urlscan.io logo urlscan.io
SecurityTrails logo

www.nexi.de Open in urlscan Pro
185.198.117.126  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://checkout.nexi.de/
Effective URL: https://www.nexi.de/de/online-handel/ecommerce
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On December 31 via api from IT — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 27 HTTP transactions. The main IP is 185.198.117.126, located in Italy and belongs to Nexi-as Nexi Payments S.P.A., IT. The main domain is www.nexi.de.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on May 16th 2024. Valid for: a year.
This is the only time www.nexi.de was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Nexi (Banking)

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:320... 13335 (CLOUDFLAR...)
12 185.198.117.126 35051 (Nexi-as N...)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:26e... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 3.161.82.55 16509 (AMAZON-02)
1 142.250.185.66 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2001:4860:480... 15169 (GOOGLE)
27 9
1    2a06:98c1:3200::90:3 (United States)

ASN13335 (CLOUDFLARENET, US)
checkout.nexi.de
12    185.198.117.126 (Italy)

ASN35051 (Nexi-as Nexi Payments S.P.A., IT)
www.nexi.de
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
5    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2600:9000:26e8:c400:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
sdk.privacy-center.org
1    2606:4700:10::ac43:b9b (United States)

ASN13335 (CLOUDFLARENET, US)
acsbapp.com
1    3.161.82.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-55.fra56.r.cloudfront.net
sdk.privacy-center.org
1    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
pagead2.googlesyndication.com
2    2606:4700:10::6816:1cc (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.acsbapp.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
13 nexi.de
checkout.nexi.de
www.nexi.de
399 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
446 KB
3 acsbapp.com
acsbapp.com — Cisco Umbrella Rank: 3812
cdn.acsbapp.com — Cisco Umbrella Rank: 4086
141 KB
3 privacy-center.org
sdk.privacy-center.org — Cisco Umbrella Rank: 4542
175 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 415
31 KB
27 7
Domain Requested by
12 www.nexi.de www.nexi.de
5 www.googletagmanager.com www.nexi.de
www.googletagmanager.com
3 sdk.privacy-center.org www.nexi.de
sdk.privacy-center.org
2 region1.google-analytics.com www.googletagmanager.com
2 cdn.acsbapp.com acsbapp.com
1 pagead2.googlesyndication.com www.googletagmanager.com
1 acsbapp.com www.nexi.de
1 ajax.googleapis.com www.nexi.de
1 checkout.nexi.de 1 redirects
27 9
Subject Issuer Validity Valid
www.nexi.de
GlobalSign RSA OV SSL CA 2018		 2024-05-16 -
2025-06-17		 a year crt.sh
upload.video.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.google-analytics.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.privacy-center.org
Amazon RSA 2048 M03		 2024-03-10 -
2025-04-07		 a year crt.sh
acsbapp.com
WE1		 2024-12-14 -
2025-03-14		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.nexi.de/de/online-handel/ecommerce
Frame ID: FDB110000D4626C0C607954E494064DC
Requests: 26 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fwww.nexi.de
Frame ID: F10AEF5714C01BD34AB7F106ADD77E85
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Seite konnte nicht gefunden werden | Nexi

Page URL History Show full URLs

  1. http://checkout.nexi.de/ HTTP 307
    https://checkout.nexi.de/ HTTP 301
    https://www.nexi.de/de/online-handel/ecommerce Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc\.clientlibs/
Overall confidence: 100%
Detected patterns
  • sdk\.privacy-center\.org/.*/loader\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

100 %
HTTPS

70 %
IPv6

7
Domains

9
Subdomains

9
IPs

3
Countries

1191 kB
Transfer

3843 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://checkout.nexi.de/ HTTP 307
    https://checkout.nexi.de/ HTTP 301
    https://www.nexi.de/de/online-handel/ecommerce Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ecommerce
www.nexi.de/de/online-handel/
Redirect Chain
  • http://checkout.nexi.de/
  • https://checkout.nexi.de/
  • https://www.nexi.de/de/online-handel/ecommerce
17 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nexi.de/de/online-handel/ecommerce
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (Nexi-as Nexi Payments S.P.A., IT),
Reverse DNS
Software
/
Resource Hash
a47b5fb3be31a5945bc96ae366e9490496d59640ab07609a7b34614412b3e821
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html; charset=UTF-8
Date
Tue, 31 Dec 2024 09:15:17 GMT
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Transfer-Encoding
chunked
Vary
Origin
X-Frame-Options
SAMEORIGIN

