urlscan.io logo urlscan.io
SecurityTrails logo

185.198.117.126 Open in urlscan Pro
185.198.117.126  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://185.198.117.126/it
Submission: On November 09 via automatic, source openphish — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 11 domains to perform 40 HTTP transactions. The main IP is 185.198.117.126, located in Italy and belongs to NEXI-AS, IT. The main domain is 185.198.117.126.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on August 4th 2023. Valid for: a year.
This is the only time 185.198.117.126 was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Nexi (Banking)

Domain & IP information

18    185.198.117.126 (Italy)

ASN35051 (NEXI-AS, IT)
185.198.117.126
1    151.101.192.114 (United States)

ASN54113 (FASTLY, US)
cdn.evgnet.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2600:9000:2251:200:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
sdk.privacy-center.org
1    2606:4700:10::6816:1cc (United States)

ASN13335 (CLOUDFLARENET, US)
acsbapp.com
4    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    34.249.88.247 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-88-247.eu-west-1.compute.amazonaws.com
apps.mypurecloud.ie
5    3.230.156.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-156-183.compute-1.amazonaws.com
apps.mypurecloud.com
Apex Domain
Subdomains		 Transfer
5 mypurecloud.com
apps.mypurecloud.com — Cisco Umbrella Rank: 9270
189 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
418 KB
2 privacy-center.org
sdk.privacy-center.org — Cisco Umbrella Rank: 6418
87 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
3 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
195 KB
1 mypurecloud.ie
apps.mypurecloud.ie — Cisco Umbrella Rank: 94609
7 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462
254 B
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
455 B
1 acsbapp.com
acsbapp.com — Cisco Umbrella Rank: 4007
87 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 364
31 KB
1 evgnet.com
cdn.evgnet.com — Cisco Umbrella Rank: 3780
41 KB
40 11
Domain Requested by
5 apps.mypurecloud.com apps.mypurecloud.ie
4 www.gstatic.com www.google.com
www.gstatic.com
2 sdk.privacy-center.org 185.198.117.126
sdk.privacy-center.org
2 www.google.com 185.198.117.126
www.gstatic.com
2 www.googletagmanager.com 185.198.117.126
www.googletagmanager.com
1 apps.mypurecloud.ie 185.198.117.126
1 region1.google-analytics.com www.googletagmanager.com
1 fonts.gstatic.com www.google.com
1 pagead2.googlesyndication.com www.googletagmanager.com
1 acsbapp.com 185.198.117.126
1 ajax.googleapis.com 185.198.117.126
1 cdn.evgnet.com 185.198.117.126
40 12

This site contains links to these domains. Also see Links.

Domain
ecommerce.nexi.it
www.nexi.it
it-it.facebook.com
www.youtube.com
twitter.com
it.linkedin.com
Subject Issuer Validity Valid
www.nexi.it
GlobalSign RSA OV SSL CA 2018		 2023-08-04 -
2024-08-21		 a year crt.sh
cdn.evergage.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-06 -
2024-03-04		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.privacy-center.org
Amazon RSA 2048 M02		 2023-03-25 -
2024-04-22		 a year crt.sh
acsbapp.com
GTS CA 1P5		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
mypurecloud.ie
Amazon RSA 2048 M01		 2023-08-20 -
2024-09-16		 a year crt.sh
mypurecloud.com
Amazon RSA 2048 M03		 2023-08-19 -
2024-09-15		 a year crt.sh

This page contains 2 frames:

Primary Page: https://185.198.117.126/it
Frame ID: A22768AC435547F618955F41C5CBBABE
Requests: 36 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld7ALUZAAAAAK4iDeutbuh9DdH-o4dwFyb6FGIP&co=aHR0cHM6Ly8xODUuMTk4LjExNy4xMjY6NDQz&hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=d0nih235235l
Frame ID: 56253FA9B783DAD5A9D82BE4531E2DA1
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nexi, l’innovazione dei pagamenti digitali in Italia

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc\.clientlibs/
Overall confidence: 100%
Detected patterns
  • sdk\.privacy-center\.org/.*/loader\.js
Overall confidence: 100%
Detected patterns
  • apps\.mypurecloud\.\w+/widgets/([\d.]+)
  • apps\.mypurecloud\.\w+
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

