d219908ddec7-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
image/svg+xml
Keep-Alive
timeout=5, max=99
Content-Length
1070
linea-grey.png
www.nexi.it/content/dam/nexi/img/helpful/ 		132 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nexi.it/content/dam/nexi/img/helpful/linea-grey.png
Requested by
Host: www.nexi.it
URL: https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
64bd630638e6a2b9c5b24794fa59e50a6c3cfa58b45b1faae97f03aae3cf4612

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 05 Dec 2021 09:22:30 GMT
Last-Modified
Wed, 01 Dec 2021 18:08:50 GMT
ETag
"84-5d21990e17862"
Access-Control-Allow-Methods
GET, HEAD
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
image/png
Keep-Alive
timeout=5, max=98
Content-Length
132
c_0132_show.png
www.nexi.it/content/dam/nexi/img/icone/80x80/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nexi.it/content/dam/nexi/img/icone/80x80/c_0132_show.png
Requested by
Host: www.nexi.it
URL: https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
8f31662ee0ad05c232bc167e932a9b4797eb205e952353cab6341028154f6659

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 05 Dec 2021 09:22:30 GMT
Last-Modified
Wed, 01 Dec 2021 18:32:25 GMT
ETag
"1533-5d219e54138f8"
Access-Control-Allow-Methods
GET, HEAD
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
image/png
Keep-Alive
timeout=5, max=99
Content-Length
5427
c_0237_secure.png
www.nexi.it/content/dam/nexi/img/icone/80x80/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nexi.it/content/dam/nexi/img/icone/80x80/c_0237_secure.png
Requested by
Host: www.nexi.it
URL: https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
251361a98419c844891c6feb5d99f2a3bb8a29f5ac8de705c1ecfa4761355445

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 05 Dec 2021 09:22:30 GMT
Last-Modified
Wed, 01 Dec 2021 18:09:21 GMT
ETag
"14a8-5d21992b78b57"
Access-Control-Allow-Methods
GET, HEAD
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
image/png
Keep-Alive
timeout=5, max=85
Content-Length
5288
c_0009_credit.png
www.nexi.it/content/dam/nexi/img/icone/80x80/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nexi.it/content/dam/nexi/img/icone/80x80/c_0009_credit.png
Requested by
Host: www.nexi.it
URL: https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
beb93387f288c057e130e0301d59824aa12d6a79d07d970dce938b40cacdae5f

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 05 Dec 2021 09:22:30 GMT
Last-Modified
Wed, 01 Dec 2021 18:09:48 GMT
ETag
"13d5-5d2199452fc56"
Access-Control-Allow-Methods
GET, HEAD
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
image/png
Keep-Alive
timeout=5, max=97
Content-Length
5077
gtm.js
www.googletagmanager.com/ 		217 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MVCHKSD
Requested by
Host: www.nexi.it
URL: https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f66d61bcba2b49bd0e05c63c536b8ab85b808800ccfc682f0d886b9ed86c8996
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 09:22:30 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73548
x-xss-protection
0
last-modified
Sun, 05 Dec 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 05 Dec 2021 09:22:30 GMT
pixel.gif
www.nexi.it/content/dam/nexi/img/helpful/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nexi.it/content/dam/nexi/img/helpful/pixel.gif
Requested by
Host: www.nexi.it
URL: https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
3964a9a49a0aee59c77f05bfe9b36b058168e19c620bc91bd397f34e4d4fa378

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 05 Dec 2021 09:22:30 GMT
Last-Modified
Wed, 01 Dec 2021 18:09:33 GMT
ETag
"44d-5d2199372da2b"
Access-Control-Allow-Methods
GET, HEAD
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
image/gif
Keep-Alive
timeout=5, max=98
Content-Length
1101
c_1046_fishing.png
www.nexi.it/content/dam/nexi/img/icone/80x80/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nexi.it/content/dam/nexi/img/icone/80x80/c_1046_fishing.png
Requested by
Host: www.nexi.it
URL: https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
9d5561168bc5217052472bfbc6399e2e47b91d83881579cb46fbf6ed719b8088

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 05 Dec 2021 09:22:30 GMT
Last-Modified
Wed, 01 Dec 2021 18:19:33 GMT
ETag
"16aa-5d219b73ef034"
Access-Control-Allow-Methods
GET, HEAD
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
image/png
Keep-Alive
timeout=5, max=84
Content-Length
5802
0289_helpline_85pt.svg
www.nexi.it/etc/designs/nexi/images/ 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nexi.it/etc/designs/nexi/images/0289_helpline_85pt.svg
Requested by
Host: www.nexi.it
URL: https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
ec38a7e65969ef0b1b4e200c9da6432906fd95aca5813ad64b71c0ade5c97eea

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 05 Dec 2021 09:22:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Dec 2021 18:08:58 GMT
ETag
"253a-5d219915d5a58-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
image/svg+xml
Keep-Alive
timeout=5, max=86
Content-Length
2729
api.js
www.google.com/recaptcha/ 		850 B
966 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.nexi.it
URL: https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bbc5d54b9924e9aab4c878ab2396b91093be26f8d2b3baf5b978439ceb859fe1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 09:22:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
553
x-xss-protection
1; mode=block
expires
Sun, 05 Dec 2021 09:22:30 GMT
bundle.js
www.nexi.it/etc/designs/nexi/clientlib-node/ 		1 MB
373 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nexi.it/etc/designs/nexi/clientlib-node/bundle.js
Requested by
Host: www.nexi.it
URL: https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
37e18042907560da2dc851e4958ccf7d6d52ff930cadc7607956110fd796fe5c