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=120
cf-ray
8fa92a05ef5e9f34-FRA
content-length
0
content-security-policy
upgrade-insecure-requests
date
Tue, 31 Dec 2024 09:15:16 GMT
location
https://www.nexi.de/de/online-handel/ecommerce
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-hs-mapping-id
80006333415
x-hs-mapping-only-after-not-found
no
x-hs-prerendered
Wed, 25 Dec 2024 09:16:23 GMT
x-hs-route-prefix
http://checkout.nexi.de
clientlib-site.lc-1731514382214-lc.min.css
www.nexi.de/etc.clientlibs/nexinew/clientlibs/ 		357 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.lc-1731514382214-lc.min.css
Requested by
Host: www.nexi.de
URL: https://www.nexi.de/de/online-handel/ecommerce
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (Nexi-as Nexi Payments S.P.A., IT),
Reverse DNS
Software
/
Resource Hash
d948727fda96cdebbc59fa7e754cd1feeafae39e59f6f286d33abf1083aa8ce2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.nexi.de/de/online-handel/ecommerce

Response headers

Content-Security-Policy
frame-ancestors 'self'
Cache-Control
max-age=300, public
Content-Encoding
br
ETag
"59547-626da4ff00411-br"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
53795
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Date
Tue, 31 Dec 2024 09:15:17 GMT
Content-Type
text/css
Last-Modified
Thu, 14 Nov 2024 07:22:26 GMT
Vary
Accept-Encoding,Origin
X-Frame-Options
SAMEORIGIN
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: www.nexi.de
URL: https://www.nexi.de/de/online-handel/ecommerce
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.nexi.de/

Response headers

content-encoding
gzip
age
333753
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Sat, 27 Dec 2025 12:32:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Dec 2024 12:32:44 GMT
last-modified
Fri, 08 May 2020 07:05:03 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
31021
x-xss-protection
0
server
sffe
nexi-logo-white.svg
www.nexi.de/content/dam/nexinew/icone/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nexi.de/content/dam/nexinew/icone/nexi-logo-white.svg
Requested by
Host: www.nexi.de
URL: https://www.nexi.de/de/online-handel/ecommerce
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (Nexi-as Nexi Payments S.P.A., IT),
Reverse DNS
Software
/
Resource Hash
4c399d83f036f296ac9cdc6cbb47af8f77b8892218b7c0ae7c26b292f4eddd08
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.nexi.de/de/online-handel/ecommerce

Response headers

Content-Security-Policy
frame-ancestors 'self'
Cache-Control
max-age=300, public
Content-Encoding
br
ETag
"72c-626da50d13a08-br"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
772
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Date
Tue, 31 Dec 2024 09:15:17 GMT
Content-Type
image/svg+xml
Last-Modified
Thu, 14 Nov 2024 07:22:40 GMT
Vary
Accept-Encoding,Origin
X-Frame-Options
SAMEORIGIN
nexi-logo-dark.svg
www.nexi.de/content/dam/nexinew/icone/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nexi.de/content/dam/nexinew/icone/nexi-logo-dark.svg
Requested by
Host: www.nexi.de
URL: https://www.nexi.de/de/online-handel/ecommerce
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (Nexi-as Nexi Payments S.P.A., IT),
Reverse DNS
Software
/
Resource Hash
2bef6e7b4bd23a7009ddf29a2896bbdc7e25a365b501b2c34b5fd42917e12337
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.nexi.de/de/online-handel/ecommerce

