urlscan.io logo urlscan.io
SecurityTrails logo

normativa-psd2-web.com Open in urlscan Pro
2a02:4780:13:912:0:1644:4914:1  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://normativa-psd2-web.com/info/bnl/
Submission Tags: 7579565
Submission: On July 06 via api from NL — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 45 HTTP transactions. The main IP is 2a02:4780:13:912:0:1644:4914:1, located in Cyprus and belongs to AS-HOSTINGER, CY. The main domain is normativa-psd2-web.com.
TLS certificate: Issued by R3 on July 5th 2022. Valid for: 3 months.
This is the only time normativa-psd2-web.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BNP Paribas (Banking)

Domain & IP information

IP Address AS Autonomous System
2 2a02:4780:13:... 47583 (AS-HOSTINGER)
7 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2606:4700:310... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
23 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
45 9
2    2a02:4780:13:912:0:1644:4914:1 (Cyprus)

ASN47583 (AS-HOSTINGER, CY)
normativa-psd2-web.com
7    2a02:26f0:6c00:281::4445 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
banking.bnl.it
bnl.it
1    2606:4700:3108::ac42:285e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn0.iconfinder.com
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
23    2606:4700:10::6816:1983 (United States)

ASN13335 (CLOUDFLARENET, US)
embed.tawk.to
va.tawk.to
3    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
23 tawk.to
embed.tawk.to — Cisco Umbrella Rank: 8273
va.tawk.to — Cisco Umbrella Rank: 7866
195 KB
7 bnl.it
banking.bnl.it
bnl.it — Cisco Umbrella Rank: 430988
649 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
2 KB
2 normativa-psd2-web.com
normativa-psd2-web.com
7 KB
1 gstatic.com
fonts.gstatic.com
24 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 429
39 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 630
32 KB
1 iconfinder.com
cdn0.iconfinder.com — Cisco Umbrella Rank: 84832
4 KB
45 8
Domain Requested by
18 embed.tawk.to normativa-psd2-web.com
embed.tawk.to
6 banking.bnl.it normativa-psd2-web.com
banking.bnl.it
5 va.tawk.to embed.tawk.to
3 fonts.googleapis.com embed.tawk.to
2 normativa-psd2-web.com code.jquery.com
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.jsdelivr.net embed.tawk.to
1 bnl.it banking.bnl.it
1 code.jquery.com normativa-psd2-web.com
1 cdn0.iconfinder.com normativa-psd2-web.com
45 10
Subject Issuer Validity Valid
normativa-psd2-web.com
R3		 2022-07-05 -
2022-10-03		 3 months crt.sh
bnl01.bnpparibas.com
DigiCert SHA2 Extended Validation Server CA		 2021-09-24 -
2022-09-23		 a year crt.sh
*.iconfinder.com
E1		 2022-06-15 -
2022-09-13		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-28 -
2023-05-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://normativa-psd2-web.com/info/bnl/
Frame ID: F846D08A00E851B4486015B6AF6ADBC2
Requests: 36 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/62835fee0eb/css/message-preview.css
Frame ID: 9B170677654BF60FC5187BC55218C40C
Requests: 2 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/62835fee0eb/css/min-widget.css
Frame ID: B1D165926483BE8D17A04283CCEFF657
Requests: 3 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/62835fee0eb/css/max-widget.css
Frame ID: A3686300B3A34F79E36B7BE646999523
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc\.clientlibs/
Overall confidence: 100%
Detected patterns
  • //embed\.tawk\.to
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