40
Requests

55 %
HTTPS

69 %
IPv6

11
Domains

12
Subdomains

14
IPs

4
Countries

2627 kB
Transfer

5123 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request it
185.198.117.126/ 		121 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
36fc471f184f437b71be54a4638ea5c2cba4efbb4052960c4e6cba28baa736dc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET, HEAD
Connection
Keep-Alive
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html; charset=UTF-8
Date
Thu, 09 Nov 2023 01:11:16 GMT
ETag
"1e58e-609adcd8b42ec"
Keep-Alive
timeout=5, max=95
Last-Modified
Thu, 09 Nov 2023 01:05:42 GMT
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
evergage.min.js
cdn.evgnet.com/beacon/nexipayments/engage/scripts/ 		142 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.evgnet.com/beacon/nexipayments/engage/scripts/evergage.min.js
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
03c5709062dc9c301693a8af2f51051a491290f9f3c74a6f9ed20f72a9ecffbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
uoYwtAuTSKXBl459Eaa6v9QP.0NwjVls
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Thu, 09 Nov 2023 01:11:17 GMT
x-amz-request-id
0AASFWFFYDPVCR27
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-replication-status
COMPLETED
content-length
41705
x-amz-id-2
tkZJRKAKW1H9eZdGqC6s8ogElbF+fVi5NEhH80d1EPGO0Iw/cRxsFAAMbj17L5Nz7t63thxy0PY=
x-served-by
cache-iad-kcgs7200109-IAD, cache-cph2320039-CPH
x-amz-meta-evergage-sum
668c27d7de5bdbfb6f150fec8b8f0ceb525fa996
last-modified
Wed, 04 Oct 2023 01:07:18 GMT
server
AmazonS3
x-timer
S1699492277.118456,VS0,VE103
etag
"3010a1dd0fb589a39959d39ad91dbe46"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=120
accept-ranges
bytes
timing-allow-origin
*
x-amz-meta-evergage-beacon-ver
16
x-cache-hits
12984, 1
clientlib-site.css
185.198.117.126/etc.clientlibs/nexinew/clientlibs/ 		285 KB
79 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site.css
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
d86ec2a944464d4150d40a139261c2e2c25b230ae43dfaaf70f49e22b252a54d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 01:11:17 GMT
Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
Last-Modified
Mon, 30 Oct 2023 14:14:19 GMT
ETag
"47587-608efa76e27f8"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
Content-Type
text/css
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=62
clientlib-chatbot.css
185.198.117.126/etc.clientlibs/nexinew/clientlibs/ 		154 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-chatbot.css
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
7e8acc5f09a6c0b4c00255f30912ab370a6fadc35300404134df3093423a4022
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 01:11:17 GMT
Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
Last-Modified
Mon, 30 Oct 2023 14:14:20 GMT
ETag
"2671b-608efa77c7038"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
Content-Type
text/css
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 21:01:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14981
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Nov 2024 21:01:36 GMT
nexi-logo-white.svg
185.198.117.126/content/dam/nexinew/icone/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://185.198.117.126/content/dam/nexinew/icone/nexi-logo-white.svg
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
4c399d83f036f296ac9cdc6cbb47af8f77b8892218b7c0ae7c26b292f4eddd08
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 01:11:17 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Mon, 06 Nov 2023 14:49:27 GMT
ETag
"72c-6097cf5f0d62d"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/svg+xml
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
1836
nexi-logo-dark.svg
185.198.117.126/content/dam/nexinew/icone/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://185.198.117.126/content/dam/nexinew/icone/nexi-logo-dark.svg
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
2bef6e7b4bd23a7009ddf29a2896bbdc7e25a365b501b2c34b5fd42917e12337
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 01:11:17 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Mon, 06 Nov 2023 14:49:26 GMT
ETag
"8fa-6097cf5eb5046"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/svg+xml
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=61
gtm.js
www.googletagmanager.com/ 		368 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MVCHKSD
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e9826a1f68934959d0620ae63d72fc78be3967c8a8b77e432cb00df2c62b7ddf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 01:11:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109034
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 00:32:04 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 Nov 2023 01:11:17 GMT
hero-homepage-softPOS-d.webp
185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/ 		124 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/hero-homepage-softPOS-d.webp
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
549b311eefd2b2b223406c9dc24bb05bbef70069a9e37e2de12dfb0900bb7d8b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 01:11:17 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Mon, 06 Nov 2023 14:49:46 GMT
ETag
"1ef1e-6097cf71689ac"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/webp
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
126750
ico-help.svg
185.198.117.126/content/dam/nexinew/icone/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://185.198.117.126/content/dam/nexinew/icone/ico-help.svg
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
ec38a7e65969ef0b1b4e200c9da6432906fd95aca5813ad64b71c0ade5c97eea
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 01:11:17 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Mon, 06 Nov 2023 14:49:35 GMT
ETag
"253a-6097cf6718154"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/svg+xml
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=60
clientlib-site.js
185.198.117.126/etc.clientlibs/nexinew/clientlibs/ 		838 KB
839 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site.js
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
56ac942979d04a52ea5050844008158594c1538eaaf42b227fac43efb9069242
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 01:11:17 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Mon, 30 Oct 2023 14:14:20 GMT
ETag
"d193b-608efa78161d8"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/javascript
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
858427
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Ld7ALUZAAAAAK4iDeutbuh9DdH-o4dwFyb6FGIP
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f736d18a240ae0c20465a937c6a0f60ba59976d7fd1ad8146031c081dae75a71