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 05 Dec 2021 09:22:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Dec 2021 18:08:43 GMT
ETag
"10a14d-5d219908161d9-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Keep-Alive
timeout=5, max=99
content.ckscript.js
www.nexi.it/cookieservice/nexi-it/ 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nexi.it/cookieservice/nexi-it/content.ckscript.js
Requested by
Host: www.nexi.it
URL: https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
78546b7f2e21f9a1f3764722cb9879f86ebddf932d89a3445d74e6f6edd8690c

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 05 Dec 2021 09:22:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Dec 2021 18:08:45 GMT
ETag
"1185a-5d219909679e7-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Keep-Alive
timeout=5, max=97
id
dpm.demdex.net/ 		371 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=6A724E255ED5F2A60A495E0E%40AdobeOrg&d_nsid=0&ts=1638696150946
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9dd8bdfc74c3/cd37bd923e2c/launch-a40afd213c32.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.195.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-195-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
96d183b5add7ddf4ce9e2bc7e3964c602a50243c7aec67b4861099145259ee9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.nexi.it/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v020-0b509e3c1.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
su5Iv1MUTLw=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.nexi.it
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
313
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9dd8bdfc74c3/cd37bd923e2c/launch-a40afd213c32.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
92c5b25edbc4647c55be848b92ea22fd4618cc3252a2364025262e18a7430f84

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 09:22:30 GMT
content-encoding
gzip
last-modified
Wed, 18 Aug 2021 21:04:01 GMT
server
AkamaiNetStorage
etag
"4635bffccc756e9a52eae8011adb9137:1629320641.842128"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.nexi.it
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12188
expires
Sun, 05 Dec 2021 10:22:30 GMT
style.css
www.nexi.it/cookieservice/nexi-it/ 		17 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nexi.it/cookieservice/nexi-it/style.css
Requested by
Host: www.nexi.it
URL: https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
8a328eaf97de4600f72891d5658426d62b7afff1cc12667968e8db621a38322c

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 05 Dec 2021 09:22:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Dec 2021 18:08:40 GMT
ETag
"42dc-5d219904ee8da-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
text/css
Keep-Alive
timeout=5, max=96
Content-Length
5281
hero_sicurezza_priv_tab.jpg
www.nexi.it/content/dam/nexi/img/privati/sicurezza/ 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nexi.it/content/dam/nexi/img/privati/sicurezza/hero_sicurezza_priv_tab.jpg
Requested by
Host: www.nexi.it
URL: https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
1ad072044ca60b518b7d0ef3f5322d45ba4457b1db8a02c6768c9708e451a503

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 05 Dec 2021 09:22:30 GMT
Last-Modified
Wed, 01 Dec 2021 18:19:34 GMT
ETag
"13993-5d219b740f7bc"
Access-Control-Allow-Methods
GET, HEAD
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=5, max=96
Content-Length
80275
karbon-medium-webfont.woff
www.nexi.it/etc/designs/nexi/clientlib-node/fonts/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nexi.it/etc/designs/nexi/clientlib-node/fonts/karbon-medium-webfont.woff
Requested by
Host: www.nexi.it
URL: https://www.nexi.it/etc/designs/nexi/clientlib-node/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
4061275193aa1a5245941f7768b307219fc0f86f44dc1cf4d293168b93a72259

Request headers

Referer
https://www.nexi.it/etc/designs/nexi/clientlib-node/style.css
Origin
https://www.nexi.it
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 05 Dec 2021 09:22:30 GMT
Last-Modified
Wed, 01 Dec 2021 18:08:44 GMT
ETag
"617c-5d219908b3579"
Access-Control-Allow-Methods
GET, HEAD
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/font-woff
Keep-Alive
timeout=5, max=88
Content-Length
24956
karbon-regular-webfont.woff
www.nexi.it/etc/designs/nexi/clientlib-node/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nexi.it/etc/designs/nexi/clientlib-node/fonts/karbon-regular-webfont.woff
Requested by
Host: www.nexi.it
URL: https://www.nexi.it/etc/designs/nexi/clientlib-node/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
ade827343407a2a81168acb91cabc1ed7d83de7010966dd1b7f06f4e0344b9e6

Request headers

Referer
https://www.nexi.it/etc/designs/nexi/clientlib-node/style.css
Origin
https://www.nexi.it
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 05 Dec 2021 09:22:30 GMT
Last-Modified
Wed, 01 Dec 2021 18:08:45 GMT
ETag
"5ef4-5d2199097dfa9"
Access-Control-Allow-Methods
GET, HEAD
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/font-woff
Keep-Alive
timeout=5, max=98
Content-Length
24308
karbon-semibold-webfont.woff
www.nexi.it/etc/designs/nexi/clientlib-node/fonts/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nexi.it/etc/designs/nexi/clientlib-node/fonts/karbon-semibold-webfont.woff
Requested by
Host: www.nexi.it
URL: https://www.nexi.it/etc/designs/nexi/clientlib-node/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
0696904b24ea3bdaf9ee857ded71391ccd44d40b84334571a5c5e71f93b4a0c6