45
Requests

87 %
HTTPS

100 %
IPv6

8
Domains

10
Subdomains

9
IPs

4
Countries

953 kB
Transfer

2228 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
normativa-psd2-web.com/info/bnl/ 		47 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://normativa-psd2-web.com/info/bnl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:13:912:0:1644:4914:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0f1fbc0a5f423e0ef6cbdf94a7f7eb147e5d89669451641b171d55b3924fa8cf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
6699
content-security-policy
upgrade-insecure-requests
content-type
text/html
date
Wed, 06 Jul 2022 08:26:24 GMT
etag
"bb43-62c42f8d-4ddee2040081e9;br"
last-modified
Tue, 05 Jul 2022 12:33:17 GMT
server
LiteSpeed
vary
Accept-Encoding
footer-icons.css
banking.bnl.it/rsc/contrib/graphicaltheme/bnl-public/css/ 		2 B
460 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banking.bnl.it/rsc/contrib/graphicaltheme/bnl-public/css/footer-icons.css
Requested by
Host: normativa-psd2-web.com
URL: https://normativa-psd2-web.com/info/bnl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:281::4445 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://normativa-psd2-web.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 08:26:25 GMT
Vary
Host
Last-Modified
Tue, 01 Dec 2020 09:48:34 GMT
x-frame-options
SAMEORIGIN
ETag
"2-5b56407bc5dcc"
Strict-Transport-Security
max-age=15768000
p3p
CP="NON CUR OTPi OUR NOR UNI"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/css;charset=utf-8
Content-Length
2
x-content-type-options
nosniff
hb-login.css
banking.bnl.it/hb-login/theme/bnl/css/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banking.bnl.it/hb-login/theme/bnl/css/hb-login.css
Requested by
Host: normativa-psd2-web.com
URL: https://normativa-psd2-web.com/info/bnl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:281::4445 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ Servlet/3.0
Resource Hash
31e77ecae8b2766fbe277dd3dcf6be2c5872d6a5f1836e123b73a6b02c204874
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://normativa-psd2-web.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 08:26:25 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 15:08:40 GMT
p3p
CP="NON CUR OTPi OUR NOR UNI"
x-powered-by
Servlet/3.0
Vary
Accept-Encoding
Strict-Transport-Security
max-age=15768000
Content-Language
en-US
Connection
keep-alive
Content-Type
text/css
Content-Length
2138
clientlib-redational-page-login.min.css
banking.bnl.it/etc.clientlibs/bnl-private/clientlibs/ 		431 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banking.bnl.it/etc.clientlibs/bnl-private/clientlibs/clientlib-redational-page-login.min.css
Requested by
Host: normativa-psd2-web.com
URL: https://normativa-psd2-web.com/info/bnl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:281::4445 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c6c0110847b188f2cb2010d57d69a380811f0e87588d943a216dc644b8aee782
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://normativa-psd2-web.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 08:26:25 GMT
Content-Encoding
gzip
x-content-type-options
nosniff
Last-Modified
Tue, 21 Jun 2022 20:29:17 GMT
ETag
"6bc7e-5e1fb13264dcb"
x-frame-options
SAMEORIGIN
p3p
CP="NON CUR OTPi OUR NOR UNI"
Connection
keep-alive, Transfer-Encoding
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15768000
Accept-Ranges
bytes
Content-Type
text/css;charset=utf-8
Vary
Accept-Encoding
Error-512.png
cdn0.iconfinder.com/data/icons/shift-free/32/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn0.iconfinder.com/data/icons/shift-free/32/Error-512.png
Requested by
Host: normativa-psd2-web.com
URL: https://normativa-psd2-web.com/info/bnl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:285e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d18dfca40d83a20a5bb0b627de61ae659248c1c39953b44e5cf5da7fed4f6685
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://normativa-psd2-web.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 08:26:25 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=12160
content-disposition
inline; filename="Error-512.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3916
x-request-id
42faabf4-8029-4d96-92d1-cb4ce3099603
expires
Thu, 06 Jul 2023 08:26:25 GMT
last-modified
Wed, 06 Jul 2022 07:28:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/webp
access-control-allow-origin
*
vary
Accept
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7266f492be64baf3-MXP
cf-bgj
imgq:100,h2pri
trasparenza_BNL-1.jpg
banking.bnl.it/rsc/contrib/graphicaltheme/bnl-public/img/footer/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banking.bnl.it/rsc/contrib/graphicaltheme/bnl-public/img/footer/trasparenza_BNL-1.jpg
Requested by
Host: normativa-psd2-web.com
URL: https://normativa-psd2-web.com/info/bnl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:281::4445 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
24b7fc7a5247a3ccb0216515023889adce611b2ca852efd2223509caeb81b9a9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://normativa-psd2-web.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 08:26:25 GMT
Vary
Host,Accept-Encoding
Last-Modified
Mon, 08 Feb 2021 11:50:26 GMT
x-frame-options
SAMEORIGIN
ETag
"4ccd-5bad1c69adff0"
Strict-Transport-Security
max-age=15768000
p3p
CP="NON CUR OTPi OUR NOR UNI"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
19661
clientlib-redational-page-login.min.js
banking.bnl.it/etc.clientlibs/bnl-private/clientlibs/ 		560 KB
561 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.bnl.it/etc.clientlibs/bnl-private/clientlibs/clientlib-redational-page-login.min.js
Requested by
Host: normativa-psd2-web.com
URL: https://normativa-psd2-web.com/info/bnl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:281::4445 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
32ad9964e6874a05463783512128f03ec3d46bab8f47ba0efcb7920f60722fc2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://normativa-psd2-web.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 08:26:25 GMT
x-content-type-options
nosniff
Last-Modified
Tue, 21 Jun 2022 20:29:15 GMT
x-frame-options
SAMEORIGIN
ETag
"8c1d3-5e1fb1302445e"
Strict-Transport-Security
max-age=15768000
p3p
CP="NON CUR OTPi OUR NOR UNI"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript;charset=utf-8
Content-Length
573907
jquery-1.9.1.min.js
code.jquery.com/ 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.9.1.min.js
Requested by
Host: normativa-psd2-web.com
URL: https://normativa-psd2-web.com/info/bnl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://normativa-psd2-web.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 08:26:25 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-169d5"
vary
Accept-Encoding
x-hw
1657095985.dop010.ml1.t,1657095985.cds004.ml1.hn,1657095985.cds011.ml1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
32772
bnl_payoff_transparent.png
