www.nexi.de Open in urlscan Pro
185.198.118.126 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://concardis.com/
Effective URL:
https://www.nexi.de/de
Submission: On May 23 via api (May 23rd 2024, 12:41:46 am UTC) from US — Scanned from DE

Summary HTTP 44 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 10 domains to perform 44 HTTP transactions. The main IP is 185.198.118.126, located in Italy and belongs to NEXI-AS, IT. The main domain is www.nexi.de.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on May 15th 2023. Valid for: a year.

This is the only time www.nexi.de was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Nexi (Banking)

Domain & IP information

	IP Address	AS Autonomous System
2 2	217.31.84.121 217.31.84.121	29140 (HOSTSERVE...) (HOSTSERVER-AS Hostserver GmbH)
1 25	185.198.118.126 185.198.118.126	35051 (NEXI-AS) (NEXI-AS)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	142.250.186.164 142.250.186.164	15169 (GOOGLE) (GOOGLE)
2	2600:9000:26e... 2600:9000:26e8:6200:5:b7cc:d3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:1cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
1	3.161.82.117 3.161.82.117	16509 (AMAZON-02) (AMAZON-02)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
3	2606:4700:10:... 2606:4700:10::ac43:b9b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
44	13

2 217.31.84.121 (Germany) 2 redirects

ASN29140 (HOSTSERVER-AS Hostserver GmbH, DE)
PTR: concardis-web3-ng.adns.de

concardis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.concardis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 185.198.118.126 (Italy) 1 redirects

ASN35051 (NEXI-AS, IT)

nexi.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.nexi.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:26e8:6200:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

sdk.privacy-center.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1cc (United States)

ASN13335 (CLOUDFLARENET, US)

acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.82.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-117.fra56.r.cloudfront.net

sdk.privacy-center.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:b9b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
accesswidget-log-receiver.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	nexi.de 1 redirects nexi.de www.nexi.de	3 MB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	532 KB
4	acsbapp.com acsbapp.com — Cisco Umbrella Rank: 3932 cdn.acsbapp.com — Cisco Umbrella Rank: 4124 accesswidget-log-receiver.acsbapp.com — Cisco Umbrella Rank: 41248	95 KB
3	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 ade.googlesyndication.com — Cisco Umbrella Rank: 317	940 B
3	privacy-center.org sdk.privacy-center.org — Cisco Umbrella Rank: 4501	162 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	973 B
2	concardis.com 2 redirects concardis.com www.concardis.com	707 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2533	252 B
1	gstatic.com www.gstatic.com	207 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 380	31 KB
44	10

	Domain	Requested by
24	www.nexi.de	www.nexi.de
6	www.googletagmanager.com	www.nexi.de www.googletagmanager.com
3	sdk.privacy-center.org	www.nexi.de sdk.privacy-center.org
2	ade.googlesyndication.com	1 redirects www.nexi.de
2	acsbapp.com	www.nexi.de acsbapp.com
2	www.google.com	www.nexi.de www.gstatic.com
1	accesswidget-log-receiver.acsbapp.com	acsbapp.com
1	region1.google-analytics.com	www.googletagmanager.com
1	cdn.acsbapp.com	acsbapp.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	ajax.googleapis.com	www.nexi.de
1	nexi.de	1 redirects
1	www.concardis.com	1 redirects
1	concardis.com	1 redirects
44	15

This site contains links to these domains. Also see Links.

Domain
accessibe.com
apps.apple.com
play.google.com
www.nexigroup.com
lp.nexi.de
nexigroup.whistleblowernetwork.net
www.facebook.com
www.youtube.com
twitter.com
www.linkedin.com
www.xing.com

Subject Issuer	Validity	Valid
www.nexi.de GlobalSign RSA OV SSL CA 2018	`2023-05-15` - `2024-06-15`	a year	crt.sh
upload.video.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.privacy-center.org Amazon RSA 2048 M03	`2024-03-10` - `2025-04-07`	a year	crt.sh
acsbapp.com GTS CA 1P5	`2024-04-22` - `2024-07-21`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.nexi.de/de
Frame ID: 3A60141B1DD514E89137C1F1E7E39F9C
Requests: 44 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld7ALUZAAAAAK4iDeutbuh9DdH-o4dwFyb6FGIP&co=aHR0cHM6Ly93d3cubmV4aS5kZTo0NDM.&hl=de&v=8k85QBI-qzxmenDv318AZH30&size=invisible&cb=d306in1a802g
Frame ID: 58067AB074EDB69E6D580C3C96982E6F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kartenzahlung annehmen - Bargeldloses Bezahlen ganz einfach.

Page URL History Show full URLs

http://concardis.com/ HTTP 307
https://concardis.com/ HTTP 301
https://www.concardis.com/ HTTP 301
https://nexi.de/de HTTP 301
https://www.nexi.de/de Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc\.clientlibs/

Didomi (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

sdk\.privacy-center\.org/.*/loader\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

44
Requests

98 %
HTTPS

54 %
IPv6

10
Domains

15
Subdomains

13
IPs

3
Countries

3713 kB
Transfer

6146 kB
Size

2
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://accessibe.com/blog/knowledgebase/screen-reader-guide
Title: Leitfaden für barrierefreie Bildschirmlesegeräte, Feedback und Fehlerberichte

Search URL Search Domain Scan URL

URL: https://apps.apple.com/de/app/mypayments-app/id1294739137
Title: Download App Store

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=eu.nets.mypayments&gl=DE
Title: Google Play