Request headers

Referer
https://www.nexi.it/etc/designs/nexi/clientlib-node/style.css
Origin
https://www.nexi.it
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 05 Dec 2021 09:22:30 GMT
Last-Modified
Wed, 01 Dec 2021 18:08:35 GMT
ETag
"61c8-5d2198ffb13eb"
Access-Control-Allow-Methods
GET, HEAD
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/font-woff
Keep-Alive
timeout=5, max=100
Content-Length
25032
fontawesome-webfont.woff2
www.nexi.it/etc/designs/nexi/clientlib-node/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nexi.it/etc/designs/nexi/clientlib-node/fonts/fontawesome-webfont.woff2
Requested by
Host: www.nexi.it
URL: https://www.nexi.it/etc/designs/nexi/clientlib-node/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://www.nexi.it/etc/designs/nexi/clientlib-node/style.css
Origin
https://www.nexi.it
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 05 Dec 2021 09:22:30 GMT
Last-Modified
Wed, 01 Dec 2021 18:08:45 GMT
ETag
"12d68-5d2199097f719"
Access-Control-Allow-Methods
GET, HEAD
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=87
Content-Length
77160
nexi.woff
www.nexi.it/etc/designs/nexi/clientlib-node/fonts/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nexi.it/etc/designs/nexi/clientlib-node/fonts/nexi.woff
Requested by
Host: www.nexi.it
URL: https://www.nexi.it/etc/designs/nexi/clientlib-node/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
d1700915fc4144972b88e8a2d733e1bd5cfbc8ab94f91750878fa096e3d00903

Request headers

Referer
https://www.nexi.it/etc/designs/nexi/clientlib-node/style.css
Origin
https://www.nexi.it
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 05 Dec 2021 09:22:30 GMT
Last-Modified
Wed, 01 Dec 2021 18:08:45 GMT
ETag
"11954-5d2199092c6f9"
Access-Control-Allow-Methods
GET, HEAD
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/font-woff
Keep-Alive
timeout=5, max=97
Content-Length
72020
it.footer.json
www.nexi.it/content/nexi/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nexi.it/content/nexi/it.footer.json
Requested by
Host: www.nexi.it
URL: https://www.nexi.it/etc/designs/nexi/clientlib-node/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
f81ab3f56a7c5008085220f155f09ff48fcbc5d859f7d6a7561457be1c72bf1e

Request headers

Accept
*/*
Referer
https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
X-Requested-With
XMLHttpRequest
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 05 Dec 2021 09:22:30 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Dec 2021 14:56:54 GMT
ETag
"cff-5d23f1e2e0fd3-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/json
Keep-Alive
timeout=5, max=95
Content-Length
1052
it.assist.json
www.nexi.it/content/nexi/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nexi.it/content/nexi/it.assist.json
Requested by
Host: www.nexi.it
URL: https://www.nexi.it/etc/designs/nexi/clientlib-node/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
b63748ae71499a79986c35bac6fc7bbdc1d7bce952581785927d0058837549cf

Request headers

Accept
*/*
Referer
https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
X-Requested-With
XMLHttpRequest
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 05 Dec 2021 09:22:30 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Dec 2021 14:56:56 GMT
ETag
"a27-5d23f1e486807-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/json
Keep-Alive
timeout=5, max=100
Content-Length
767
dest5.html
nexipayments.demdex.net/ Frame C079 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nexipayments.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9dd8bdfc74c3/cd37bd923e2c/launch-a40afd213c32.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.69.142 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-69-142.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Sun, 5 Dec 2021 09:22:31 GMT
DCS
dcs-prod-irl1-2-v020-0eba5c95e.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Fri, 26 Nov 2021 14:23:28 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
14bw5KmsTO4=
transfer-encoding
chunked
Connection
keep-alive
ibs:dpid=411&dpuuid=YayE1wAAAGeKAgQz
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=54028521376906148280000231953962672668
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YayE1wAAAGeKAgQz
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YayE1wAAAGeKAgQz
Requested by
Host: www.nexi.it
URL: https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
Protocol
HTTP/1.1
Server
34.252.195.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-195-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v020-0eb3097bc.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
lmSxmnmeQwg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YayE1wAAAGeKAgQz
Date
Sun, 05 Dec 2021 09:22:31 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
delivery
nexipayments.tt.omtrdc.net/rest/v1/ 		285 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nexipayments.tt.omtrdc.net/rest/v1/delivery?client=nexipayments&sessionId=d17e959ab05d4620aa5902c3d4aa35fa&version=2.6.1
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9dd8bdfc74c3/cd37bd923e2c/launch-a40afd213c32.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.52.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-52-209.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a350e78fd9b313bc32acecaad9f517a4b691dde15c55bb4b116a64f577ec127e

Request headers

Referer
https://www.nexi.it/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nexi.it
date
Sun, 05 Dec 2021 09:22:31 GMT
content-encoding
gzip
access-control-allow-credentials
true
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-request-id
c23536cd4d66249e684fd1b042615d32
content-type
application/json;charset=UTF-8
cxbus.min.js
apps.mypurecloud.ie/widgets/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.mypurecloud.ie/widgets/cxbus.min.js
Requested by
Host: www.nexi.it
URL: https://www.nexi.it/etc/designs/nexi/clientlib-node/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.204.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-204-30.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3dad359622e49b9eb4ee7e71d2d7bedfbcc2684f15b11caa1698e4ba1a7fb4a3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 09:22:31 GMT
content-encoding
gzip
last-modified
Wed, 24 Nov 2021 13:11:09 GMT
server
nginx
x-amz-request-id
QZM26DYTND7JXRHG
etag
"8ec62b8bd440599b6643a8fa341e97e7"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
text/javascript
cache-control
max-age=0, no-cache
content-length
6934
x-amz-version-id
TvOhTh2WNhC4y3CLDikqkkG7jrlZQp95
x-amz-id-2
4SBIi95ob6YN7WA0aPQxLsk1twe/hfesqOul8KXxOaufnZgdp8XyB8L6QoAWg4MehBlOAPKvr2E=
it.navs.json
www.nexi.it/content/nexi/ 		76 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nexi.it/content/nexi/it.navs.json?_=1638696151076
Requested by
Host: www.nexi.it
URL: https://www.nexi.it/etc/designs/nexi/clientlib-node/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
24ca00b3b49493db7789f48419bff878ddfa28d637ab5e4019c43ed3c56a712b