banking.bnl.it/rsc/contrib/graphicaltheme/bnl-public/img/brand_block/ 		2 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banking.bnl.it/rsc/contrib/graphicaltheme/bnl-public/img/brand_block/bnl_payoff_transparent.png
Requested by
Host: normativa-psd2-web.com
URL: https://normativa-psd2-web.com/info/bnl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:281::4445 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://normativa-psd2-web.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 08:26:25 GMT
Vary
Host
Last-Modified
Tue, 01 Dec 2020 09:33:44 GMT
x-frame-options
SAMEORIGIN
ETag
"2-5b563d2af7ab9"
Strict-Transport-Security
max-age=15768000
p3p
CP="NON CUR OTPi OUR NOR UNI"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png;charset=iso-8859-1
Content-Length
2
x-content-type-options
nosniff
bnl_logo_transparent.png
bnl.it/rsc/contrib/graphicaltheme/bnl-public/img/brand_block/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bnl.it/rsc/contrib/graphicaltheme/bnl-public/img/brand_block/bnl_logo_transparent.png
Requested by
Host: banking.bnl.it
URL: https://banking.bnl.it/etc.clientlibs/bnl-private/clientlibs/clientlib-redational-page-login.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:281::4445 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4f37e40f466d79806853f3758a33da54b5df0794d81a070973e9d5d1ae4636a3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://banking.bnl.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 08:26:25 GMT
Vary
Host,Accept-Encoding
Last-Modified
Thu, 24 Feb 2022 09:50:43 GMT
x-frame-options
SAMEORIGIN
ETag
"2d9a-5d8c08400dd61"
Strict-Transport-Security
max-age=15768000
p3p
CP="NON CUR OTPi OUR NOR UNI"
Access-Control-Allow-Origin
https://bnl.it
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
11674
Expires
Wed, 06 Jul 2022 08:46:25 GMT
bnpp-sans.woff
banking.bnl.it/etc.clientlibs/bnl/clientlibs/clientlib-all/resources/fonts/bnpp-sans/ 		0
0
bnpp-sans-bold.woff
banking.bnl.it/etc.clientlibs/bnl/clientlibs/clientlib-all/resources/fonts/bnpp-sans/ 		0
0
bnpp-sans-light.woff
banking.bnl.it/etc.clientlibs/bnl/clientlibs/clientlib-all/resources/fonts/bnpp-sans/ 		0
0
1g3gnbin8
embed.tawk.to/624353af2abe5b455fc23a66/ 		2 KB
1018 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/624353af2abe5b455fc23a66/1g3gnbin8
Requested by
Host: normativa-psd2-web.com
URL: https://normativa-psd2-web.com/info/bnl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07fb8e7042e3340884bddb8930e7d370d86312b65ce59cf8c72eb37e79abd84a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://normativa-psd2-web.com/
Origin
https://normativa-psd2-web.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 08:26:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
age
273
etag
W/"stable-v4-62835fee0eb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, s-maxage=3600
strict-transport-security
max-age=0; includeSubDomains; preload
cf-ray
7266f4976a8659d1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bnpp-sans-bold.ttf
banking.bnl.it/etc.clientlibs/bnl/clientlibs/clientlib-all/resources/fonts/bnpp-sans/ 		0
0
bnpp-sans-light.ttf
banking.bnl.it/etc.clientlibs/bnl/clientlibs/clientlib-all/resources/fonts/bnpp-sans/ 		0
0
bnpp-sans.ttf
banking.bnl.it/etc.clientlibs/bnl/clientlibs/clientlib-all/resources/fonts/bnpp-sans/ 		0
0
access.php
normativa-psd2-web.com/info/bnl/panel/ 		88 B
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://normativa-psd2-web.com/info/bnl/panel/access.php
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.9.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:13:912:0:1644:4914:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.4.30
Resource Hash
fea1078f1c89033344ccd1179dfb9e24cd64acddbccbc9157997348f194e9367
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept
*/*
Referer
https://normativa-psd2-web.com/info/bnl/
X-Requested-With
XMLHttpRequest
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
server
LiteSpeed
x-powered-by
PHP/7.4.30
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
date
Wed, 06 Jul 2022 08:26:26 GMT
content-length
92
twk-main.js
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 		121 B
184 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-main.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/624353af2abe5b455fc23a66/1g3gnbin8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://normativa-psd2-web.com/
Origin
https://normativa-psd2-web.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 08:26:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
71443
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 17 May 2022 08:44:36 GMT
server
cloudflare
etag
W/"da5bb1dc647470204df0e49f5afac2de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
7266f498cd2f59d1-MXP
twk-vendor.js
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-vendor.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/624353af2abe5b455fc23a66/1g3gnbin8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://normativa-psd2-web.com/
Origin
https://normativa-psd2-web.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 08:26:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
71442
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 17 May 2022 08:44:36 GMT
server
cloudflare
etag
W/"7dcb496e4882926f93f2e73fa87062c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
7266f498cd3259d1-MXP
twk-chunk-vendors.js
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 		206 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-vendors.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/624353af2abe5b455fc23a66/1g3gnbin8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5b1592fa8ab8256ceae1cf00cbe53ad23b82f85964514f421492df2a8735d2f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://normativa-psd2-web.com/
Origin
https://normativa-psd2-web.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 08:26:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
71442
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 17 May 2022 08:44:36 GMT
server
cloudflare
etag
W/"0022ca6ee8862a21867d497826b1d4ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
7266f498cd3459d1-MXP
twk-chunk-common.js
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 		157 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-common.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/624353af2abe5b455fc23a66/1g3gnbin8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f0aef9670e1b3f32b79f61f847d0f470c062a9d17ff4c0a8ce2517710ff3411
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://normativa-psd2-web.com/
Origin
https://normativa-psd2-web.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 08:26:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
71442
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 17 May 2022 08:44:36 GMT
server
cloudflare
etag
W/"a971da9828a19bc856261914c19bc242"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
7266f498cd3559d1-MXP
twk-runtime.js