Search URL Search Domain Scan URL

URL: https://www.nexigroup.com/de/people/careers/job-openings/
Title: KARRIERE

Search URL Search Domain Scan URL

URL: https://lp.nexi.de/darstellung-der-waehrungskurse
Title: WÄHRUNGSUMRECHNER

Search URL Search Domain Scan URL

URL: https://nexigroup.whistleblowernetwork.net/frontpage
Title: Hinweisgebersystem

Search URL Search Domain Scan URL

URL: https://www.facebook.com/nexigermany

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCJ9y8d69JxduRmnUtTrotbg

Search URL Search Domain Scan URL

URL: https://twitter.com/nexigermany

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/nexi-germany/

Search URL Search Domain Scan URL

URL: https://www.xing.com/pages/nexi-germany-gmbh

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://concardis.com/ HTTP 307
https://concardis.com/ HTTP 301
https://www.concardis.com/ HTTP 301
https://nexi.de/de HTTP 301
https://www.nexi.de/de Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://ade.googlesyndication.com/ddm/activity/src=10302488;type=count0;cat=fl-co0;ord=1;num=2190814090823;npa=1;u1=https%3A%2F%2Fwww.nexi.de%2Fde;gdid=dMTc4Zm;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe45m0h2v9181784027z89105342857za201zb9105342857;gcs=G100;gcd=13p3pPp2p5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Fwww.nexi.de%2Fde HTTP 302
https://ade.googlesyndication.com/ddm/activity/src=10302488;dc_pre=CNafkoPFooYDFb0OogMdT-IINQ;type=count0;cat=fl-co0;ord=1;num=2190814090823;npa=1;u1=https%3A%2F%2Fwww.nexi.de%2Fde;gdid=dMTc4Zm;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe45m0h2v9181784027z89105342857za201zb9105342857;gcs=G100;gcd=13p3pPp2p5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Fwww.nexi.de%2Fde

44 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request de Show response
www.nexi.de/
Redirect Chain

http://concardis.com/
https://concardis.com/
https://www.concardis.com/
https://nexi.de/de
https://www.nexi.de/de

184 KB
42 KB

657ms
125ms

Document
text/html

185.198.118.126
NEXI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nexi.de/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

28da7d310ed7a61a72e4ac1b2007b9e70a7d57e746b225af447257f202fbb697

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html; charset=UTF-8
Date: Thu, 23 May 2024 00:41:35 GMT
ETag: "2ddc4-619122f1dc02e"
Last-Modified: Wed, 22 May 2024 22:09:10 GMT
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Transfer-Encoding: chunked
Vary: Accept-Encoding,Origin
X-Frame-Options: SAMEORIGIN

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Location: https://www.nexi.de/de
Server: BigIP

GET
H/1.1 200
OK clientlib-site.min.css
www.nexi.de/etc.clientlibs/nexinew/clientlibs/ 289 KB
79 KB 979ms
859ms Stylesheet
text/css 185.198.118.126
NEXI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.min.css

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

a463d7ba0746379c5637c7bde2b988eb8966123424ee92c01081652ebaeb45f4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 23 May 2024 00:41:35 GMT
Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
Last-Modified: Tue, 23 Apr 2024 21:21:55 GMT
ETag: "482bc-616ca24b69770"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding,Origin
Content-Type: text/css
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=300, public
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 196ms
101ms Script
text/javascript 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 14:15:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 123990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 May 2025 14:15:05 GMT

GET
H/1.1 200
OK nexi-logo-white.svg
www.nexi.de/content/dam/nexinew/icone/ 2 KB
3 KB 1468ms
1347ms Image
image/svg+xml 185.198.118.126
NEXI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nexi.de/content/dam/nexinew/icone/nexi-logo-white.svg

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

4c399d83f036f296ac9cdc6cbb47af8f77b8892218b7c0ae7c26b292f4eddd08

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 23 May 2024 00:41:35 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Tue, 23 Apr 2024 21:17:54 GMT
ETag: "72c-616ca1658926f"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding,Origin
Content-Type: image/svg+xml
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=300, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1836

GET
H/1.1 200
OK nexi-logo-dark.svg
www.nexi.de/content/dam/nexinew/icone/ 2 KB
3 KB 1478ms
1350ms Image
image/svg+xml 185.198.118.126
NEXI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nexi.de/content/dam/nexinew/icone/nexi-logo-dark.svg

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

2bef6e7b4bd23a7009ddf29a2896bbdc7e25a365b501b2c34b5fd42917e12337

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 23 May 2024 00:41:35 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Tue, 23 Apr 2024 21:18:15 GMT
ETag: "8fa-616ca1797d254"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding,Origin
Content-Type: image/svg+xml
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=300, public
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 350 KB
110 KB 486ms
72ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M7T2WFJ

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2499da38e44e9fd4d3b7cf3ce2300ddf2cee7d6556693c1abf1a7f18f6214dd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 00:41:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112465
x-xss-protection: 0
last-modified: Thu, 23 May 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 May 2024 00:41:37 GMT

GET
H/1.1 200
OK Angebot_0EUR-Terminalmiete.webp
www.nexi.de/content/dam/nexide/img/nexi-de-test/herobanner/ 68 KB
69 KB 95ms
93ms Image
image/webp 185.198.118.126
NEXI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nexi.de/content/dam/nexide/img/nexi-de-test/herobanner/Angebot_0EUR-Terminalmiete.webp