Request headers

Accept
*/*
Referer
https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
X-Requested-With
XMLHttpRequest
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 05 Dec 2021 09:22:31 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Dec 2021 14:56:57 GMT
ETag
"1315f-5d23f1e53aad7-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/json
Keep-Alive
timeout=5, max=99
Content-Length
16875
hero_sicurezza_priv_desk.jpg
www.nexi.it/content/dam/nexi/img/privati/sicurezza/ 		120 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nexi.it/content/dam/nexi/img/privati/sicurezza/hero_sicurezza_priv_desk.jpg
Requested by
Host: www.nexi.it
URL: https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
e5d78fb115587b91494b0f7be10689d5dbf1116ba149c0a07d371f5b1f387338

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 05 Dec 2021 09:22:31 GMT
Last-Modified
Wed, 01 Dec 2021 18:20:25 GMT
ETag
"1e124-5d219ba4ab241"
Access-Control-Allow-Methods
GET, HEAD
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=5, max=94
Content-Length
123172
recaptcha__it.js
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ 		345 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__it.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a9832e8fbf9271704a38054b70a3623cc10a16404d01d23133ea1708c470f28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nexi.it/
Origin
https://www.nexi.it
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 17:20:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
489708
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
138464
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 05:04:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Tue, 29 Nov 2022 17:20:43 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MVCHKSD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1284
date
Sun, 05 Dec 2021 09:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 05 Dec 2021 11:01:07 GMT
hotjar-653229.js
static.hotjar.com/c/ 		22 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-653229.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MVCHKSD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
57c0e7bb91f951c94377ffa60be316e17062e359a7890f2c09ed731f64225f7f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 09:21:53 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
38
etag
W/9bad8e0da2c51436effd8c965618f871
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
6GiUrPWBEc4Wz24prkD5eRm8Ta2nEk8h3iL0LtZuQCVa4Y1U7njumw==
via
1.1 985c0b2ec44bdebc7f24f26d1e427d31.cloudfront.net (CloudFront)
trace
www.cloudflare.com/cdn-cgi/ 		287 B
435 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cloudflare.com/cdn-cgi/trace?_=1638696151077
Requested by
Host: www.nexi.it
URL: https://www.nexi.it/etc/designs/nexi/clientlib-node/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7c60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96d8cc59ec821ca13b88e779284d2bc179133b4f95e8fd6bb04aa21f4cb78648
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Referer
https://www.nexi.it/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 09:22:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
cf-ray
6b8c35e07ce55a19-MXP
expires
Thu, 01 Jan 1970 00:00:01 GMT
retrieve-cookie-policy
www.nexi.it/api/services/nexi-utilities-service/prelogin/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nexi.it/api/services/nexi-utilities-service/prelogin/retrieve-cookie-policy
Requested by
Host: www.nexi.it
URL: https://www.nexi.it/etc/designs/nexi/clientlib-node/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
34e867f822ed56cf3e43a85e1fe9643e5af31de094772a37e13d6d93d3c14d5b

Request headers

pragma
no-cache
cache-control
no-cache
Accept-Language
it-IT,it;q=0.9
Locale
it
Env
PRODUCTION
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
cookie-origin
https://www.nexi.it
X-Requested-With
XMLHttpRequest
Application
pp
Referer
https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
Channel
web
Client-Version
web

Response headers

Date
Sun, 05 Dec 2021 09:22:30 GMT
Content-Encoding
gzip
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Access-Control-Allow-Origin
https://www.nexi.it
Access-Control-Allow-Credentials
true
Content-Type
application/json;charset=UTF-8
Content-Length
950
X-Application-Context
zuul-gateway:production:4000
chat.conf.js
www.nexi.it/etc/designs/nexi/styles/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nexi.it/etc/designs/nexi/styles/chat.conf.js
Requested by
Host: apps.mypurecloud.ie
URL: https://apps.mypurecloud.ie/widgets/cxbus.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
cccc8a31cb674d6ab7649ba7ac577b2807465200d4265382b9716e487d550c6a