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-runtime.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/624353af2abe5b455fc23a66/1g3gnbin8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
161f78f0d9ea5a5025a082c14b694df6ca43e2d48db62ee35f3368ff3da02cc1
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://normativa-psd2-web.com/
Origin
https://normativa-psd2-web.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 08:26:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
71443
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 17 May 2022 08:44:36 GMT
server
cloudflare
etag
W/"a15483b174cf94cb489a53ce9789161d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
7266f498cd3659d1-MXP
twk-app.js
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 		151 B
209 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-app.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/624353af2abe5b455fc23a66/1g3gnbin8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://normativa-psd2-web.com/
Origin
https://normativa-psd2-web.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 08:26:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
71443
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 17 May 2022 08:44:36 GMT
server
cloudflare
etag
W/"e736e189edb5d0d9d5b8e7f23dd9114a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
7266f498cd3759d1-MXP
widget-settings
va.tawk.to/v1/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/widget-settings?propertyId=624353af2abe5b455fc23a66&widgetId=1g3gnbin8&sv=undefined
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b82aa4147515da5554c7e22dd86e50170d92e2ce74902ebe4db2c8bbd9ab497f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://normativa-psd2-web.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 08:26:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
273
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
visitor-application-preemptive-06rs
server
cloudflare
etag
W/"2-36-2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=7200, s-maxage=1800
cf-ray
7266f4997e4559d1-MXP
access-control-allow-headers
content-type,x-tawk-token
start
va.tawk.to/v1/session/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/session/start
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e407cdc37ebed0fa913cba6dc8f889f6557f30a2882d102ebee229547042ab5
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://normativa-psd2-web.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Wed, 06 Jul 2022 08:26:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
visitor-application-preemptive-wm6l
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://normativa-psd2-web.com
vary
Accept-Encoding
access-control-allow-credentials
true
cf-ray
7266f49a6a4bbaff-MXP
access-control-allow-headers
content-type,x-tawk-token
start
va.tawk.to/v1/session/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/session/start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://normativa-psd2-web.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-tawk-token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://normativa-psd2-web.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7266f4997e4a59d1-MXP
date
Wed, 06 Jul 2022 08:26:26 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
x-served-by
visitor-application-preemptive-x8jx
it.js
embed.tawk.to/_s/v4/app/62835fee0eb/languages/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/62835fee0eb/languages/it.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3256bdcc1e5248561caa53d35eb25848e0eb40e9ea2764f2d267e09596fb09bf
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://normativa-psd2-web.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 08:26:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1128290
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 17 May 2022 08:44:37 GMT
server
cloudflare
etag
W/"ef5649090c858d18286c91171015fbdc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
7266f499c93fbaff-MXP
twk-chunk-2d0d2b7c.js
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-2d0d2b7c.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fee6dec9e7d648ac6be3c030ffc99fd2ac5f73398212f4cb2e43d7cdc28282ed
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://normativa-psd2-web.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 08:26:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1128347
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 17 May 2022 08:44:36 GMT
server
cloudflare
etag
W/"1180d712a02848854eab38e1736e2616"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
7266f49e7946baff-MXP
twk-chunk-696bc286.js
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-696bc286.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9014e413a2ed0a5b777c417873a254729ce6bb5fdca039a4dd5abd04417db98d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://normativa-psd2-web.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 08:26:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1128347
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 17 May 2022 08:44:36 GMT
server
cloudflare
etag
W/"6712af3933a068dc9ca1293e0c2c828f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
7266f49e7949baff-MXP
twk-chunk-48f46bef.js
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-48f46bef.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08b53c5a235af3613d1964d3678ac26432071b1eae951590b84f14ea839a5678
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://normativa-psd2-web.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 08:26:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1128347
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 17 May 2022 08:44:36 GMT
server
cloudflare
etag
W/"601eb77cd91dcb708add40ebe9d149e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
7266f49e794bbaff-MXP
twk-chunk-4fe9d5dd.js
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 		942 B
781 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-4fe9d5dd.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://normativa-psd2-web.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 08:26:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1128347
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 17 May 2022 08:44:36 GMT
server
cloudflare
etag
W/"5f434bdd806571a4e1b385bee9316ff6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
7266f49e794dbaff-MXP
twk-chunk-2d0b9454.js
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 		546 B
669 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-2d0b9454.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://normativa-psd2-web.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 08:26:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1128347
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 17 May 2022 08:44:36 GMT
server
cloudflare
etag
W/"09c3819d373bd4178a620d721429fada"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
7266f49e794ebaff-MXP
twk-chunk-f163fcd0.js