Response headers

Content-Security-Policy
frame-ancestors 'self'
Cache-Control
max-age=300, public
Content-Encoding
br
ETag
"8fa-626da4f9a9dd0-br"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
892
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Date
Tue, 31 Dec 2024 09:15:17 GMT
Content-Type
image/svg+xml
Last-Modified
Thu, 14 Nov 2024 07:22:20 GMT
Vary
Accept-Encoding,Origin
X-Frame-Options
SAMEORIGIN
clientlib-site.lc-1731514382214-lc.min.js
www.nexi.de/etc.clientlibs/nexinew/clientlibs/ 		703 KB
184 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.lc-1731514382214-lc.min.js
Requested by
Host: www.nexi.de
URL: https://www.nexi.de/de/online-handel/ecommerce
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (Nexi-as Nexi Payments S.P.A., IT),
Reverse DNS
Software
/
Resource Hash
cacc37d4381b8c5bd59d9b041acf376e362a41d475d47abd9a5c762abd3cab7c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.nexi.de/de/online-handel/ecommerce

Response headers

Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors 'self'
Cache-Control
max-age=300, public
Content-Encoding
gzip
ETag
"afb9d-626da598bd1ff-gzip"
Connection
keep-alive
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Date
Tue, 31 Dec 2024 09:15:17 GMT
Content-Type
application/javascript
Last-Modified
Thu, 14 Nov 2024 07:25:07 GMT
Vary
Accept-Encoding,Origin
X-Frame-Options
SAMEORIGIN
gtm.js
www.googletagmanager.com/ 		418 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M7T2WFJ
Requested by
Host: www.nexi.de
URL: https://www.nexi.de/de/online-handel/ecommerce
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4ddcbb9c97d3c3dd0422e063ac55818c5df6a4974fc40338865f0214140bd338
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.nexi.de/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 31 Dec 2024 09:15:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 31 Dec 2024 09:15:17 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 31 Dec 2024 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
127592
x-xss-protection
0
server
Google Tag Manager
loader.js
sdk.privacy-center.org/3b629be4-eb58-4096-bdbb-615b2c83c816/ 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/3b629be4-eb58-4096-bdbb-615b2c83c816/loader.js?target=www.nexi.de
Requested by
Host: www.nexi.de
URL: https://www.nexi.de/de/online-handel/ecommerce
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:c400:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b21af77188037096d0e6f3d27559b2ad57526d3cacc8706289cba12169c2bbbd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.nexi.de/

Response headers

content-encoding
br
etag
W/"554180776efb7aaee2c59674ad988b9f"
age
3012
x-amzn-requestid
69794d86-3319-4f69-a8c9-641a3c7d775f
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
RJ3mHPkumHhgOKtR2Co2qPB8vOEDAbtasqdz2pxETFsWED2RA_p2PQ==
date
Tue, 31 Dec 2024 08:25:05 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=7200, public
x-didomi-remote-config-metadata
multiReg:true;legacyGlobalGdpr:true
x-amzn-trace-id
Root=1-6767c380-35ee537d1acd646d6c2c6063;Parent=5c8589a1907bb490;Sampled=0;Lineage=1:eaae1266:0
via
1.1 adffa554e502bb59dc89f14ddc6170ce.cloudfront.net (CloudFront)
x-didomi-configs-version
113
x-amz-cf-pop
FRA56-P10
app.js
acsbapp.com/apps/app/dist/js/ 		480 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acsbapp.com/apps/app/dist/js/app.js
Requested by
Host: www.nexi.de
URL: https://www.nexi.de/de/online-handel/ecommerce
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f701dda1d09b6825359682ae1882cb36198d3baf1d0cb962fe75e623a2e01eb6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.nexi.de/

Response headers

x-goog-metageneration
3
access-control-expose-headers
*
x-goog-hash
crc32c=ufiHjw==, md5=a2WRX0RoRqmAgQzUaSFrPA==
cf-cache-status
REVALIDATED
etag
W/"6b65915f446846a980810cd469216b3c"
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Wed, 31 Dec 2025 09:15:17 GMT
x-goog-stored-content-length
491895
date
Tue, 31 Dec 2024 09:15:17 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 30 Dec 2024 17:51:02 GMT
vary
Accept-Encoding
x-guploader-uploadid
AFiumC5ytim4ilYJ-iUAvA1Ks5-9LIAeWAD2Ym06MeV0h3hB_th_gYkWCTEirLDnPlv2yfe6xGVqz9Y
cache-control
public, max-age=300, must-revalidate
x-goog-storage-class
STANDARD
cf-ray
8fa92a093d2b8f30-FRA
access-control-allow-origin
*
x-goog-generation
1735581062592623
server
cloudflare
NexiSans-Regular-79bbfd7f42d2ed9c5fda.woff
www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/nexinew/assets/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/nexinew/assets/NexiSans-Regular-79bbfd7f42d2ed9c5fda.woff
Requested by
Host: www.nexi.de
URL: https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.lc-1731514382214-lc.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (Nexi-as Nexi Payments S.P.A., IT),
Reverse DNS
Software
/
Resource Hash
a095658dd85cefb8c1edc79dc582c86da9fcee16e00585fc28efe2b4e81975d3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.nexi.de
Referer
https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.lc-1731514382214-lc.min.css