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

1e520757436f2a4a74e17083fc9b565edbde01b7ce2ac08d6355ae8e0cf2e17f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 23 May 2024 00:41:36 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Tue, 23 Apr 2024 21:19:54 GMT
ETag: "10ed0-616ca1d845a93"
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: image/webp
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 69328

GET
H/1.1 200
OK eCom_Home.webp
www.nexi.de/content/dam/nexide/img/nexi-de-test/herobanner/ 66 KB
67 KB 178ms
175ms Image
image/webp 185.198.118.126
NEXI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nexi.de/content/dam/nexide/img/nexi-de-test/herobanner/eCom_Home.webp

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

68844220938760928ab8c74d8f7dc64d398167ad47455bb0be5895b56beae3ff

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 23 May 2024 00:41:36 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Tue, 23 Apr 2024 21:22:54 GMT
ETag: "10978-616ca283e894b"
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: image/webp
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 67960

GET
H/1.1 200
OK MyPaymentsApp.webp
www.nexi.de/content/dam/nexide/img/nexi-de-test/herobanner/ 28 KB
28 KB 170ms
163ms Image
image/webp 185.198.118.126
NEXI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nexi.de/content/dam/nexide/img/nexi-de-test/herobanner/MyPaymentsApp.webp

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

dbc19c319db65c1a8c3556c7f115338d3e40794e8bd06928ddaefe45f80f86e3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 23 May 2024 00:41:36 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Tue, 23 Apr 2024 21:20:07 GMT
ETag: "6e14-616ca1e4bd4d3"
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: image/webp
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK apple_AppStore.webp
www.nexi.de/content/dam/nexide/img/nexi-de-test/mypaymentsapp/ 2 KB
3 KB 333ms
86ms Image
image/webp 185.198.118.126
NEXI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nexi.de/content/dam/nexide/img/nexi-de-test/mypaymentsapp/apple_AppStore.webp

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

f0208b5ec10ee5ae4b97615ac8ee6d69d0fdc04616df544194731bce4db3dbb6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 23 May 2024 00:41:37 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Tue, 23 Apr 2024 21:35:06 GMT
ETag: "88e-616ca53deae8c"
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: image/webp
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK google-play-badge.webp
www.nexi.de/content/dam/nexide/img/nexi-de-test/mypaymentsapp/ 3 KB
3 KB 407ms
110ms Image
image/webp 185.198.118.126
NEXI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nexi.de/content/dam/nexide/img/nexi-de-test/mypaymentsapp/google-play-badge.webp

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

ee493db8f1bdaedc48fd9bb5b4d52cccb023d296f0ad9956227d1e51e926e26f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 23 May 2024 00:41:37 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Tue, 23 Apr 2024 21:20:02 GMT
ETag: "a88-616ca1df7ff85"
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: image/webp
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2696

GET
H/1.1 200
OK Blog_Kopie-eines-Kassenschnitts-drucken.webp
www.nexi.de/content/dam/nexiat/img/blog/ 34 KB
35 KB 91ms
91ms Image
image/webp 185.198.118.126
NEXI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nexi.de/content/dam/nexiat/img/blog/Blog_Kopie-eines-Kassenschnitts-drucken.webp

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

ffa0d73df7be6de65c415956a96727b4f6b4bd6bc176c25d9fb2a5fb3458f5ad

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 23 May 2024 00:41:37 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Tue, 23 Apr 2024 21:21:10 GMT
ETag: "89d6-616ca220957cb"
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: image/webp
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35286

GET
H/1.1 200
OK Ganz-entspannt.webp
www.nexi.de/content/dam/nexide/img/nexi-de-test/blog/webp/ 958 KB
959 KB 179ms
179ms Image
image/webp 185.198.118.126
NEXI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nexi.de/content/dam/nexide/img/nexi-de-test/blog/webp/Ganz-entspannt.webp

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

f80a687af1632efb2cf19618deadf28d35c5923ba966aff098232210d40ca5cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 23 May 2024 00:41:37 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Tue, 23 Apr 2024 21:21:55 GMT
ETag: "ef84c-616ca24bb35e2"
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: image/webp
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 981068

GET
H/1.1 200
OK Blog_E-Commercer-Report-2022.jpg
www.nexi.de/content/dam/nexide/img/nexi-de-test/blog/ 97 KB
98 KB 86ms
85ms Image
image/jpeg 185.198.118.126
NEXI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nexi.de/content/dam/nexide/img/nexi-de-test/blog/Blog_E-Commercer-Report-2022.jpg

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

020f3c7edd3e41a404743a62b1c130484d4b687e08f7d4c813f1b6e222740071

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 23 May 2024 00:41:37 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Tue, 23 Apr 2024 21:19:54 GMT
ETag: "18264-616ca1d863001"
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: image/jpeg
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=300, public
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK clientlib-site.min.js Show response
www.nexi.de/etc.clientlibs/nexinew/clientlibs/ 838 KB
839 KB 102ms
102ms Script
application/javascript 185.198.118.126
NEXI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.min.js

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

56ac942979d04a52ea5050844008158594c1538eaaf42b227fac43efb9069242

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 23 May 2024 00:41:37 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Tue, 23 Apr 2024 21:16:40 GMT
ETag: "d193b-616ca11ee825a"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding,Origin
Content-Type: application/javascript
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=300, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 858427

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
973 B 468ms
55ms Script
text/javascript 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Ld7ALUZAAAAAK4iDeutbuh9DdH-o4dwFyb6FGIP