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 01:11:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 09 Nov 2023 01:11:17 GMT
truncated
/ 		64 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f15939181132a8ea3a1798da2a751abff0c0ffd3efae80b7229a921edc4f90b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/svg+xml
loader.js
sdk.privacy-center.org/3b629be4-eb58-4096-bdbb-615b2c83c816/ 		1 KB
986 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/3b629be4-eb58-4096-bdbb-615b2c83c816/loader.js?target=185.198.117.126
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:200:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
54d18613d2ee6260011abf54428f9c890f2a3f10d3bb7809fa3e072f8bd3dd6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 01:11:17 GMT
content-encoding
gzip
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
x-didomi-remote-config-source
Lambda
server
CloudFront
x-amz-cf-pop
FRA60-P3
etag
"2b15e8b68bc0be9294860d1c2a1072dc"
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=60, public
content-length
625
x-amz-cf-id
g7heFOyk0UYzaezqBvlC2JHL8yz5KE6FMkZq2tWKKixkGRYpvDvv-Q==
app.js
acsbapp.com/apps/app/dist/js/ 		284 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acsbapp.com/apps/app/dist/js/app.js
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e37b6236de2228f948d96e8ea8b9cb4918e5e6ef41ac98dc101c35a7cc829bcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 01:11:17 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-guploader-uploadid
ABPtcPqPHQFnHzPHlA1KH07aTq2DWBqxHWVX107NEcNF9MAnD7JTbw_AjsitlW_i0yD26V0-mIDI3LS8Gub05kIJG6stlQ
x-goog-storage-class
STANDARD
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
last-modified
Wed, 01 Nov 2023 15:10:10 GMT
server
cloudflare
etag
W/"97bfff7aea1cd7e888867c79c9a6c4bf"
vary
Accept-Encoding
x-goog-generation
1698851410058067
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-goog-hash
crc32c=rGYJ/g==, md5=l7//euoc1+iIhnx5yabEvw==
access-control-expose-headers
*
cache-control
public, max-age=300, must-revalidate
x-goog-stored-content-length
291098
cf-ray
82322e4e987890f4-FRA
expires
Fri, 08 Nov 2024 01:11:17 GMT
KarbonAppMedium.woff2
185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/karbon/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/karbon/KarbonAppMedium.woff2
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
87526f6a2177902e89ac67e69e6152671d38625024ae399ce3ba149599614bb9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site.css
Origin
https://185.198.117.126
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 01:11:17 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Mon, 30 Oct 2023 14:14:24 GMT
ETag
"9a74-608efa7ba78ba"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, HEAD
Content-Type
font/woff2
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=59
nexinew.ttf
185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/nexinew/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/nexinew/nexinew.ttf
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
624e6aea92d5b0aeb5aef3f027176488ee3b0cbb561a4666050d43f089775d7d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site.css
Origin
https://185.198.117.126
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 01:11:17 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Mon, 30 Oct 2023 14:14:22 GMT
ETag
"4ddc-608efa79dec23"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/font-sfnt
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
19932
KarbonApp.woff2
185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/karbon/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/karbon/KarbonApp.woff2
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
53192495ec43c0d10022eb2fecefd9bd2967f56dab0fd98d3a3d5831422f7323
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site.css
Origin
https://185.198.117.126
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 01:11:17 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Mon, 30 Oct 2023 14:14:21 GMT
ETag
"9e2c-608efa793d48e"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, HEAD
Content-Type
font/woff2
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
40492
KarbonAppSemibold.woff2
185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/karbon/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/karbon/KarbonAppSemibold.woff2
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
83e9a25bc3d65aa88a683b34f650213f0c74e657b29436a37ef138c2ea689dda
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site.css
Origin
https://185.198.117.126
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 01:11:17 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Mon, 30 Oct 2023 14:14:24 GMT
ETag
"9b3c-608efa7bbbcf2"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, HEAD
Content-Type
font/woff2
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=58
js
www.googletagmanager.com/gtag/ 		262 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2EQBRC1CMY&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MVCHKSD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8d5fab0de102607fd31bf4615488f710737bce2ed7a6a3c3bad89604ca384254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 01:11:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89958
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 09 Nov 2023 01:11:17 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ 		470 KB
189 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Ld7ALUZAAAAAK4iDeutbuh9DdH-o4dwFyb6FGIP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7da2c78aebbd6e2db645e5b97424ed43196e116ef824980565996bdc513550a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://185.198.117.126/
Origin
https://185.198.117.126
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 21:01:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14966
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192495
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 03:03:27 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Nov 2024 21:01:51 GMT
sdk.a07d2e5a02351d5fe385aed1b1477780304e5eac.js
sdk.privacy-center.org/sdk/a07d2e5a02351d5fe385aed1b1477780304e5eac/modern/ 		336 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/a07d2e5a02351d5fe385aed1b1477780304e5eac/modern/sdk.a07d2e5a02351d5fe385aed1b1477780304e5eac.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/3b629be4-eb58-4096-bdbb-615b2c83c816/loader.js?target=185.198.117.126
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:200:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c56a323524db119eb8bab18eb3f720cf9abe4932f4de18eaa4945c18f2c1c518