Response headers

Content-Security-Policy
frame-ancestors 'self'
Cache-Control
max-age=300, public
ETag
"8d64-626da4f9c947d"
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
https://www.nexi.de
Content-Length
36196
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Date
Tue, 31 Dec 2024 09:15:17 GMT
Content-Type
font/woff
Last-Modified
Thu, 14 Nov 2024 07:22:20 GMT
Vary
Origin
X-Frame-Options
SAMEORIGIN
NexiSans-Medium-29918422b8ec0c13290c.woff
www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/nexinew/assets/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/nexinew/assets/NexiSans-Medium-29918422b8ec0c13290c.woff
Requested by
Host: www.nexi.de
URL: https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.lc-1731514382214-lc.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (Nexi-as Nexi Payments S.P.A., IT),
Reverse DNS
Software
/
Resource Hash
a60d70df66be1919e0800326c895379b33fb0d6680750f3aa3e8627116feda3d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.nexi.de
Referer
https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.lc-1731514382214-lc.min.css

Response headers

Content-Security-Policy
frame-ancestors 'self'
Cache-Control
max-age=300, public
ETag
"9398-626da4ff4fb1f"
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
https://www.nexi.de
Content-Length
37784
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Date
Tue, 31 Dec 2024 09:15:17 GMT
Content-Type
font/woff
Last-Modified
Thu, 14 Nov 2024 07:22:26 GMT
Vary
Origin
X-Frame-Options
SAMEORIGIN
nexinew-5ff126ecb882481c19f4.ttf
www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/nexinew/assets/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/nexinew/assets/nexinew-5ff126ecb882481c19f4.ttf?5goiff
Requested by
Host: www.nexi.de
URL: https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.lc-1731514382214-lc.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (Nexi-as Nexi Payments S.P.A., IT),
Reverse DNS
Software
/
Resource Hash
6d745bd1bb70f5c553672397868f0dc9ccd3146b0ab1e4ca375daa33700d677f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.nexi.de
Referer
https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.lc-1731514382214-lc.min.css