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 05 Dec 2021 09:22:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Dec 2021 18:08:45 GMT
ETag
"1687-5d2199095b5da-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Keep-Alive
timeout=5, max=93
Content-Length
1965
modules.909c20fd8721306b1fa9.js
script.hotjar.com/ 		226 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.909c20fd8721306b1fa9.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-653229.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-74.fra56.r.cloudfront.net
Software
/
Resource Hash
1ac32752b35d7d19ab735f0e9aa200625f0cda0d3a59f5a067e51116c2a43707
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 15:53:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
235765
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
60677
access-control-allow-origin
*
last-modified
Thu, 02 Dec 2021 15:52:57 GMT
etag
"10fcc57bdff3ad7a3c23c5903b8e57c8"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
LkOqbh1RS_6JRP_9dMm3uzi0bIYhHdsYm-q0lVQSCruuO7KWGCkkNg==
collect
www.google-analytics.com/j/ 		2 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1983305069&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nexi.it%2Fprivati%2Fservizi%2Fsicurezza.html%3Futm_source%3Dcvm_iss%26utm_term%3D%26utm_content%3D183936%26utm_id%3Dd163139d-4245-471d-b1e2-9e13089c71bd%26sfmc_id%3D58264014%26sfmc_activityid%3De8307331-c3a6-4806-a859-abf9db24ab96%26utm_medium%3Ddem%26utm_campaign%3DCAMP10557_Paysmart_Phishing&dr=&ul=en-us&de=UTF-8&dt=Servizi%20informativi%20e%20di%20sicurezza%20per%20titolari%20di%20carte%20di%20credito%20%7C%20Nexi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=253665424&gjid=996149124&cid=2139462574.1638696151&tid=UA-3681719-1&_gid=1064406500.1638696151&_r=1&gtm=2wgc10MVCHKSD&cd36=not%20accepted&cd37=not%20accepted&cd48=0&cd59=1&cd63=0&cd67=GTM-MVCHKSD&cd68=navigate&cd69=new&cd70=0&cd71=1&cd72=1ec3bfdd-dced-4808-a340-12233a05d6a0&z=1074166542
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nexi.it/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Dec 2021 09:22:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.nexi.it
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
widgets-core.min.js
apps.mypurecloud.com/widgets/9.0.017.06/plugins/ 		374 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.mypurecloud.com/widgets/9.0.017.06/plugins/widgets-core.min.js
Requested by
Host: apps.mypurecloud.ie
URL: https://apps.mypurecloud.ie/widgets/cxbus.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.220.208 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-220-208.compute-1.amazonaws.com
Software
nginx /
Resource Hash
277d580f0cd80ebd1c02fd14e1112aee45d6c3f1deb38dbfd0e8bef970f56c2f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 09:22:31 GMT
content-encoding
gzip
last-modified
Thu, 20 Aug 2020 19:39:23 GMT
server
nginx
x-amz-request-id
DMSPPWQ5CDKRJ54T
etag
"c628f4a51576c80a45e13461dd41bb65"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
text/javascript
cache-control
max-age=0, no-cache
content-length
115520
x-amz-version-id
sNSaqInlZw24bK6kxbMy6zRCGNOYx6Jg
x-amz-id-2
mn/Ssm67h3KycllerAYwQ7SGNOIHlXTueiKzZoUPzlYILYF7G3exExgXRbIFtO1QAeyUGnixk6E=
box-a1ae2079824d1c48aa9ce06efb256f18.html
vars.hotjar.com/ Frame 5186 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-653229.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/

Response headers

content-type
text/html
content-length
1044
date
Thu, 02 Dec 2021 15:53:06 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
etag
"6215abf691a11c2f451680e635d30daa"
last-modified
Thu, 02 Dec 2021 15:52:57 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 b47ba5841a54cf2d19fc521c78e94515.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
4OLjYB83cD9h4TibCcQhtT8yNVOoDq0Nb67cWQTt-yCloAr6fMZ5cA==
age
235765
s16739566861946
nexipayments.sc.omtrdc.net/b/ss/nexipayments.production/1/JS-2.22.1-LBWB/ 		43 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nexipayments.sc.omtrdc.net/b/ss/nexipayments.production/1/JS-2.22.1-LBWB/s16739566861946?AQB=1&ndh=1&pf=1&t=5%2F11%2F2021%209%3A22%3A31%200%200&sdid=13A69C82A2D840F3-41959F5C30E4BEB4&mid=48405898188238035390709072137214979235&aamlh=6&ce=UTF-8&pageName=%2Fprivati%2Fservizi%2Fsicurezza.html&g=https%3A%2F%2Fwww.nexi.it%2Fprivati%2Fservizi%2Fsicurezza.html%3Futm_source%3Dcvm_iss%26utm_term%3D%26utm_content%3D183936%26utm_id%3Dd163139d-4245-471d-b1e2-9e13089c71bd%26sfmc_id%3D58264014%26sfmc_activityid%3De8307331-c3a6-4806-a859-abf9db24ab96%26utm_medium%3Ddem%26utm_campaign%3DCAMP10557_Pays&cc=EUR&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v4=%2Fprivati%2Fservizi%2Fsicurezza.html&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=mart_Phishing%23phishing&mcorgid=6A724E255ED5F2A60A495E0E%40AdobeOrg&AQE=1
Requested by
Host: www.nexi.it
URL: https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 09:22:31 GMT
x-content-type-options
nosniff
x-c
main-1542.If2e2aa.M0-523
p3p
CP="This is not a P3P policy"
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 06 Dec 2021 09:22:31 GMT
server
jag
xserver
anedge-6988cccb6f-bdbmq
etag
3519073188664377344-4619792532001620976
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Sat, 04 Dec 2021 09:22:31 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3681719-1&cid=2139462574.1638696151&jid=253665424&gjid=996149124&_gid=1064406500.1638696151&_u=YEBAAEAAAAAAAC~&z=286497099
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nexi.it/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 05 Dec 2021 09:22:31 GMT
content-type
text/plain
access-control-allow-origin
https://www.nexi.it
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
visit-data
in.hotjar.com/api/v2/client/sites/653229/ 		146 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/653229/visit-data?sv=7
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.909c20fd8721306b1fa9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.159.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-159-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
43c15c5e339cca85186d462b5951209ac3825b7677341e3d95f5e704b5057c87

Request headers

Referer
https://www.nexi.it/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Sun, 05 Dec 2021 09:22:31 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3681719-1&cid=2139462574.1638696151&jid=253665424&_u=YEBAAEAAAAAAAC~&z=2128580264
Requested by
Host: www.nexi.it
URL: https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Dec 2021 09:22:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.it/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.it/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3681719-1&cid=2139462574.1638696151&jid=253665424&_u=YEBAAEAAAAAAAC~&z=2128580264
Requested by
Host: www.nexi.it
URL: https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Dec 2021 09:22:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
widgets-it.i18n.json
www.nexi.it/etc/designs/nexi/styles/ 		21 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nexi.it/etc/designs/nexi/styles/widgets-it.i18n.json
Requested by
Host: apps.mypurecloud.com
URL: https://apps.mypurecloud.com/widgets/9.0.017.06/plugins/widgets-core.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
dbc7c58cfeaa2788d635f1604ed141bdcd24c08ad0180cb8c2f437010c30c7d5