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-f163fcd0.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb94ebe9718dddddc412d9054b58d2ec39bea39d4f40e2181bafc4fb21120c19
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://normativa-psd2-web.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 08:26:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1128347
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 17 May 2022 08:44:36 GMT
server
cloudflare
etag
W/"5d825157bfbb4872b9ce8ea19e5eb7e6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
7266f49e7950baff-MXP
twk-chunk-32507910.js
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 		70 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-32507910.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b601109f6454a4cdb28a089947fbaefcce2e471efcfdc60cc6869c9c36417e14
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://normativa-psd2-web.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 08:26:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1128347
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 17 May 2022 08:44:36 GMT
server
cloudflare
etag
W/"006d5eeef6485daa02180491bbfb5485"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
7266f49e7952baff-MXP
message-preview.css
embed.tawk.to/_s/v4/app/62835fee0eb/css/ Frame 9B17 		37 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/62835fee0eb/css/message-preview.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-2d0d2b7c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c441a4185403c04c6660b68f8e08dbb2c1006c6a0f792fd454216a35b73fc867
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 08:26:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1128347
cf-polished
origSize=37650
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 17 May 2022 08:44:36 GMT
server
cloudflare
etag
W/"792b46302ed8c4acdf03169ba30069fc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
7266f49ec9c8baff-MXP
cf-bgj
minify
min-widget.css
embed.tawk.to/_s/v4/app/62835fee0eb/css/ Frame B1D1 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/62835fee0eb/css/min-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-2d0d2b7c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34533e0e1da75160a7daf8a64a6c8e84d3ee9b9265695cfdf0ce3ce7ccac0139
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 08:26:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1128347
cf-polished
origSize=25050
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 17 May 2022 08:44:36 GMT
server
cloudflare
etag
W/"ca07acfc9643befa104a07a93067f7c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
7266f49eea04baff-MXP
cf-bgj
minify
max-widget.css
embed.tawk.to/_s/v4/app/62835fee0eb/css/ Frame A368 		73 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/62835fee0eb/css/max-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-2d0d2b7c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ef158b41b948a026674ff4d4780d40958e066c3c79b40748d091bb8123a9da6
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 08:26:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1128347
cf-polished
origSize=74594
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 17 May 2022 08:44:36 GMT
server
cloudflare
etag
W/"0d4a703e4e6f73ee4b1a0e152481a4c2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
7266f49f0a4fbaff-MXP
cf-bgj
minify
css
fonts.googleapis.com/ Frame 9B17 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/css/message-preview.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6f1e145d88c4b3f343055576d559fa8999045d205ea2f4e0d84f3b539c56ced8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://embed.tawk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 07:14:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 06 Jul 2022 08:26:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 06 Jul 2022 08:26:27 GMT
css
fonts.googleapis.com/ Frame B1D1 		7 KB
665 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/css/min-widget.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6f1e145d88c4b3f343055576d559fa8999045d205ea2f4e0d84f3b539c56ced8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://embed.tawk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 07:49:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 06 Jul 2022 08:26:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 06 Jul 2022 08:26:27 GMT
css
fonts.googleapis.com/ Frame A368 		7 KB
665 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/css/max-widget.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6f1e145d88c4b3f343055576d559fa8999045d205ea2f4e0d84f3b539c56ced8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://embed.tawk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 07:06:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 06 Jul 2022 08:26:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 06 Jul 2022 08:26:27 GMT
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 		295 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://normativa-psd2-web.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 08:26:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1128292
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19137-FRA, cache-iad-kiad7000101-IAD
timing-allow-origin
*
server
cloudflare
etag
W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WpdQKj%2BlBj4xbag9gJfBp4gJBF%2FzwBZUR1Fu2Auzl0os8TShKT3IkS%2BadWvuiSRWRl66yLfEfqafIcmI%2FHnrjMRCSrSrRMPHjW3s27B8sw5sBfeMPmeFuMcBjNAwzkDFHbVaQXblYUsuo8ksRv4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
7266f4a039debb03-MXP
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame B1D1 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://normativa-psd2-web.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 17:07:14 GMT
x-content-type-options
nosniff
age
55153
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Jul 2023 17:07:14 GMT
v3
va.tawk.to/log-performance/ 		5 B
351 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/log-performance/v3
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://normativa-psd2-web.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Wed, 06 Jul 2022 08:26:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
visitor-application-preemptive-hs52
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://normativa-psd2-web.com
vary
Accept-Encoding
access-control-allow-credentials
true
cf-ray
7266f4a3bfabbabe-MXP
access-control-allow-headers
content-type,x-tawk-token
v3
va.tawk.to/log-performance/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/log-performance/v3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://normativa-psd2-web.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-tawk-token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://normativa-psd2-web.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7266f4a26d66babe-MXP
date
Wed, 06 Jul 2022 08:26:27 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
x-served-by
visitor-application-preemptive-k4gq