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 13:41:08 GMT
content-encoding
gzip
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
last-modified
Wed, 08 Nov 2023 13:40:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
41410
etag
W/"c87829d8370346ad5729c80371600834-1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
13ei9xQs_GFjnUy4zQivHFbAXii6mEbw0M9Do3ZgyqLU3VH93co22A==
anchor
www.google.com/recaptcha/api2/ Frame 5625 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld7ALUZAAAAAK4iDeutbuh9DdH-o4dwFyb6FGIP&co=aHR0cHM6Ly8xODUuMTk4LjExNy4xMjY6NDQz&hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=d0nih235235l
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
efcd566d5014a572ce297734b78799fee6d2d929cb6abb3d71d83a4251a98165
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2Ci3t2OM0szMXl-z2p1HXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://185.198.117.126/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-2Ci3t2OM0szMXl-z2p1HXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 01:11:17 GMT
expires
Thu, 09 Nov 2023 01:11:17 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
landing
pagead2.googlesyndication.com/pagead/ 		42 B
455 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/landing?gcs=G101&gcd=11q1t1l1l5&rnd=422498811.1699492278&url=https%3A%2F%2F185.198.117.126%2Fit&dma_cps=sypham&dma=1&gtm=45He3b60n81MVCHKSDv841327514
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MVCHKSD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 01:11:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame 5625 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld7ALUZAAAAAK4iDeutbuh9DdH-o4dwFyb6FGIP&co=aHR0cHM6Ly8xODUuMTk4LjExNy4xMjY6NDQz&hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=d0nih235235l
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 21:51:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11992
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 03:03:27 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Nov 2024 21:51:25 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame 5625 		470 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld7ALUZAAAAAK4iDeutbuh9DdH-o4dwFyb6FGIP&co=aHR0cHM6Ly8xODUuMTk4LjExNy4xMjY6NDQz&hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=d0nih235235l
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7da2c78aebbd6e2db645e5b97424ed43196e116ef824980565996bdc513550a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 21:01:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14966
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192495
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 03:03:27 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Nov 2024 21:01:51 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 5625 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 00:18:29 GMT
x-content-type-options
nosniff
age
521569
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Fri, 10 Nov 2023 00:18:29 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5625 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld7ALUZAAAAAK4iDeutbuh9DdH-o4dwFyb6FGIP&co=aHR0cHM6Ly8xODUuMTk4LjExNy4xMjY6NDQz&hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=d0nih235235l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 02:58:03 GMT
x-content-type-options
nosniff
age
425595
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Nov 2024 02:58:03 GMT
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-2EQBRC1CMY&gtm=45je3b60v876108219z8841327514&_p=1699492277016&gcs=G101&gcd=11q1t1l1l5&dma_cps=sypham&dma=1&tt=external&ir=0&cid=1998596615.1699492278&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=%2Fit&sid=1699492277&sct=1&seg=0&dl=https%3A%2F%2F185.198.117.126%2Fit&en=page_view&_fv=1&_nsi=1&_ss=1&epn.is_internal_traffic=0&epn.device_pixel_ratio=1&ep.navigation_type=navigate&ep.new_tab=new&epn.redirect_count=0&epn.tab_count=1&ep.tab_id=9cbb0ebd-56ae-46c6-a6f3-9aa34a70ffd4&ep.container_id=GTM-MVCHKSD&epn.is_nb_customer=0&ep.connection_speed=4g&epn.cookies_bytes=185&epn.from_virtual_agent=0&epn.cookie_didomi_ready=0&ep.container_version=209&tfd=1387
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2EQBRC1CMY&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 01:11:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://185.198.117.126
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cxbus.min.js
apps.mypurecloud.ie/widgets/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.mypurecloud.ie/widgets/cxbus.min.js