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.nexi.it/privati/servizi/sicurezza.html?utm_source=cvm_iss&utm_term=&utm_content=183936&utm_id=d163139d-4245-471d-b1e2-9e13089c71bd&sfmc_id=58264014&sfmc_activityid=e8307331-c3a6-4806-a859-abf9db24ab96&utm_medium=dem&utm_campaign=CAMP10557_Paysmart_Phishing
X-Requested-With
XMLHttpRequest
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 05 Dec 2021 09:22:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Dec 2021 18:08:49 GMT
ETag
"54be-5d21990dc7e8e-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/json
Keep-Alive
timeout=5, max=90
Content-Length
7391
webchat.min.js
apps.mypurecloud.com/widgets/9.0.017.06/plugins/ 		120 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.mypurecloud.com/widgets/9.0.017.06/plugins/webchat.min.js
Requested by
Host: apps.mypurecloud.ie
URL: https://apps.mypurecloud.ie/widgets/cxbus.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.220.208 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-220-208.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7868fcedcf56c4b7b929da3bb3738c2476aaa349498103b7ac308c3724f2efb8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 09:22:32 GMT
content-encoding
gzip
last-modified
Thu, 20 Aug 2020 19:39:23 GMT
server
nginx
x-amz-request-id
KRQ7W67NVKD4ABZ9
etag
"48cbcd6f99f8f2301f9835cd67756e27"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
text/javascript
cache-control
max-age=0, no-cache
content-length
32958
x-amz-version-id
I8r9IWjlAwme6kGXcvwZtThDXcvWYQhV
x-amz-id-2
XY5jlPes9RgPyjSL5fqftlGNWxOLwfFNVKJUdIqU5981JSJWCAnjpa9B4SOUSg3M9HtZkHaFnK8=
richmediabridge.min.js
apps.mypurecloud.com/widgets/9.0.017.06/plugins/ 		77 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.mypurecloud.com/widgets/9.0.017.06/plugins/richmediabridge.min.js
Requested by
Host: apps.mypurecloud.ie
URL: https://apps.mypurecloud.ie/widgets/cxbus.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.220.208 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-220-208.compute-1.amazonaws.com
Software
nginx /
Resource Hash
9f0f857a31f056484b7a7a6486f84a2b8bc7fd551e825e968d2527f1bd28677c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 09:22:32 GMT
content-encoding
gzip
last-modified
Thu, 20 Aug 2020 19:39:23 GMT
server
nginx
x-amz-request-id
KRQF512G7AF3H0Q7
etag
"9b37619d557157ff17bf07ccbbdd37ee"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
text/javascript
cache-control
max-age=0, no-cache
content-length
22301
x-amz-version-id
IMIicDamFGxbMPKPpl8uycurEy7omy_h
x-amz-id-2
Y5+piPRqRCBKMQuhXm6igrd52eR3YjO1eT36c565ym51N1M/aD9O7Pi9MJZPiVcDc1OHXzOhKtU=
webchatservice.min.js
apps.mypurecloud.com/widgets/9.0.017.06/plugins/ 		649 B
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.mypurecloud.com/widgets/9.0.017.06/plugins/webchatservice.min.js
Requested by
Host: apps.mypurecloud.ie
URL: https://apps.mypurecloud.ie/widgets/cxbus.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.220.208 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-220-208.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f088650e838facc2134a418e8b0a1f1e4ec30a593ab24c56d91a7281ff7df1c4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 09:22:32 GMT
last-modified
Thu, 20 Aug 2020 19:39:23 GMT
server
nginx
x-amz-request-id
WJ2PA6CN0C3YX95N
etag
"4877fdb51b5ae81b286e1b6e2fde69ff"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
text/javascript
cache-control
max-age=0, no-cache
content-length
649
x-amz-version-id
jJfv2IEwbzrhl82XxQczlICOAZExJG96
x-amz-id-2
GQ3JLgMlH4ArgDbsRjTblMwdo+MJ1wRjlJZOrGemGpcLBc+OqazhcchyQ3Wwe5rerY+qlLQ8VRU=
webchatservicelegacy.mod.js
apps.mypurecloud.com/widgets/9.0.017.06/plugins/ 		63 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.mypurecloud.com/widgets/9.0.017.06/plugins/webchatservicelegacy.mod.js
Requested by
Host: apps.mypurecloud.ie
URL: https://apps.mypurecloud.ie/widgets/cxbus.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.220.208 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-220-208.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d05b19db324ae8ce48fdda064c33ba463f3bcdd20117552b4e9a019e89fdd63d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nexi.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 09:22:32 GMT
content-encoding
gzip
last-modified
Thu, 20 Aug 2020 19:39:23 GMT
server
nginx
x-amz-request-id
BCD8Y57590KF7CNC
etag
"0984a5d27e9f5a159c17e72ccbe996a0"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
text/javascript
cache-control
max-age=0, no-cache
content-length
19515
x-amz-version-id
Bb4kSLxGmNMKUSTFexpQJZT8immlY.DW
x-amz-id-2
cjLxuuMdJHZIkMv+CccBZx77H2XcFYuo8GVBMQfHoesVC4HtO33cvFVZM+rYkpTclBBXbdx2iS0=