Response headers

Content-Security-Policy
frame-ancestors 'self'
Cache-Control
max-age=300, public
ETag
"5c00-626da4f159486"
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
https://www.nexi.de
Content-Length
23552
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Date
Tue, 31 Dec 2024 09:15:17 GMT
Content-Type
font/ttf
Last-Modified
Thu, 14 Nov 2024 07:22:11 GMT
Vary
Origin
X-Frame-Options
SAMEORIGIN
sdk.f9e11c55fc2b6c77b45c8b01825e76ac3cd0913d.js
sdk.privacy-center.org/sdk/f9e11c55fc2b6c77b45c8b01825e76ac3cd0913d/modern/ 		375 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/f9e11c55fc2b6c77b45c8b01825e76ac3cd0913d/modern/sdk.f9e11c55fc2b6c77b45c8b01825e76ac3cd0913d.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/3b629be4-eb58-4096-bdbb-615b2c83c816/loader.js?target=www.nexi.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:c400:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac3fc470444e6c43074861393a5b8330469579b84f3ea27f93330bd752e589ab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.nexi.de/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=31536000
content-encoding
br
etag
W/"21a1586bc1c99eb67d069773f0c262e4-1"
age
1190813
via
1.1 adffa554e502bb59dc89f14ddc6170ce.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
04xwXGR1dsK_gJ5MjKnDUpz1YFiodXk1eUG-EC3dclAWq7UtwshEdw==
date
Tue, 17 Dec 2024 14:28:25 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 17 Dec 2024 14:28:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P10
x-amz-server-side-encryption
AES256
ui-web-en-web.f9e11c55fc2b6c77b45c8b01825e76ac3cd0913d.js
sdk.privacy-center.org/sdk/f9e11c55fc2b6c77b45c8b01825e76ac3cd0913d/modern/ 		266 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/f9e11c55fc2b6c77b45c8b01825e76ac3cd0913d/modern/ui-web-en-web.f9e11c55fc2b6c77b45c8b01825e76ac3cd0913d.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk/f9e11c55fc2b6c77b45c8b01825e76ac3cd0913d/modern/sdk.f9e11c55fc2b6c77b45c8b01825e76ac3cd0913d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.161.82.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5b1386e49d9d4ecd4aefd8a6af105e55e91510efd913b7d5b566e9968717c2e1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.nexi.de/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=31536000
content-encoding
gzip
etag
W/"57d48ca3fe9d1dd6ab7646282274d231-1"
age
1190798
via
1.1 098a60d50e7e132c276fd27b94c6212c.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
TNeqPkC7uEu9LCns-ke-HErfeGMclM5bvkTaA5PCUuLOR8RHG3wNZQ==
date
Tue, 17 Dec 2024 14:28:40 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 17 Dec 2024 14:28:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P10
x-amz-server-side-encryption
AES256
js
www.googletagmanager.com/gtag/ 		422 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZC6C4GYW78&l=dataLayer&cx=c&gtm=45He4cc1v9105342857za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7T2WFJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8c96cff7369c09aef0953d9b6a0cfc412caa4c6df6c18fc314c1bb2cd192a4c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.nexi.de/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 31 Dec 2024 09:15:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 31 Dec 2024 09:15:17 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
137866
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		262 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-808584846&l=dataLayer&cx=c&gtm=45He4cc1v9105342857za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7T2WFJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
031a4ebf9d30daff0298c468b67cfdf298c7d7d4a36e9c2e49e086c9501e5916
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.nexi.de/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 31 Dec 2024 09:15:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 31 Dec 2024 09:15:17 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 31 Dec 2024 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
94807
x-xss-protection
0
server
Google Tag Manager
collect
pagead2.googlesyndication.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.nexi.de%2Fde%2Fonline-handel%2Fecommerce&scrsrc=www.googletagmanager.com&frm=0&rnd=112709143.1735636517&navt=n&npa=1&gtm=45He4cc1v9105342857za200&gcs=G100&gcd=13p3p3p2p5l1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1735636517448&tfd=741&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7T2WFJ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.nexi.de/

Response headers
destination
www.googletagmanager.com/gtag/ 		262 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-808584846&l=dataLayer&cx=c&gtm=45He4cc1v9105342857za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7T2WFJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d93fc3d3e72a680fd8cab9a674cc47a3ae40685fd1d751aea4c47103746f3d1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.nexi.de/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Tue, 31 Dec 2024 09:15:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 31 Dec 2024 09:15:17 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 31 Dec 2024 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
94801
x-xss-protection
0
server
Google Tag Manager
sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame F10A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fwww.nexi.de
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7T2WFJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
248507
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Sat, 28 Dec 2024 12:13:30 GMT
expires
Sun, 28 Dec 2025 12:13:30 GMT
last-modified
Thu, 12 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
622-d3e9bd2b1edfbf57bdab.js
www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/chunks/622-d3e9bd2b1edfbf57bdab.js
Requested by
Host: www.nexi.de
URL: https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.lc-1731514382214-lc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (Nexi-as Nexi Payments S.P.A., IT),
Reverse DNS
Software
/
Resource Hash
61615468365911d6594b324b9c2d02e665d7ddbd628d72d1abe07c6df7781ff1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.nexi.de/de/online-handel/ecommerce