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.88.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-88-247.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c6effbed30ae0b7219fd6e4a1b6a55755673ef6ee43ce88ad8c9154e51418c41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 01:11:18 GMT
content-encoding
gzip
x-amz-version-id
JjdF.iulD_iEtT.bUb23TXWz1m5Y2dSm
last-modified
Mon, 26 Jun 2023 11:23:03 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-request-id
BZPCC6E727G26Y6C
etag
"15e290c6392b7f9f12f9d72ed3a6506a"
content-type
text/javascript
cache-control
max-age=0, no-cache
content-length
6977
x-amz-id-2
vWuySrkHh8kuBoqXydJj5Om8eDvQMzngsIdShTfuB4qnbytrhRS4bqBz3NsVtmhmqkBx0C+omis=
it.help.json
185.198.117.126/content/nexinew/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://185.198.117.126/content/nexinew/it.help.json
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
98366494099531830eeb14c92bc8ac1c439dd4fcdeb4d29d037c3711a52e7b65
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 01:11:18 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Thu, 09 Nov 2023 01:07:14 GMT
ETag
"9d7-609add30095be"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/json
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
2519
box-homepage-xpay-t2.jpg
185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/ 		50 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/box-homepage-xpay-t2.jpg
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
c17f878ae793a40897602eb19a492ecdf452cbf9cfe287cb332705bda5322167
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 01:11:18 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Mon, 06 Nov 2023 14:49:48 GMT
ETag
"c98e-6097cf7358b55"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/jpeg
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
box-micropagamenti-homepage-t.jpg
185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/ 		115 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/box-micropagamenti-homepage-t.jpg
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
a82b5532e47a5ee41f5300a9870e0c058c76bdd98a7c343d3c307a5afb60a47d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 01:11:18 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Mon, 06 Nov 2023 14:49:37 GMT
ETag
"1cc6b-6097cf691a265"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/jpeg
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=56
box-homepage-mini-t.jpg
185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/ 		98 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/box-homepage-mini-t.jpg
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
caee837fd54982b27358c60b5430229ab220a73ab4f16e49aa83a38b8cf0f074
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 01:11:18 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Mon, 06 Nov 2023 14:49:47 GMT
ETag
"18981-6097cf72e2263"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/jpeg
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
100737
chat.conf.js
185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-chatbot/resources/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-chatbot/resources/chat.conf.js
Requested by
Host: apps.mypurecloud.ie
URL: https://apps.mypurecloud.ie/widgets/cxbus.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
b081593308bfd41d87922bc15de84aba4e5c21d8f42bd8593339edb6c6b03cd0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 01:11:18 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Mon, 30 Oct 2023 14:14:21 GMT
ETag
"19fe-608efa786d086"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/javascript
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=89
Content-Length
6654
widgets-core.min.js
apps.mypurecloud.com/widgets/9.0.017.06/plugins/ 		374 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.mypurecloud.com/widgets/9.0.017.06/plugins/widgets-core.min.js
Requested by
Host: apps.mypurecloud.ie
URL: https://apps.mypurecloud.ie/widgets/cxbus.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.156.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-156-183.compute-1.amazonaws.com
Software
nginx /
Resource Hash
277d580f0cd80ebd1c02fd14e1112aee45d6c3f1deb38dbfd0e8bef970f56c2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 01:11:19 GMT
content-encoding
gzip
x-amz-version-id
sNSaqInlZw24bK6kxbMy6zRCGNOYx6Jg
last-modified
Thu, 20 Aug 2020 19:39:23 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-request-id
KGHSHKB1CPVH66ZX
etag
"c628f4a51576c80a45e13461dd41bb65"
content-type
text/javascript
cache-control
max-age=0, no-cache
content-length
115520
x-amz-id-2
a23qdwsw3P/cSA5Op/ecTLxHKosQNdaFq0sC64sIhZqoAeyyeSrcpMC5eaIe4MNpIsoRQXS+AIQ=
widgets-it.i18n.json
185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-chatbot/resources/ 		21 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-chatbot/resources/widgets-it.i18n.json