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| dataLayer object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate function| $ function| jQuery boolean| wcmmode_disabled object| htmlBoxFunctionsArray object| resources function| enableFaqSelect function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s object| regeneratorRuntime function| Swiper object| sessionStores object| Modernizr object| picturefillCFG function| picturefill object| browser boolean| cancellable function| getNavs function| scrollToElement object| chatUtilities function| gRecaptchaCallBack function| gRecaptchaExpiredCallBack function| gRecaptchaSubmit object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings function| onYouTubeIframeAPIReady object| _cookieLawObj function| ownKeys function| _objectSpread function| _defineProperty function| _createForOfIteratorHelper function| _slicedToArray function| _nonIterableRest function| _unsupportedIterableToArray function| _arrayLikeToArray function| _iterableToArrayLimit function| _arrayWithHoles object| MOBILE_REGEX_ONE object| MOBILE_REGEX_TWO number| EXPIRATION_TIME string| INSTALLED_DOMAIN string| COOKIE_DOMAIN string| COOKIE_TITLE_1 string| COOKIE_TITLE_2 string| COOKIE_TITLE_3 object| COOKIE_LIST string| BANNER_TEMPLATE string| COOKIE_NAME string| API_REST_BE string| ENV string| APPLICATION string| COOKIE_POLICY_VERSION string| LANG string| COOKIE_LENGHT string| COOKIE_CONSENT string| COOKIE_ACCEPT string| COOKIE_DECLINE string| COOKIE_MONTH string| COOKIE_CONSENT_TYPE object| cookieLawObj function| loadjQuery function| inheritMethod function| startingHeight object| navs function| webpackHotUpdate object| CXBus object| recaptcha object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| gaplugins object| gaGlobal object| gaData object| _genesys object| _gt object| s_i_nexipayments.production function| widgetsJsonpFunction