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/de

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f4.1e100.net

Software

GSE /

Resource Hash

7e5006fbc7ec4e982dfefe230e49021bdaa817265abc0960642371733259ee82

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 00:41:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 23 May 2024 00:41:37 GMT

GET
H/1.1 200
OK 1 Show response
www.nexi.de/g78f9/in/935ef7e4b517e683e7fcb8899309191e/2/ 0
832 B 92ms
74ms Script
text/plain 185.198.118.126
NEXI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nexi.de/g78f9/in/935ef7e4b517e683e7fcb8899309191e/2/1?t=1716424825
Requested by: Host: www.nexi.de
URL: https://www.nexi.de/de
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Expires: 0
Pragma: no-cache
Date: Thu, 23 May 2024 00:41:36 GMT
Cache-Control: no-cache, no-store, proxy-revalidate, no-transform, must-revalidate
Content-Length: 0
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f15939181132a8ea3a1798da2a751abff0c0ffd3efae80b7229a921edc4f90b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 loader.js Show response
sdk.privacy-center.org/3b629be4-eb58-4096-bdbb-615b2c83c816/ 55 KB
20 KB 460ms
50ms Script
application/javascript 2600:9000:26e8:6200:5:b7cc:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/3b629be4-eb58-4096-bdbb-615b2c83c816/loader.js?target=www.nexi.de
Requested by: Host: www.nexi.de
URL: https://www.nexi.de/de
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26e8:6200:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f4f98335eea86d39da6de2a0913ffdbf50ce1288427f9780731e6bd53f0807ac

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 00:20:26 GMT
content-encoding: br
x-didomi-remote-config-metadata: multiReg:true;legacyGlobalGdpr:true
via: 1.1 54458302557dcee9766f255184a02288.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P10
age: 1271
x-amzn-requestid: 5fb86544-234c-4d3c-847f-35c180bde1c8
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-didomi-configs-version: 106
x-amzn-trace-id: root=1-664dfdfd-121a32235b1ecb7656119a3d;parent=2a9cc9dc8a2bd7bd;sampled=0;lineage=eaae1266:0
etag: W/"a45e39322efd682a69459980eb1679fd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=7200, public
x-amz-cf-id: ilKXEc-0RpWaDxfKz03iMZwJpBt3wA5KxMco7ELd2xsZ7ShBQ0fjXg==

GET
H2 200 app.js Show response
acsbapp.com/apps/app/dist/js/ 302 KB
92 KB 590ms
180ms Script
application/javascript 2606:4700:10::6816:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/app.js
Requested by: Host: www.nexi.de
URL: https://www.nexi.de/de
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ee832cf3968ff64c5c8dfb0bd8fba5e2583d727b28c89f71b3664351dce1389

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 00:41:37 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABPtcPpb1R6XZt0ZwpHfLBB_L_PBHLgn2vg6Urqqty9vhRDsrXr-6i39eDLp3nr0rNmXT81nuMGtTOH6sQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
last-modified: Mon, 20 May 2024 08:50:31 GMT
server: cloudflare
etag: W/"4fb2d5fc8e45743cec5f037e396ebafb"
vary: Accept-Encoding
x-goog-hash: crc32c=/vk9nQ==, md5=T7LV/I5FdDzsXwN+OW66+w==
x-goog-generation: 1716195031157350
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=300, must-revalidate
x-goog-stored-content-length: 309243
access-control-expose-headers: *
cf-ray: 888100584eb768fd-FRA
expires: Fri, 23 May 2025 00:41:37 GMT

GET
H/1.1 200
OK KarbonAppMedium.woff2
www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/karbon/ 39 KB
40 KB 263ms
234ms Font
font/woff2 185.198.118.126
NEXI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/karbon/KarbonAppMedium.woff2

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

87526f6a2177902e89ac67e69e6152671d38625024ae399ce3ba149599614bb9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.min.css
Origin: https://www.nexi.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 23 May 2024 00:41:37 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Tue, 23 Apr 2024 21:30:02 GMT
ETag: "9a74-616ca41bf916d"
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: font/woff2
Access-Control-Allow-Origin: https://www.nexi.de
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=300, public
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK nexinew.ttf
www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/nexinew/ 21 KB
22 KB 135ms
91ms Font
font/ttf 185.198.118.126
NEXI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/nexinew/nexinew.ttf

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

525ffea0234afc7e31ca14912e889ef7d13a4c2b741db7e737a1244bbd9c0b73

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.min.css
Origin: https://www.nexi.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 23 May 2024 00:41:37 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Tue, 23 Apr 2024 21:17:54 GMT
ETag: "5360-616ca1661c0ef"
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: font/ttf
Access-Control-Allow-Origin: https://www.nexi.de
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=300, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21344

GET
H/1.1 200
OK KarbonApp.woff2
www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/karbon/ 40 KB
40 KB 244ms
169ms Font
font/woff2 185.198.118.126
NEXI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/karbon/KarbonApp.woff2

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

53192495ec43c0d10022eb2fecefd9bd2967f56dab0fd98d3a3d5831422f7323

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.min.css
Origin: https://www.nexi.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 23 May 2024 00:41:37 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Tue, 23 Apr 2024 21:22:31 GMT
ETag: "9e2c-616ca26dc5034"
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: font/woff2
Access-Control-Allow-Origin: https://www.nexi.de
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=300, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40492