Requested by
Host: apps.mypurecloud.com
URL: https://apps.mypurecloud.com/widgets/9.0.017.06/plugins/widgets-core.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software
/
Resource Hash
e8233a285da75fd3395105c83b8342cd828fdbf4f9ea741300e3927cdf0c0c35
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://185.198.117.126/it
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 01:11:19 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Mon, 30 Oct 2023 14:14:22 GMT
ETag
"5474-608efa79846d3"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/json
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
21620
webchat.min.js
apps.mypurecloud.com/widgets/9.0.017.06/plugins/ 		120 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.mypurecloud.com/widgets/9.0.017.06/plugins/webchat.min.js
Requested by
Host: apps.mypurecloud.ie
URL: https://apps.mypurecloud.ie/widgets/cxbus.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.156.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-156-183.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7868fcedcf56c4b7b929da3bb3738c2476aaa349498103b7ac308c3724f2efb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 01:11:20 GMT
content-encoding
gzip
x-amz-version-id
I8r9IWjlAwme6kGXcvwZtThDXcvWYQhV
last-modified
Thu, 20 Aug 2020 19:39:23 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-request-id
XBXXD41WDSDPXCN2
etag
"48cbcd6f99f8f2301f9835cd67756e27"
content-type
text/javascript
cache-control
max-age=0, no-cache
content-length
32958
x-amz-id-2
zRfyNGEgQy0snV2ZN97Kkr1WTcDOdJdM4XfqkKNDWnAZUR9SI/bfle8Oi8zNQnR1Hst/EhEKeR8=
richmediabridge.min.js
apps.mypurecloud.com/widgets/9.0.017.06/plugins/ 		77 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.mypurecloud.com/widgets/9.0.017.06/plugins/richmediabridge.min.js
Requested by
Host: apps.mypurecloud.ie
URL: https://apps.mypurecloud.ie/widgets/cxbus.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.156.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-156-183.compute-1.amazonaws.com
Software
nginx /
Resource Hash
9f0f857a31f056484b7a7a6486f84a2b8bc7fd551e825e968d2527f1bd28677c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 01:11:20 GMT
content-encoding
gzip
x-amz-version-id
IMIicDamFGxbMPKPpl8uycurEy7omy_h
last-modified
Thu, 20 Aug 2020 19:39:23 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-request-id
XBXTATEXQ6CZ69AS
etag
"9b37619d557157ff17bf07ccbbdd37ee"
content-type
text/javascript
cache-control
max-age=0, no-cache
content-length
22301
x-amz-id-2
yHfxVB2kJDdsMZgeHuhxMXJXm8jhwv7SKm8BDRPAifI1viebvXdREIFV7qh7tai8JauDQw3XLAY=
webchatservice.min.js
apps.mypurecloud.com/widgets/9.0.017.06/plugins/ 		649 B
1014 B 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.mypurecloud.com/widgets/9.0.017.06/plugins/webchatservice.min.js
Requested by
Host: apps.mypurecloud.ie
URL: https://apps.mypurecloud.ie/widgets/cxbus.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.156.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-156-183.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f088650e838facc2134a418e8b0a1f1e4ec30a593ab24c56d91a7281ff7df1c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 01:11:20 GMT
x-amz-version-id
jJfv2IEwbzrhl82XxQczlICOAZExJG96
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 20 Aug 2020 19:39:23 GMT
server
nginx
x-amz-request-id
XBXN3EG80NRCB089
etag
"4877fdb51b5ae81b286e1b6e2fde69ff"
content-type
text/javascript
cache-control
max-age=0, no-cache
content-length
649
x-amz-id-2
XgTsurxLrFrM7h9Itrtq2IcZRO4FN0yzxyYPly8zzqBk/qdTZHvXhB4epKqnIWPKq4Itzwqx6hM=
webchatservicelegacy.mod.js
apps.mypurecloud.com/widgets/9.0.017.06/plugins/ 		63 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.mypurecloud.com/widgets/9.0.017.06/plugins/webchatservicelegacy.mod.js
Requested by
Host: apps.mypurecloud.ie
URL: https://apps.mypurecloud.ie/widgets/cxbus.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.156.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-156-183.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d05b19db324ae8ce48fdda064c33ba463f3bcdd20117552b4e9a019e89fdd63d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 01:11:20 GMT
content-encoding
gzip
x-amz-version-id
Bb4kSLxGmNMKUSTFexpQJZT8immlY.DW
last-modified
Thu, 20 Aug 2020 19:39:23 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-request-id
XBXTW5QMS5ATNA71
etag
"0984a5d27e9f5a159c17e72ccbe996a0"
content-type
text/javascript
cache-control
max-age=0, no-cache
content-length
19515
x-amz-id-2
T4+ltnyWXlVvzqjMZA5hDdT6B3UD4gGDYd1mRlV00zd/KDZra5QWAbK1VRC0XhE5sT9JCbNzxco=