22 Cookies

Domain/Path Name / Value
.www.nexi.it/CHP/api/services/nexi-utilities-service/prelogin Name: wpamm_cookie
Value: 21150196839150689293350000000000000000000000
www.nexi.it/CHP/api/services/nexi-utilities-service/prelogin Name: TS0154e360
Value: 0101a8acbe8bbb8646a307712e60198abc293a9e4888747b4d17e581f6ce8798833c1442a6381ca459853d0849c66273a1e29e816c5c7bc36343a33cfdf1953f6a8b1f0ce62513c2860fafda514a96736752c580d3
.nexi.it/ Name: lb_cookie2
Value: "e95dd24d2a20cd314b2b92c4c0cce535c2cd1038c668e515a39b2e6e93f5e9ad settimo"
.nexi.it/ Name: at_check
Value: true
.demdex.net/ Name: demdex
Value: 54028521376906148280000231953962672668
.nexi.it/ Name: AMCVS_6A724E255ED5F2A60A495E0E%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YayE1wAAAGeKAgQz
.nexi.it/ Name: mbox
Value: session#d17e959ab05d4620aa5902c3d4aa35fa#1638698012|PC#d17e959ab05d4620aa5902c3d4aa35fa.37_0#1701940952
www.nexi.it/ Name: lb_cookie
Value: rd7o00000000000000000000ffff0a0a0106o8443
.dpm.demdex.net/ Name: dpm
Value: 54028521376906148280000231953962672668
.www.nexi.it/ Name: TS01a05a0f
Value: 0101a8acbe3f1a1cb39ef4d9a81cd4d3db3f477cfd88747b4d17e581f6ce8798833c1442a6381ca459853d0849c66273a1e29e816c72937631fd7c5ec20eb6ca95ed26994a
.nexi.it/ Name: _ga
Value: GA1.2.2139462574.1638696151
.nexi.it/ Name: _gid
Value: GA1.2.1064406500.1638696151
.nexi.it/ Name: _gat_UA-3681719-1
Value: 1
.nexi.it/ Name: AMCV_6A724E255ED5F2A60A495E0E%40AdobeOrg
Value: -1124106680%7CMCIDTS%7C18967%7CMCMID%7C48405898188238035390709072137214979235%7CMCAAMLH-1639300951%7C6%7CMCAAMB-1639300951%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1638703351s%7CNONE%7CMCSYNCSOP%7C411-18974%7CvVersion%7C5.2.0
.nexi.it/ Name: s_cc
Value: true
.nexi.it/ Name: _hjSessionUser_653229
Value: eyJpZCI6ImE4ZWM5ODU4LTg5OTAtNWNjMC04YmFhLWY5MWQzNjE4ZGQ5ZiIsImNyZWF0ZWQiOjE2Mzg2OTYxNTE1NTMsImV4aXN0aW5nIjpmYWxzZX0=
.nexi.it/ Name: _hjFirstSeen
Value: 1
.nexi.it/ Name: _hjSession_653229
Value: eyJpZCI6Ijc1ZGYzZmJlLTY1MWYtNGQ2Zi1iMWIxLTRmZTA4NjFiYjliYiIsImNyZWF0ZWQiOjE2Mzg2OTYxNTE1Nzh9
www.nexi.it/ Name: _hjIncludedInPageviewSample
Value: 1
.nexi.it/ Name: _hjAbsoluteSessionInProgress
Value: 0
www.nexi.it/ Name: _hjIncludedInSessionSample
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apps.mypurecloud.com
apps.mypurecloud.ie
assets.adobedtm.com
click.message.nexi.it
cm.everesttech.net
dpm.demdex.net
in.hotjar.com
nexipayments.demdex.net
nexipayments.sc.omtrdc.net
nexipayments.tt.omtrdc.net
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
www.cloudflare.com
www.google-analytics.com
www.google.com
www.google.it
www.googletagmanager.com
www.gstatic.com
www.nexi.it
13.36.218.177
161.71.96.178
18.66.139.28
18.66.97.49
185.198.118.126
2606:4700::6810:7c60
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2008
2a00:1450:4001:829::200e
2a00:1450:4001:830::2004
2a00:1450:400c:c06::9d
2a02:26f0:6c00:28a::1e80
34.249.52.209
34.250.204.30
34.252.195.31
52.222.236.74
54.165.220.208
54.194.191.134
54.75.159.38
63.32.69.142
04410889c5251ebffe51063822311d828830abd030f73b6cdb5777e5b3238cb3
0696904b24ea3bdaf9ee857ded71391ccd44d40b84334571a5c5e71f93b4a0c6
0a6860b639d3f65209ac59599c26f7027aef515187c186b306a2e07c2c32e338
1ac32752b35d7d19ab735f0e9aa200625f0cda0d3a59f5a067e51116c2a43707
1ad072044ca60b518b7d0ef3f5322d45ba4457b1db8a02c6768c9708e451a503
24ca00b3b49493db7789f48419bff878ddfa28d637ab5e4019c43ed3c56a712b
251361a98419c844891c6feb5d99f2a3bb8a29f5ac8de705c1ecfa4761355445
277d580f0cd80ebd1c02fd14e1112aee45d6c3f1deb38dbfd0e8bef970f56c2f
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
34e867f822ed56cf3e43a85e1fe9643e5af31de094772a37e13d6d93d3c14d5b
37e18042907560da2dc851e4958ccf7d6d52ff930cadc7607956110fd796fe5c
3964a9a49a0aee59c77f05bfe9b36b058168e19c620bc91bd397f34e4d4fa378
3dad359622e49b9eb4ee7e71d2d7bedfbcc2684f15b11caa1698e4ba1a7fb4a3
4061275193aa1a5245941f7768b307219fc0f86f44dc1cf4d293168b93a72259
43c15c5e339cca85186d462b5951209ac3825b7677341e3d95f5e704b5057c87
57c0e7bb91f951c94377ffa60be316e17062e359a7890f2c09ed731f64225f7f
5a9832e8fbf9271704a38054b70a3623cc10a16404d01d23133ea1708c470f28
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
64bd630638e6a2b9c5b24794fa59e50a6c3cfa58b45b1faae97f03aae3cf4612
64e35e6e3e1969550eda7af80ded7e8e7ffdc15dd6a2bfdc4ed9bf1cb82cc762
78546b7f2e21f9a1f3764722cb9879f86ebddf932d89a3445d74e6f6edd8690c
7868fcedcf56c4b7b929da3bb3738c2476aaa349498103b7ac308c3724f2efb8
790272db4f81bd54720506a836a513fb2ef6520b5227ce392be7c1dac52f4621
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8a328eaf97de4600f72891d5658426d62b7afff1cc12667968e8db621a38322c
8f31662ee0ad05c232bc167e932a9b4797eb205e952353cab6341028154f6659
92c5b25edbc4647c55be848b92ea22fd4618cc3252a2364025262e18a7430f84
96d183b5add7ddf4ce9e2bc7e3964c602a50243c7aec67b4861099145259ee9c
96d8cc59ec821ca13b88e779284d2bc179133b4f95e8fd6bb04aa21f4cb78648
9d5561168bc5217052472bfbc6399e2e47b91d83881579cb46fbf6ed719b8088
9f0f857a31f056484b7a7a6486f84a2b8bc7fd551e825e968d2527f1bd28677c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a350e78fd9b313bc32acecaad9f517a4b691dde15c55bb4b116a64f577ec127e
ade827343407a2a81168acb91cabc1ed7d83de7010966dd1b7f06f4e0344b9e6
b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d
b63748ae71499a79986c35bac6fc7bbdc1d7bce952581785927d0058837549cf
bbc5d54b9924e9aab4c878ab2396b91093be26f8d2b3baf5b978439ceb859fe1
beb93387f288c057e130e0301d59824aa12d6a79d07d970dce938b40cacdae5f
c37a1253313f01ecf7b8d5ac83025a8059d161d955ecbe5254c99d4edf6989fc
c6bcefcac3a3e1f7c5669b4dc0751d5301cdf6c04c651074e54b08a9306b57be
c96d6c44d50646e4096806c2f0ba110954d52f55150d7b34d0d7ba6872486266
cccc8a31cb674d6ab7649ba7ac577b2807465200d4265382b9716e487d550c6a
d05b19db324ae8ce48fdda064c33ba463f3bcdd20117552b4e9a019e89fdd63d
d1700915fc4144972b88e8a2d733e1bd5cfbc8ab94f91750878fa096e3d00903
d174a8eddf55d6543e19f6bbc7ed997682871695506bfee71e6a8e10d134d80a
d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca
dbc7c58cfeaa2788d635f1604ed141bdcd24c08ad0180cb8c2f437010c30c7d5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e5d78fb115587b91494b0f7be10689d5dbf1116ba149c0a07d371f5b1f387338
ec38a7e65969ef0b1b4e200c9da6432906fd95aca5813ad64b71c0ade5c97eea
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f088650e838facc2134a418e8b0a1f1e4ec30a593ab24c56d91a7281ff7df1c4
f66d61bcba2b49bd0e05c63c536b8ab85b808800ccfc682f0d886b9ed86c8996
f81ab3f56a7c5008085220f155f09ff48fcbc5d859f7d6a7561457be1c72bf1e