Response headers

Content-Security-Policy
frame-ancestors 'self'
Cache-Control
max-age=300, public
Content-Encoding
gzip
ETag
"105e-626da516c2019-gzip"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1538
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Date
Tue, 31 Dec 2024 09:15:17 GMT
Content-Type
application/javascript
Last-Modified
Thu, 14 Nov 2024 07:22:51 GMT
Vary
Accept-Encoding,Origin
X-Frame-Options
SAMEORIGIN
config.json
cdn.acsbapp.com/config/nexi.de/ 		127 B
489 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.acsbapp.com/config/nexi.de/config.json?page=%2Fde%2Fonline-handel%2Fecommerce
Requested by
Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bde9c2949e64d059c18d8f93566a64dafc6d2e8e259a70322fb804831dfd0b5b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.nexi.de/

Response headers

access-control-expose-headers
*, Cache-Control, Content-Length, Date, Expires, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=300, must-revalidate
content-encoding
br
cf-cache-status
MISS
cf-ray
8fa92a0bbb794d3d-FRA
expires
Tue, 31 Dec 2024 09:15:17 GMT
access-control-allow-origin
*
date
Tue, 31 Dec 2024 09:15:17 GMT
content-type
application/xml; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
x-guploader-uploadid
AFiumC7reZ8xECfJ7hob6NTYpbl8b6q_0VU3Ly_aCTlHkx6f4mm55SgSRQRIdh1dZgIKaHHr
NexiSans-Bold-5f436d49a370dd50740a.woff
www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/nexinew/assets/ 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/nexinew/assets/NexiSans-Bold-5f436d49a370dd50740a.woff
Requested by
Host: www.nexi.de
URL: https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.lc-1731514382214-lc.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (Nexi-as Nexi Payments S.P.A., IT),
Reverse DNS
Software
/
Resource Hash
852595ef732e97a26a2a76dd452e9f99210e436292663387d3cf1eb24ff513e6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.nexi.de
Referer
https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.lc-1731514382214-lc.min.css

Response headers

Content-Security-Policy
frame-ancestors 'self'
Cache-Control
max-age=300, public
ETag
"90bc-626dae6097413"
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
https://www.nexi.de
Content-Length
37052
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Date
Tue, 31 Dec 2024 09:15:17 GMT
Content-Type
font/woff
Last-Modified
Thu, 14 Nov 2024 08:04:24 GMT
Vary
Origin
X-Frame-Options
SAMEORIGIN
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-ZC6C4GYW78&gtm=45je4cc1v9119449089z89105342857za200zb9105342857&_p=1735636517195&gcs=G100&gcd=13p3pPp2p5l1&npa=1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&gdid=dMTc4Zm&ir=0&tt=external&ul=de&cid=66728903.1735636518&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_s=1&sid=1735636517&sct=1&seg=0&dl=https%3A%2F%2Fwww.nexi.de%2Fde%2Fonline-handel%2Fecommerce&dt=Seite%20konnte%20nicht%20gefunden%20werden%20%7C%20Nexi&en=custom_error&_fv=1&_nsi=1&_ss=1&ep.container_id=GTM-M7T2WFJ&ep.container_version=70&ep.connection_speed=4g&epn.is_internal_traffic=0&epn.device_pixel_ratio=1&ep.content_language=DE&epn.js_timestamp=1735636517824&ep.error_message=&ep.error_code=404&ep.error_type=generic&ep.error_description=404%20-%20not%20found%20event&ep.is_fatal=false&tfd=1124
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZC6C4GYW78&l=dataLayer&cx=c&gtm=45He4cc1v9105342857za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.nexi.de/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.nexi.de
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 31 Dec 2024 09:15:17 GMT
content-type
text/plain
server
Golfe2
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-ZC6C4GYW78&gtm=45je4cc1v9119449089z89105342857za200zb9105342857&_p=1735636517195&gcs=G100&gcd=13p3pPp2p5l1&npa=1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&gdid=dMTc4Zm&ir=0&tt=external&cid=66728903.1735636518&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_s=2&sid=1735636517&sct=1&seg=0&dl=https%3A%2F%2Fwww.nexi.de%2Fde%2Fonline-handel%2Fecommerce&dt=Seite%20konnte%20nicht%20gefunden%20werden%20%7C%20Nexi&en=custom_error&ep.container_id=GTM-M7T2WFJ&ep.container_version=70&ep.connection_speed=4g&epn.is_internal_traffic=0&epn.device_pixel_ratio=1&ep.content_language=DE&epn.js_timestamp=1735636517440&ep.error_message=&ep.error_code=404&ep.error_type=generic&ep.error_description=404%20-%20not%20found%20event&ep.trigger_type=genericError&_et=1&tfd=1141
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZC6C4GYW78&l=dataLayer&cx=c&gtm=45He4cc1v9105342857za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.nexi.de/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.nexi.de
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 31 Dec 2024 09:15:17 GMT
content-type
text/plain
server
Golfe2
favicon.png
www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.lc-1731514382214-lc/resources/favicons/ 		0
815 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.lc-1731514382214-lc/resources/favicons/favicon.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (Nexi-as Nexi Payments S.P.A., IT),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.nexi.de/de/online-handel/ecommerce