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Nexi (Banking)

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| dataLayer object| nexinew object| Evergage string| VE_CUSTOM_EVENT_NAME string| TO_LAUNCHER_MESSAGE_TYPE string| TO_LAUNCHER_PAYLOAD_TYPE object| eventLinkId object| evgr function| sendMessageToEvergageLauncher number| evergageBeaconParseTimeStart object| SalesforceInteractions number| evergageBeaconParseTimeEnd function| render function| $ function| jQuery boolean| gdprAppliesGlobally object| chatUtilities object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| didomiEventListeners object| didomiOnReady object| nodeList function| onYouTubeIframeAPIReady object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client string| didomiCountry object| didomiRegion object| didomiGeoRegulations object| webpackChunkaccess_widget object| pure_JSON object| pure_CSS function| pure_URL function| pure_fetch function| pure_Set function| pure_Map object| AJS object| acsbJS object| AccessiBe object| acsb object| webpackChunkDidomi object| Didomi object| recaptcha object| closure_lm_726618 function| __tcfapi object| DidomiSanitizing object| didomiState object| gaGlobal object| regeneratorRuntime object| picturefillCFG function| picturefill function| clearImmediate function| setImmediate boolean| VimeoPlayerResizeEmbeds_ boolean| VimeoSeoMetadataAppended boolean| VimeoCheckedUrlTimeParam object| thePicker object| deviceBreakpoints function| webpackHotUpdate object| CXBus object| _genesys object| _gt function| widgetsJsonpFunction function| pure_addEventListener function| pure_removeEventListener