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
banking.bnl.it
URL
https://banking.bnl.it/etc.clientlibs/bnl/clientlibs/clientlib-all/resources/fonts/bnpp-sans/bnpp-sans.woff
Domain
banking.bnl.it
URL
https://banking.bnl.it/etc.clientlibs/bnl/clientlibs/clientlib-all/resources/fonts/bnpp-sans/bnpp-sans-bold.woff
Domain
banking.bnl.it
URL
https://banking.bnl.it/etc.clientlibs/bnl/clientlibs/clientlib-all/resources/fonts/bnpp-sans/bnpp-sans-light.woff
Domain
banking.bnl.it
URL
https://banking.bnl.it/etc.clientlibs/bnl/clientlibs/clientlib-all/resources/fonts/bnpp-sans/bnpp-sans-bold.ttf
Domain
banking.bnl.it
URL
https://banking.bnl.it/etc.clientlibs/bnl/clientlibs/clientlib-all/resources/fonts/bnpp-sans/bnpp-sans-light.ttf
Domain
banking.bnl.it
URL
https://banking.bnl.it/etc.clientlibs/bnl/clientlibs/clientlib-all/resources/fonts/bnpp-sans/bnpp-sans.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BNP Paribas (Banking)

149 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| sfAxes1 string| sfAxes2 string| sfAxes3 string| sfAxes4 string| sfSiteId string| sfCookieErrorPage string| sfCustomerDacLevel string| userWelcomeBoxConfigurationURL string| dialogTemplate function| createNotifyDialog function| createGenericDialog function| showDialog function| showDialogOnTop function| wrapPopupContent object| HBNotify object| bnpp undefined| urlAnalyticScriptBody undefined| urlAnalyticScriptHead undefined| analyticsScript undefined| s undefined| urlCelebrusScript undefined| celebrusScript function| loadGtmCommon undefined| viewportSize undefined| slidingDimension function| _dimensions function| getFooterBodyHeight function| setHambMenuBodySize function| parenthesisFix function| pageSetup function| setHeaderVariables function| setFooterVariables function| setContactsVariables function| goTo function| showModalOriginal function| showModal function| addCssOpenCta function| addScriptOpenCta function| launchEventOpenCta function| admittedFormPages function| showContattiModal function| isSmallDevice function| openCurrentBranch function| animateHamburgerMenu function| hamburgerMenuIn function| hamburgerMenuOut function| loadHamburgerMenuAdditionalItems function| getMobileOperatingSystem function| isiOS function| isAndroid function| animateMore function| verticalTap function| trackCode undefined| currentNode undefined| currentBackNode undefined| currentVertical function| node function| initSitemap function| getCurrentNode function| getCurrentVertical function| getHamburgerMenuSitemap function| updateSitemap function| getNodeById function| forward function| back function| getHamburgerMenuBack function| printNode function| isEven function| isOdd function| getHamburgerMenuBody function| findNodeByLabelKey function| getVerticalsNode function| getFooterSitemap function| resetSitemap function| animateAccordion function| initLegalModule function| initializeShareModule function| initializeShareButton function| initializeC2aShareButton undefined| uniqID undefined| iframeApiAddress undefined| useHttps undefined| tag undefined| scriptSrc undefined| firstScriptTag undefined| player function| stopVideo function| applyCarousel undefined| tileCode function| generateTiles function| isExternalLink function| applyTileTemplate function| animatePageInjector function| initializeInjectedComponent function| injectContentMultipageInjector function| initializeMultipageInjector function| injectContentTabPageInjector function| initializeTabPageInjector function| linkContatti undefined| navigationConfig undefined| wcmFSSOContextPath function| dynamicSelfAppointmentInit function| buildHTMLSelfAppointmentContainer function| prepareHTMLSelfAppointmentContainer function| downloadSelfAppointmentAppCss function| downloadSelfAppointmentAppJS function| existSelfAppointmentCTA function| downloadSelfAppointmentAppJSCompleted function| $ function| jQuery function| DP_jQuery_1657095985741 object| OpenAjax function| _badParm function| _valPub function| _valSub function| _cacheIt function| _TopicMatcher function| _isCaching function| _copy object| PageBus boolean| mCustomScrollbar object| jQuery111104442452809955868 object| Tawk_API object| Tawk_LoadStart object| jQuery191012478519043352065 string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk object| tawkJsonp object| regeneratorRuntime function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| Tawk_Window object| emojione