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/8k85QBI-qzxmenDv318AZH30/ 519 KB
207 KB 138ms
42ms Script
text/javascript 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/8k85QBI-qzxmenDv318AZH30/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Ld7ALUZAAAAAK4iDeutbuh9DdH-o4dwFyb6FGIP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e92f0b552deffbf207cee5389713056c7c3d27e4b9b9edaf29338d01a83c5962

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/
Origin: https://www.nexi.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 11:07:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 210834
x-xss-protection: 0
last-modified: Mon, 13 May 2024 17:44:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 May 2025 11:07:03 GMT

GET
H2 200 sdk.3ac22d02b65ab3c59e774f95f5cd2bbadbcec42a.js Show response
sdk.privacy-center.org/sdk/3ac22d02b65ab3c59e774f95f5cd2bbadbcec42a/modern/ 340 KB
88 KB 49ms
48ms Script
application/javascript 2600:9000:26e8:6200:5:b7cc:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/sdk/3ac22d02b65ab3c59e774f95f5cd2bbadbcec42a/modern/sdk.3ac22d02b65ab3c59e774f95f5cd2bbadbcec42a.js
Requested by: Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/3b629be4-eb58-4096-bdbb-615b2c83c816/loader.js?target=www.nexi.de
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26e8:6200:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ccf1fecbab489e1d7103159f6c74fbe2db9320ef6c56faf3527a0949b50ef006

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 13:36:59 GMT
content-encoding: br
via: 1.1 54458302557dcee9766f255184a02288.cloudfront.net (CloudFront)
last-modified: Wed, 22 May 2024 13:36:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P10
age: 39879
etag: W/"d6628306462f0c8a88ce193b9e6e9d67-1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: LhnbPZhomdqq1qCkE9JzyVAj4_EjuAQlLimNEE_VrY0oANaazpyamQ==

GET
H3 200 ui-gdpr-en-web.3ac22d02b65ab3c59e774f95f5cd2bbadbcec42a.js Show response
sdk.privacy-center.org/sdk/3ac22d02b65ab3c59e774f95f5cd2bbadbcec42a/modern/ 265 KB
55 KB 42ms
42ms Script
application/javascript 3.161.82.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/sdk/3ac22d02b65ab3c59e774f95f5cd2bbadbcec42a/modern/ui-gdpr-en-web.3ac22d02b65ab3c59e774f95f5cd2bbadbcec42a.js
Requested by: Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk/3ac22d02b65ab3c59e774f95f5cd2bbadbcec42a/modern/sdk.3ac22d02b65ab3c59e774f95f5cd2bbadbcec42a.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 3.161.82.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-117.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b3534cd8846be31faff3fbf86b8d719f55e89bbdf2543bed7a2594765726f2f6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 13:37:01 GMT
content-encoding: br
via: 1.1 9ceaac5e4cbf8702556b2c925b200af8.cloudfront.net (CloudFront)
last-modified: Wed, 22 May 2024 13:36:56 GMT
server: AmazonS3
age: 39877
x-amz-cf-pop: FRA56-P10
etag: W/"530deedfb12873f2009a1d0394122eaa-1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: SgoTGoXuis5YkUZknZ6YVSzbc7tl7bxvvqUsqGtTRcrfzDIDzPEhtw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 323 KB
106 KB 74ms
73ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZC6C4GYW78&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7T2WFJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a975d6a5bbe9c3117b33fd0ccd1e6bee30f5bb2b3d8661efc3aba07b8c32d1af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 00:41:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 108259
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 23 May 2024 00:41:37 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 232 KB
83 KB 60ms
60ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-808584846&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7T2WFJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3ba37a490ce9992db3d48745558019952ad51f2759c79ca1d4d5f6a2211a0552

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 00:41:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84830
x-xss-protection: 0
last-modified: Thu, 23 May 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 May 2024 00:41:37 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
75 KB 72ms
72ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10302488&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7T2WFJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3e3b591a29909176505de4710aad63dff37390d9da4728bb4336ba142ee48ead

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 00:41:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76917
x-xss-protection: 0
last-modified: Thu, 23 May 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 May 2024 00:41:37 GMT

POST
H3 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
64 B 156ms
51ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13p3p3p2p5&rnd=895674389.1716424898&url=https%3A%2F%2Fwww.nexi.de%2Fde&dma_cps=-&dma=1&npa=1&gtm=45He45k0n81M7T2WFJv9105342857za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7T2WFJ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 23 May 2024 00:41:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 209 KB
75 KB 107ms
107ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-10302488&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7T2WFJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a5f4dbc86da106cd972d62ec543c0d3d11a5383c4cc35ecd7f48c07f5231d0fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 00:41:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76858
x-xss-protection: 0
last-modified: Thu, 23 May 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 May 2024 00:41:37 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 232 KB
83 KB 119ms
119ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-808584846&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7T2WFJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6d0a25a5966fb0024e95bc7802a7e94e78e00fb2a7169a51fbdfa60e8dc5c5f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 00:41:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84792
x-xss-protection: 0
last-modified: Thu, 23 May 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 May 2024 00:41:37 GMT

GET
H2 200 config.json Show response
cdn.acsbapp.com/config/nexi.de/ 164 B
704 B 249ms
161ms Fetch
application/json 2606:4700:10::ac43:b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/config/nexi.de/config.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f7744b49b428848b90c08edacdf376301b5a72360d27c4b996fc4bbba70dd74