Response headers

Content-Security-Policy
frame-ancestors 'self'
Connection
keep-alive
X-Content-Type-Options
nosniff
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Date
Tue, 31 Dec 2024 09:15:17 GMT
Content-Type
image/png
Vary
Origin
X-Frame-Options
SAMEORIGIN
wildcards.json
cdn.acsbapp.com/cache/app/ 		258 B
612 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.acsbapp.com/cache/app/wildcards.json
Requested by
Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
276f118caa2d596ef5470e089dc7e035162859dd3bce763b8bfa564ef0b9bb4d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.nexi.de/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=jyDm/Q==, md5=fqCOR673nqSbjdu+sHMZxA==
cf-cache-status
HIT
etag
W/"7ea08e47aef79ea49b8ddbbeb07319c4"
age
45
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Wed, 31 Dec 2025 09:14:32 GMT
x-goog-stored-content-length
258
date
Tue, 31 Dec 2024 09:15:17 GMT
content-type
application/json
last-modified
Thu, 26 Dec 2024 00:00:03 GMT
vary
Accept-Encoding
x-guploader-uploadid
AFiumC7g3G0tCD9sjw9FzhpTRsRgV-NWkldZHdudODL3JDT4BZa4RV0JMSBJzJIw0-aw-rS4
cache-control
no-cache
x-goog-storage-class
STANDARD
cf-ray
8fa92a0cac134d3d-FRA
access-control-allow-origin
*
x-goog-generation
1735171203027547
server
cloudflare
favicon.ico
www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.lc-1731514382214-lc/resources/favicons/ 		0
830 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.lc-1731514382214-lc/resources/favicons/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (Nexi-as Nexi Payments S.P.A., IT),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.nexi.de/de/online-handel/ecommerce

Response headers

Content-Security-Policy
frame-ancestors 'self'
Connection
keep-alive
X-Content-Type-Options
nosniff
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Date
Tue, 31 Dec 2024 09:15:17 GMT
Content-Type
image/vnd.microsoft.icon
Vary
Origin
X-Frame-Options
SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Nexi (Banking)

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| dataLayer object| nexinew function| track404 function| $ function| jQuery object| didomiRemoteConfig string| didomiCountry object| didomiGeoRegulations object| webpackChunkDidomi object| Didomi object| didomiOnReady object| didomiEventListeners object| googletag object| adsbygoogle object| DidomiSanitizing object| didomiState object| google_tag_manager object| google_tag_data object| uetq function| onYouTubeIframeAPIReady object| webpackChunkui_frontend object| deviceBreakpoints function| pure_Promise object| pure_JSON object| pure_CSS function| pure_URL function| pure_fetch function| pure_Set function| pure_Map function| pure_DOMParser object| webpackChunkwidget object| AJS object| acsbJS object| AccessiBe object| acsb object| gaGlobal function| pure_addEventListener function| pure_removeEventListener