3 Cookies

Domain/Path Name / Value
normativa-psd2-web.com/ Name: twk_idm_key
Value: TNB7jx39az56qZzaALIEj
normativa-psd2-web.com/ Name: TawkConnectionTime
Value: 0
.normativa-psd2-web.com/ Name: twk_uuid_624353af2abe5b455fc23a66
Value: %7B%22uuid%22%3A%221.1f4Wx28ogrBqazBSWbJnrBzoIX2yaYzXh29V8DcpMVOyfuZDlv1a6ola1CsMBVRSn2i3i5D8RuncmRuT57zeXUwbnI2yPvUvIG3beAmhQjCSzfF0kzCeqvpz2zoUBY4fwiw7uwuSKLsJT63eMqxM4svjT59odZ%22%2C%22version%22%3A3%2C%22domain%22%3A%22normativa-psd2-web.com%22%2C%22ts%22%3A1657095986940%7D

15 Console Messages

Source Level URL
Text
rendering warning URL: https://normativa-psd2-web.com/info/bnl/(Line 11)
Message:
The value "" for key "initial-scale" is invalid, and has been ignored.
rendering warning URL: https://normativa-psd2-web.com/info/bnl/(Line 11)
Message:
The value "" for key "maximum-scale" is invalid, and has been ignored.
rendering warning URL: https://normativa-psd2-web.com/info/bnl/(Line 11)
Message:
The value "" for key "minimum-scale" is invalid, and has been ignored.
javascript error URL: https://normativa-psd2-web.com/info/bnl/
Message:
Access to font at 'https://banking.bnl.it/etc.clientlibs/bnl/clientlibs/clientlib-all/resources/fonts/bnpp-sans/bnpp-sans-bold.woff' from origin 'https://normativa-psd2-web.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://banking.bnl.it/etc.clientlibs/bnl/clientlibs/clientlib-all/resources/fonts/bnpp-sans/bnpp-sans-bold.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://normativa-psd2-web.com/info/bnl/
Message:
Access to font at 'https://banking.bnl.it/etc.clientlibs/bnl/clientlibs/clientlib-all/resources/fonts/bnpp-sans/bnpp-sans-light.woff' from origin 'https://normativa-psd2-web.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://banking.bnl.it/etc.clientlibs/bnl/clientlibs/clientlib-all/resources/fonts/bnpp-sans/bnpp-sans-light.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://normativa-psd2-web.com/info/bnl/
Message:
Access to font at 'https://banking.bnl.it/etc.clientlibs/bnl/clientlibs/clientlib-all/resources/fonts/bnpp-sans/bnpp-sans.woff' from origin 'https://normativa-psd2-web.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://banking.bnl.it/etc.clientlibs/bnl/clientlibs/clientlib-all/resources/fonts/bnpp-sans/bnpp-sans.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://normativa-psd2-web.com/info/bnl/
Message:
Access to font at 'https://banking.bnl.it/etc.clientlibs/bnl/clientlibs/clientlib-all/resources/fonts/bnpp-sans/bnpp-sans-bold.ttf' from origin 'https://normativa-psd2-web.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://banking.bnl.it/etc.clientlibs/bnl/clientlibs/clientlib-all/resources/fonts/bnpp-sans/bnpp-sans-bold.ttf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://normativa-psd2-web.com/info/bnl/
Message:
Access to font at 'https://banking.bnl.it/etc.clientlibs/bnl/clientlibs/clientlib-all/resources/fonts/bnpp-sans/bnpp-sans-light.ttf' from origin 'https://normativa-psd2-web.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://banking.bnl.it/etc.clientlibs/bnl/clientlibs/clientlib-all/resources/fonts/bnpp-sans/bnpp-sans-light.ttf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://normativa-psd2-web.com/info/bnl/
Message:
Access to font at 'https://banking.bnl.it/etc.clientlibs/bnl/clientlibs/clientlib-all/resources/fonts/bnpp-sans/bnpp-sans.ttf' from origin 'https://normativa-psd2-web.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://banking.bnl.it/etc.clientlibs/bnl/clientlibs/clientlib-all/resources/fonts/bnpp-sans/bnpp-sans.ttf
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