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 00:41:38 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABPtcPq9k-UaKmjlYUF6vMh1cSFseoDV4ZlemLROwCLvKrref7UktzQuPT6Wn_YJBLMNkW1rHps
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Mon, 18 Sep 2023 09:58:15 GMT
server: cloudflare
etag: W/"67b3d55b6d36201775c681d5106b9b27"
vary: Accept-Encoding
x-goog-hash: crc32c=ZtX91w==, md5=Z7PVW202IBd1xoHVEGubJw==
x-goog-generation: 1695031095097503
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=300, must-revalidate
x-goog-stored-content-length: 164
cf-ray: 8881005d5cc49a09-FRA
expires: Fri, 23 May 2025 00:41:38 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 5806 0
0 152ms
65ms Document
text/html 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld7ALUZAAAAAK4iDeutbuh9DdH-o4dwFyb6FGIP&co=aHR0cHM6Ly93d3cubmV4aS5kZTo0NDM.&hl=de&v=8k85QBI-qzxmenDv318AZH30&size=invisible&cb=d306in1a802g

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/8k85QBI-qzxmenDv318AZH30/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hh4uAsFXNx1BSt0p87T84g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.nexi.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-hh4uAsFXNx1BSt0p87T84g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 23 May 2024 00:41:38 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK KarbonAppSemibold.woff2
www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/karbon/ 39 KB
40 KB 87ms
87ms Font
font/woff2 185.198.118.126
NEXI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/karbon/KarbonAppSemibold.woff2

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

83e9a25bc3d65aa88a683b34f650213f0c74e657b29436a37ef138c2ea689dda

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site.min.css
Origin: https://www.nexi.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 23 May 2024 00:41:38 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Tue, 23 Apr 2024 21:20:05 GMT
ETag: "9b3c-616ca1e28efb1"
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: font/woff2
Access-Control-Allow-Origin: https://www.nexi.de
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=300, public
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK Zahlungen-und-noch-viel-mehr.webp
www.nexi.de/content/dam/nexide/img/nexi-de-test/banner/ 8 KB
9 KB 102ms
102ms Image
image/webp 185.198.118.126
NEXI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nexi.de/content/dam/nexide/img/nexi-de-test/banner/Zahlungen-und-noch-viel-mehr.webp

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

d1bd4bba8adc24b19bdb5b6b5b7e2c49cb4c6178c2552252c68d45f2a7061829

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 23 May 2024 00:41:38 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Tue, 23 Apr 2024 21:21:56 GMT
ETag: "204a-616ca24c37a6b"
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: image/webp
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8266

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 158ms
48ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ZC6C4GYW78&gtm=45je45m0h2v9119449089z89105342857za200zb9105342857&_p=1716424895435&gcs=G100&gcd=13p3pPp2p5&npa=1&dma_cps=-&dma=1&gdid=dMTc4Zm&tt=external&cid=395481284.1716424899&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_s=1&sid=1716424898&sct=1&seg=0&dl=https%3A%2F%2Fwww.nexi.de%2Fde&dt=Kartenzahlung%20annehmen%20-%20Bargeldloses%20Bezahlen%20ganz%20einfach.&en=slider&_fv=1&_nsi=1&_ss=1&ep.container_id=GTM-M7T2WFJ&ep.container_version=50&ep.connection_speed=4g&epn.is_internal_traffic=0&epn.device_pixel_ratio=1&ep.content_language=DE&ep.action=impression&ep.label=NEXI%20SMARTPAY&ep.click_url=https%3A%2F%2Fwww.nexi.de%2Fde%2Flandingpages%2Fsmartpay-angebot-0-terminalmiete%23form&epn.position=1&tfd=5031
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZC6C4GYW78&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 23 May 2024 00:41:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nexi.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

src=10302488;dc_pre=CNafkoPFooYDFb0OogMdT-IINQ;type=count0;cat=fl-co0;ord=1;num=2190814090823;npa=1;u1=https%3A%2F%2Fwww.nexi.de%2Fde;gdid=dMTc4Zm;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.642...
ade.googlesyndication.com/ddm/activity/
Redirect Chain

https://ade.googlesyndication.com/ddm/activity/src=10302488;type=count0;cat=fl-co0;ord=1;num=2190814090823;npa=1;u1=https%3A%2F%2Fwww.nexi.de%2Fde;gdid=dMTc4Zm;uaa=x86;uab=64;uafvl=Google%2520Chrom...
https://ade.googlesyndication.com/ddm/activity/src=10302488;dc_pre=CNafkoPFooYDFb0OogMdT-IINQ;type=count0;cat=fl-co0;ord=1;num=2190814090823;npa=1;u1=https%3A%2F%2Fwww.nexi.de%2Fde;gdid=dMTc4Zm;uaa...

42 B
118 B

81ms
79ms

Image
image/gif

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/src=10302488;dc_pre=CNafkoPFooYDFb0OogMdT-IINQ;type=count0;cat=fl-co0;ord=1;num=2190814090823;npa=1;u1=https%3A%2F%2Fwww.nexi.de%2Fde;gdid=dMTc4Zm;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe45m0h2v9181784027z89105342857za201zb9105342857;gcs=G100;gcd=13p3pPp2p5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Fwww.nexi.de%2Fde?