4 Cookies

Domain/Path Name / Value
.checkout.nexi.de/ Name: __cf_bm
Value: CG5K881yhb2y.cSeJz2c4JkRHxBHHzYia2R5IJtwskM-1735636516-1.0.1.1-JZBXDeIVZ9DuhA5nWOjUhU_hYe0xLmpX6MWf6t.vJc__wjtNf5Ou3xgp5s34IkxDCbP9kdIa7SwIWr9RkZ.XEA
.checkout.nexi.de/ Name: _cfuvid
Value: A4ZJq9uo_x87389nXJ0q1SjQ1DvYeOspHTAjcX84p_M-1735636516817-0.0.1.1-604800000
www.nexi.de/ Name: TS0168694d
Value: 01d37309fc0470c1bb2b580d9acf6d5e064044197bb6dd4aa6c675e1c7fc0079cfea1fe6ac9bccf625836ff9fdf029ae8c3b85a8e5
.nexi.de/ Name: didomi_token
Value: eyJ1c2VyX2lkIjoiMTk0MWJmZjgtMjFiYS02YWZjLTkzM2ItNTBhN2UwMjU0ZWMxIiwiY3JlYXRlZCI6IjIwMjQtMTItMzFUMDk6MTU6MTcuNDAzWiIsInVwZGF0ZWQiOiIyMDI0LTEyLTMxVDA5OjE1OjE3LjQwM1oiLCJ2ZXJzaW9uIjpudWxsfQ==

4 Console Messages

Source Level URL
Text
network error URL: https://www.nexi.de/de/online-handel/ecommerce
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://cdn.acsbapp.com/config/nexi.de/config.json?page=%2Fde%2Fonline-handel%2Fecommerce
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.lc-1731514382214-lc/resources/favicons/favicon.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.lc-1731514382214-lc/resources/favicons/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acsbapp.com
ajax.googleapis.com
cdn.acsbapp.com
checkout.nexi.de
pagead2.googlesyndication.com
region1.google-analytics.com
sdk.privacy-center.org
www.googletagmanager.com
www.nexi.de
142.250.185.66
185.198.117.126
2001:4860:4802:34::36
2600:9000:26e8:c400:5:b7cc:d3c0:93a1
2606:4700:10::6816:1cc
2606:4700:10::ac43:b9b
2a00:1450:4001:80f::2008
2a00:1450:4001:811::200a
2a06:98c1:3200::90:3
3.161.82.55
031a4ebf9d30daff0298c468b67cfdf298c7d7d4a36e9c2e49e086c9501e5916
276f118caa2d596ef5470e089dc7e035162859dd3bce763b8bfa564ef0b9bb4d
2bef6e7b4bd23a7009ddf29a2896bbdc7e25a365b501b2c34b5fd42917e12337
4c399d83f036f296ac9cdc6cbb47af8f77b8892218b7c0ae7c26b292f4eddd08
4ddcbb9c97d3c3dd0422e063ac55818c5df6a4974fc40338865f0214140bd338
5b1386e49d9d4ecd4aefd8a6af105e55e91510efd913b7d5b566e9968717c2e1
61615468365911d6594b324b9c2d02e665d7ddbd628d72d1abe07c6df7781ff1
6d745bd1bb70f5c553672397868f0dc9ccd3146b0ab1e4ca375daa33700d677f
852595ef732e97a26a2a76dd452e9f99210e436292663387d3cf1eb24ff513e6
8c96cff7369c09aef0953d9b6a0cfc412caa4c6df6c18fc314c1bb2cd192a4c2
a095658dd85cefb8c1edc79dc582c86da9fcee16e00585fc28efe2b4e81975d3
a47b5fb3be31a5945bc96ae366e9490496d59640ab07609a7b34614412b3e821
a60d70df66be1919e0800326c895379b33fb0d6680750f3aa3e8627116feda3d
ac3fc470444e6c43074861393a5b8330469579b84f3ea27f93330bd752e589ab
b21af77188037096d0e6f3d27559b2ad57526d3cacc8706289cba12169c2bbbd
bde9c2949e64d059c18d8f93566a64dafc6d2e8e259a70322fb804831dfd0b5b
cacc37d4381b8c5bd59d9b041acf376e362a41d475d47abd9a5c762abd3cab7c
d93fc3d3e72a680fd8cab9a674cc47a3ae40685fd1d751aea4c47103746f3d1d
d948727fda96cdebbc59fa7e754cd1feeafae39e59f6f286d33abf1083aa8ce2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f701dda1d09b6825359682ae1882cb36198d3baf1d0cb962fe75e623a2e01eb6
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d