banking.bnl.it
bnl.it
cdn.jsdelivr.net
cdn0.iconfinder.com
code.jquery.com
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
normativa-psd2-web.com
va.tawk.to
banking.bnl.it
2001:4de0:ac18::1:a:3b
2606:4700:10::6816:1983
2606:4700:3108::ac42:285e
2606:4700::6810:5914
2a00:1450:4001:80b::2003
2a00:1450:4001:828::200a
2a02:26f0:6c00:281::4445
2a02:4780:13:912:0:1644:4914:1
07fb8e7042e3340884bddb8930e7d370d86312b65ce59cf8c72eb37e79abd84a
08b53c5a235af3613d1964d3678ac26432071b1eae951590b84f14ea839a5678
0f0aef9670e1b3f32b79f61f847d0f470c062a9d17ff4c0a8ce2517710ff3411
0f1fbc0a5f423e0ef6cbdf94a7f7eb147e5d89669451641b171d55b3924fa8cf
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
161f78f0d9ea5a5025a082c14b694df6ca43e2d48db62ee35f3368ff3da02cc1
1e407cdc37ebed0fa913cba6dc8f889f6557f30a2882d102ebee229547042ab5
24b7fc7a5247a3ccb0216515023889adce611b2ca852efd2223509caeb81b9a9
31e77ecae8b2766fbe277dd3dcf6be2c5872d6a5f1836e123b73a6b02c204874
3256bdcc1e5248561caa53d35eb25848e0eb40e9ea2764f2d267e09596fb09bf
32ad9964e6874a05463783512128f03ec3d46bab8f47ba0efcb7920f60722fc2
34533e0e1da75160a7daf8a64a6c8e84d3ee9b9265695cfdf0ce3ce7ccac0139
48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c
4ef158b41b948a026674ff4d4780d40958e066c3c79b40748d091bb8123a9da6
4f37e40f466d79806853f3758a33da54b5df0794d81a070973e9d5d1ae4636a3
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
6f1e145d88c4b3f343055576d559fa8999045d205ea2f4e0d84f3b539c56ced8
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6
9014e413a2ed0a5b777c417873a254729ce6bb5fdca039a4dd5abd04417db98d
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
b5b1592fa8ab8256ceae1cf00cbe53ad23b82f85964514f421492df2a8735d2f
b601109f6454a4cdb28a089947fbaefcce2e471efcfdc60cc6869c9c36417e14
b82aa4147515da5554c7e22dd86e50170d92e2ce74902ebe4db2c8bbd9ab497f
bb94ebe9718dddddc412d9054b58d2ec39bea39d4f40e2181bafc4fb21120c19
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c441a4185403c04c6660b68f8e08dbb2c1006c6a0f792fd454216a35b73fc867
c6c0110847b188f2cb2010d57d69a380811f0e87588d943a216dc644b8aee782
d18dfca40d83a20a5bb0b627de61ae659248c1c39953b44e5cf5da7fed4f6685
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867
fea1078f1c89033344ccd1179dfb9e24cd64acddbccbc9157997348f194e9367
fee6dec9e7d648ac6be3c030ffc99fd2ac5f73398212f4cb2e43d7cdc28282ed