Requested by

Host: www.nexi.de
URL: https://www.nexi.de/de

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.nexi.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 May 2024 00:41:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 May 2024 00:41:39 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://ade.googlesyndication.com/ddm/activity/src=10302488;dc_pre=CNafkoPFooYDFb0OogMdT-IINQ;type=count0;cat=fl-co0;ord=1;num=2190814090823;npa=1;u1=https%3A%2F%2Fwww.nexi.de%2Fde;gdid=dMTc4Zm;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe45m0h2v9181784027z89105342857za201zb9105342857;gcs=G100;gcd=13p3pPp2p5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Fwww.nexi.de%2Fde?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 de-app.json Show response
acsbapp.com/apps/app/dist/js/locale/ 4 KB
2 KB 155ms
155ms Fetch
application/json 2606:4700:10::ac43:b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/locale/de-app.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b06d837458d194658b3a4744b4b0a7a012a0b26d3473a99b7aab66d56e321944

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 00:41:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
age: 0
x-guploader-uploadid: ABPtcPrvWeDYqQIeF0PiboEyb7dItgkWAMbkKuCCzYofSx5Cb0XLF7b3LNROTMkwFORlegtdI4BrQ4ya6Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
last-modified: Mon, 20 May 2024 08:51:10 GMT
server: cloudflare
etag: W/"4b20464e59c71221b5a003350aa73d2c"
x-goog-hash: crc32c=1wpTwA==, md5=SyBGTlnHEiG1oAM1Cqc9LA==
x-goog-generation: 1716195070869376
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cache-control: public, max-age=300, must-revalidate
x-goog-stored-content-length: 3682
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cf-ray: 888100633fae9a09-FRA
expires: Fri, 23 May 2025 00:41:39 GMT

GET
H/1.1 200
OK favicon.png
www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/favicons/ 801 B
2 KB 90ms
90ms Other
image/png 185.198.118.126
NEXI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/favicons/favicon.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

e5c0e42bb6a3f3a244f8724587feb409c48a467a098e94c708bbb58117d41369

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 23 May 2024 00:41:39 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Tue, 23 Apr 2024 21:25:46 GMT
ETag: "321-616ca32798dea"
X-Frame-Options: SAMEORIGIN
Vary: Origin, Accept-Encoding
Content-Type: image/png
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=300, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 801

GET
H/1.1 200
OK favicon.ico
www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/favicons/ 34 KB
35 KB 95ms
94ms Other
image/vnd.microsoft.icon 185.198.118.126
NEXI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nexi.de/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/favicons/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

ddcb12028caf567e0f9d6af1adc7e51df78b7c800f99eab2608c11ca47f9b77e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 23 May 2024 00:41:39 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Tue, 23 Apr 2024 21:17:55 GMT
ETag: "86be-616ca166ebdf2"
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: image/vnd.microsoft.icon
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=300, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34494

POST
H2 200 / Show response
accesswidget-log-receiver.acsbapp.com/ 2 B
148 B 175ms
161ms Fetch
text/plain 2606:4700:10::ac43:b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://accesswidget-log-receiver.acsbapp.com/
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.nexi.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 23 May 2024 00:41:40 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 06fda8aefaa4dc4cf595e9f8245747d7
cf-ray: 8881006a0b239a09-FRA
content-length: 2

GET
H/1.1 200
OK MobileTerminal_A920.png
www.nexi.de/content/dam/nexide/img/nexi-de-test/terminals/ 70 KB
71 KB 100ms
99ms Image
image/png 185.198.118.126
NEXI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nexi.de/content/dam/nexide/img/nexi-de-test/terminals/MobileTerminal_A920.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

55d421c2be2e53f5559feaaf7aa83cf3978b352ab3e987c5e0d58dd954ed4a19

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 23 May 2024 00:41:40 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Tue, 23 Apr 2024 21:19:54 GMT
ETag: "118f9-616ca1d86ddee"
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: image/png
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=300, public
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK MobileTerminal_A77.png
www.nexi.de/content/dam/nexide/img/nexi-de-test/terminals/ 87 KB
88 KB 100ms
99ms Image
image/png 185.198.118.126
NEXI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nexi.de/content/dam/nexide/img/nexi-de-test/terminals/MobileTerminal_A77.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

587bcea34aba9f3ebf5af996e04c4fa567a4fbf5fd7ec2cffbea8e9dd7ed15fb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 23 May 2024 00:41:40 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Tue, 23 Apr 2024 21:30:04 GMT
ETag: "15c9a-616ca41e31dcd"
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: image/png
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=300, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89242

GET
H/1.1 200
OK Online-Zahlungen.png
www.nexi.de/content/dam/nexide/img/nexi-de-test/situationen/ 108 KB
109 KB 104ms
103ms Image
image/png 185.198.118.126
NEXI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nexi.de/content/dam/nexide/img/nexi-de-test/situationen/Online-Zahlungen.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

1b9cad2c18a34a662717cce755f47da91bf81ef7b450dbe788024c7ab9db677b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.nexi.de/de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 23 May 2024 00:41:40 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Tue, 23 Apr 2024 21:19:54 GMT
ETag: "1b103-616ca1d873d8a"
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: image/png
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=300, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 110851

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Nexi (Banking)