5 Cookies

Domain/Path Name / Value
185.198.117.126/ Name: TS0168694d
Value: 01d37309fcc15f383d72644a2ddec11be9d9ce919c4f44d339eab44a5df87cba5febc994be3ebdd35616791a645553e68f6cea0f7e
185.198.117.126/ Name: _sfid_f19e
Value: {%22anonymousId%22:%22068960bccc5032e9%22}
185.198.117.126/ Name: _evga_bdf8
Value: {%22uuid%22:%22068960bccc5032e9%22}
185.198.117.126/ Name: _ga
Value: GA1.1.1998596615.1699492278
185.198.117.126/ Name: _ga_2EQBRC1CMY
Value: GS1.1.1699492277.1.0.1699492279.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acsbapp.com
ajax.googleapis.com
apps.mypurecloud.com
apps.mypurecloud.ie
cdn.evgnet.com
fonts.gstatic.com
pagead2.googlesyndication.com
region1.google-analytics.com
sdk.privacy-center.org
www.google.com
www.googletagmanager.com
www.gstatic.com
151.101.192.114
185.198.117.126
2001:4860:4802:32::36
2600:9000:2251:200:5:b7cc:d3c0:93a1
2606:4700:10::6816:1cc
2a00:1450:4001:806::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:828::2002
2a00:1450:4001:828::2008
2a00:1450:4001:831::2003
3.230.156.183
34.249.88.247
03c5709062dc9c301693a8af2f51051a491290f9f3c74a6f9ed20f72a9ecffbf
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
277d580f0cd80ebd1c02fd14e1112aee45d6c3f1deb38dbfd0e8bef970f56c2f
2bef6e7b4bd23a7009ddf29a2896bbdc7e25a365b501b2c34b5fd42917e12337
36fc471f184f437b71be54a4638ea5c2cba4efbb4052960c4e6cba28baa736dc
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f15939181132a8ea3a1798da2a751abff0c0ffd3efae80b7229a921edc4f90b
4c399d83f036f296ac9cdc6cbb47af8f77b8892218b7c0ae7c26b292f4eddd08
53192495ec43c0d10022eb2fecefd9bd2967f56dab0fd98d3a3d5831422f7323
549b311eefd2b2b223406c9dc24bb05bbef70069a9e37e2de12dfb0900bb7d8b
54d18613d2ee6260011abf54428f9c890f2a3f10d3bb7809fa3e072f8bd3dd6a
56ac942979d04a52ea5050844008158594c1538eaaf42b227fac43efb9069242
624e6aea92d5b0aeb5aef3f027176488ee3b0cbb561a4666050d43f089775d7d
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7868fcedcf56c4b7b929da3bb3738c2476aaa349498103b7ac308c3724f2efb8
7da2c78aebbd6e2db645e5b97424ed43196e116ef824980565996bdc513550a5
7e8acc5f09a6c0b4c00255f30912ab370a6fadc35300404134df3093423a4022
83e9a25bc3d65aa88a683b34f650213f0c74e657b29436a37ef138c2ea689dda
87526f6a2177902e89ac67e69e6152671d38625024ae399ce3ba149599614bb9
8d5fab0de102607fd31bf4615488f710737bce2ed7a6a3c3bad89604ca384254
98366494099531830eeb14c92bc8ac1c439dd4fcdeb4d29d037c3711a52e7b65
9f0f857a31f056484b7a7a6486f84a2b8bc7fd551e825e968d2527f1bd28677c
a82b5532e47a5ee41f5300a9870e0c058c76bdd98a7c343d3c307a5afb60a47d
b081593308bfd41d87922bc15de84aba4e5c21d8f42bd8593339edb6c6b03cd0
c17f878ae793a40897602eb19a492ecdf452cbf9cfe287cb332705bda5322167
c56a323524db119eb8bab18eb3f720cf9abe4932f4de18eaa4945c18f2c1c518
c6effbed30ae0b7219fd6e4a1b6a55755673ef6ee43ce88ad8c9154e51418c41
caee837fd54982b27358c60b5430229ab220a73ab4f16e49aa83a38b8cf0f074
d05b19db324ae8ce48fdda064c33ba463f3bcdd20117552b4e9a019e89fdd63d
d86ec2a944464d4150d40a139261c2e2c25b230ae43dfaaf70f49e22b252a54d
e37b6236de2228f948d96e8ea8b9cb4918e5e6ef41ac98dc101c35a7cc829bcc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8233a285da75fd3395105c83b8342cd828fdbf4f9ea741300e3927cdf0c0c35
e9826a1f68934959d0620ae63d72fc78be3967c8a8b77e432cb00df2c62b7ddf
ec38a7e65969ef0b1b4e200c9da6432906fd95aca5813ad64b71c0ade5c97eea
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efcd566d5014a572ce297734b78799fee6d2d929cb6abb3d71d83a4251a98165
f088650e838facc2134a418e8b0a1f1e4ec30a593ab24c56d91a7281ff7df1c4
f736d18a240ae0c20465a937c6a0f60ba59976d7fd1ad8146031c081dae75a71
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d