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.nexi.de/	1969-12-31 23:59:59	Name: TS0168694d Value: 0101a8acbe27ce989059b98e2c371a3b17c8da3fabd872bc66cff435f5cd13dd9437efa6a865005ab826af4fc90b39b565581a3898
			.nexi.de/	1970-01-21 05:34:07	Name: didomi_token Value: eyJ1c2VyX2lkIjoiMThmYTJlNTctNDJjZC02YmNmLWE3M2YtNzkxYTYyNWUyY2MzIiwiY3JlYXRlZCI6IjIwMjQtMDUtMjNUMDA6NDE6MzcuNTgwWiIsInVwZGF0ZWQiOiIyMDI0LTA1LTIzVDAwOjQxOjM3LjU4MVoiLCJ2ZXJzaW9uIjpudWxsfQ==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accesswidget-log-receiver.acsbapp.com
acsbapp.com
ade.googlesyndication.com
ajax.googleapis.com
cdn.acsbapp.com
concardis.com
nexi.de
pagead2.googlesyndication.com
region1.google-analytics.com
sdk.privacy-center.org
www.concardis.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.nexi.de
142.250.184.194
142.250.185.226
142.250.186.164
185.198.118.126
2001:4860:4802:32::36
217.31.84.121
2600:9000:26e8:6200:5:b7cc:d3c0:93a1
2606:4700:10::6816:1cc
2606:4700:10::ac43:b9b
2a00:1450:4001:81d::2003
2a00:1450:4001:81d::200a
2a00:1450:4001:82b::2008
3.161.82.117
020f3c7edd3e41a404743a62b1c130484d4b687e08f7d4c813f1b6e222740071
0f7744b49b428848b90c08edacdf376301b5a72360d27c4b996fc4bbba70dd74
1b9cad2c18a34a662717cce755f47da91bf81ef7b450dbe788024c7ab9db677b
1e520757436f2a4a74e17083fc9b565edbde01b7ce2ac08d6355ae8e0cf2e17f
1ee832cf3968ff64c5c8dfb0bd8fba5e2583d727b28c89f71b3664351dce1389
2499da38e44e9fd4d3b7cf3ce2300ddf2cee7d6556693c1abf1a7f18f6214dd4
28da7d310ed7a61a72e4ac1b2007b9e70a7d57e746b225af447257f202fbb697
2bef6e7b4bd23a7009ddf29a2896bbdc7e25a365b501b2c34b5fd42917e12337
3ba37a490ce9992db3d48745558019952ad51f2759c79ca1d4d5f6a2211a0552
3e3b591a29909176505de4710aad63dff37390d9da4728bb4336ba142ee48ead
3f15939181132a8ea3a1798da2a751abff0c0ffd3efae80b7229a921edc4f90b
4c399d83f036f296ac9cdc6cbb47af8f77b8892218b7c0ae7c26b292f4eddd08
525ffea0234afc7e31ca14912e889ef7d13a4c2b741db7e737a1244bbd9c0b73
53192495ec43c0d10022eb2fecefd9bd2967f56dab0fd98d3a3d5831422f7323
55d421c2be2e53f5559feaaf7aa83cf3978b352ab3e987c5e0d58dd954ed4a19
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56ac942979d04a52ea5050844008158594c1538eaaf42b227fac43efb9069242
587bcea34aba9f3ebf5af996e04c4fa567a4fbf5fd7ec2cffbea8e9dd7ed15fb
68844220938760928ab8c74d8f7dc64d398167ad47455bb0be5895b56beae3ff
6d0a25a5966fb0024e95bc7802a7e94e78e00fb2a7169a51fbdfa60e8dc5c5f2
7e5006fbc7ec4e982dfefe230e49021bdaa817265abc0960642371733259ee82
83e9a25bc3d65aa88a683b34f650213f0c74e657b29436a37ef138c2ea689dda
87526f6a2177902e89ac67e69e6152671d38625024ae399ce3ba149599614bb9
a463d7ba0746379c5637c7bde2b988eb8966123424ee92c01081652ebaeb45f4
a5f4dbc86da106cd972d62ec543c0d3d11a5383c4cc35ecd7f48c07f5231d0fe
a975d6a5bbe9c3117b33fd0ccd1e6bee30f5bb2b3d8661efc3aba07b8c32d1af
b06d837458d194658b3a4744b4b0a7a012a0b26d3473a99b7aab66d56e321944
b3534cd8846be31faff3fbf86b8d719f55e89bbdf2543bed7a2594765726f2f6
ccf1fecbab489e1d7103159f6c74fbe2db9320ef6c56faf3527a0949b50ef006
d1bd4bba8adc24b19bdb5b6b5b7e2c49cb4c6178c2552252c68d45f2a7061829
dbc19c319db65c1a8c3556c7f115338d3e40794e8bd06928ddaefe45f80f86e3
ddcb12028caf567e0f9d6af1adc7e51df78b7c800f99eab2608c11ca47f9b77e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c0e42bb6a3f3a244f8724587feb409c48a467a098e94c708bbb58117d41369
e92f0b552deffbf207cee5389713056c7c3d27e4b9b9edaf29338d01a83c5962
ee493db8f1bdaedc48fd9bb5b4d52cccb023d296f0ad9956227d1e51e926e26f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0208b5ec10ee5ae4b97615ac8ee6d69d0fdc04616df544194731bce4db3dbb6
f4f98335eea86d39da6de2a0913ffdbf50ce1288427f9780731e6bd53f0807ac
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f80a687af1632efb2cf19618deadf28d35c5923ba966aff098232210d40ca5cd
ffa0d73df7be6de65c415956a96727b4f6b4bd6bc176c25d9fb2a5fb3458f5ad

www.nexi.de Open in urlscan Pro 185.198.118.126 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

98 %HTTPS

54 %IPv6

10 Domains

15 Subdomains

13 IPs

3 Countries

3713 kBTransfer

6146 kBSize

2 Cookies

11 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nexi.de Open in urlscan Pro
185.198.118.126 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

98 %
HTTPS

54 %
IPv6

10
Domains

15
Subdomains

13
IPs

3
Countries

3713 kB
Transfer

6146 kB
Size

2
Cookies

44 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!