www.nexi.swiss Open in urlscan Pro
185.198.117.126 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.nexi.swiss/
Effective URL:
https://www.nexi.swiss/de
Submission: On April 09 via api (April 9th 2024, 3:12:21 pm UTC) from US — Scanned from US

Summary HTTP 30 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 30 HTTP transactions. The main IP is 185.198.117.126, located in Italy and belongs to NEXI-AS, IT. The main domain is www.nexi.swiss.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 8th 2023. Valid for: a year.

This is the only time www.nexi.swiss was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Nexi (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 18	185.198.117.126 185.198.117.126	35051 (NEXI-AS) (NEXI-AS)
1	2607:f8b0:400... 2607:f8b0:4006:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:822::2008	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:816::2004	15169 (GOOGLE) (GOOGLE)
3	2600:9000:251... 2600:9000:2510:8600:5:b7cc:d3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:b9b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:1cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80b::200e	15169 (GOOGLE) (GOOGLE)
30	10

18 185.198.117.126 (Italy) 1 redirects

ASN35051 (NEXI-AS, IT)

www.nexi.swiss	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2510:8600:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

sdk.privacy-center.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:b9b (United States)

ASN13335 (CLOUDFLARENET, US)

acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:817::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1cc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	nexi.swiss 1 redirects www.nexi.swiss	5 MB
3	acsbapp.com acsbapp.com — Cisco Umbrella Rank: 6772 cdn.acsbapp.com — Cisco Umbrella Rank: 7268	95 KB
3	privacy-center.org sdk.privacy-center.org — Cisco Umbrella Rank: 4768	164 KB
2	google.com www.google.com — Cisco Umbrella Rank: 5	883 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	200 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 99	254 B
1	gstatic.com www.gstatic.com	199 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 746	31 KB
30	8

	Domain	Requested by
18	www.nexi.swiss	1 redirects www.nexi.swiss
3	sdk.privacy-center.org	www.nexi.swiss sdk.privacy-center.org
2	acsbapp.com	www.nexi.swiss acsbapp.com
2	www.google.com	www.nexi.swiss www.gstatic.com
2	www.googletagmanager.com	www.nexi.swiss www.googletagmanager.com
1	www.google-analytics.com	www.googletagmanager.com
1	cdn.acsbapp.com	acsbapp.com
1	www.gstatic.com	www.google.com
1	ajax.googleapis.com	www.nexi.swiss
30	9

This site contains links to these domains. Also see Links.

Domain
accessibe.com
www.nexigroup.com
fa-ewwx-saasfaprod1.fa.ocs.oraclecloud.com
swiss.us8.list-manage.com
nets.whistleblowernetwork.net
www.facebook.com
www.youtube.com
www.linkedin.com
www.instagram.com

Subject Issuer	Validity	Valid
www.nexi.swiss Sectigo RSA Domain Validation Secure Server CA	`2023-08-08` - `2024-09-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.privacy-center.org Amazon RSA 2048 M03	`2024-03-10` - `2025-04-07`	a year	crt.sh
acsbapp.com GTS CA 1P5	`2024-02-23` - `2024-05-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.nexi.swiss/de
Frame ID: 9E3992D9EBC872E1ED3ECA63EA0E158A
Requests: 30 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld7ALUZAAAAAK4iDeutbuh9DdH-o4dwFyb6FGIP&co=aHR0cHM6Ly93d3cubmV4aS5zd2lzczo0NDM.&hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&size=invisible&cb=65fyucxxdf07
Frame ID: A867FF7FA02CCD0BFFDDD6257CAECD02
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bezahllösungen für Ihr Geschäft | Nexi Schweiz - Ihr Payment Partner

Page URL History Show full URLs

https://www.nexi.swiss/ HTTP 302
https://www.nexi.swiss/de Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc\.clientlibs/

Didomi (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

sdk\.privacy-center\.org/.*/loader\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

30
Requests

100 %
HTTPS

89 %
IPv6

8
Domains

9
Subdomains

10
IPs

2
Countries

5626 kB
Transfer

7351 kB
Size

2
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://accessibe.com/blog/knowledgebase/screen-reader-guide
Title: Leitfaden für barrierefreie Bildschirmlesegeräte, Feedback und Fehlerberichte

Search URL Search Domain Scan URL

URL: https://www.nexigroup.com/en/people/careers/job-openings/
Title: Karriere

Search URL Search Domain Scan URL

URL: https://fa-ewwx-saasfaprod1.fa.ocs.oraclecloud.com/hcmUI/CandidateExperience/en/sites/CX_1/requisitions?location=Switzerland&locationId=300000000459805&locationLevel=country&mode=location
Title: Offene Stellen

Search URL Search Domain Scan URL

URL: https://swiss.us8.list-manage.com/subscribe?u=5499351b1fd3acaee7035c37d&id=1b9d7fcfd8
Title: Newsletter

Search URL Search Domain Scan URL

URL: https://nets.whistleblowernetwork.net/setup
Title: Hinweisgebersystem

Search URL Search Domain Scan URL

URL: https://www.facebook.com/nexiswitzerland

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC_wHSOuUNhK7L1r8W00KaTw

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/nexi-switzerland/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nexi.switzerland/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.nexi.swiss/ HTTP 302
https://www.nexi.swiss/de Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request de Show response
www.nexi.swiss/
Redirect Chain

https://www.nexi.swiss/
https://www.nexi.swiss/de

76 KB
21 KB

116ms
115ms

Document
text/html

185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nexi.swiss/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

74e51981ea1042ac1d4bd01ae861afa95ad88282678735b7c78a7341abf5bd8c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, x-ma-bid, x-ma-sid
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html; charset=UTF-8
Date: Tue, 09 Apr 2024 15:12:14 GMT
ETag: "12fc4-615a44cde2907"
Keep-Alive: timeout=5, max=83
Last-Modified: Tue, 09 Apr 2024 06:47:48 GMT
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

Redirect headers

Connection: Keep-Alive
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 09 Apr 2024 15:12:14 GMT
Keep-Alive: timeout=5, max=85
Location: https://www.nexi.swiss/de
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
uniqueid: 356377d2933f5f2556974d0a42f036dd

GET
H/1.1 200
OK clientlib-site.css
www.nexi.swiss/etc.clientlibs/nexinew/clientlibs/ 289 KB
80 KB 213ms
123ms Stylesheet
text/css 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nexi.swiss/etc.clientlibs/nexinew/clientlibs/clientlib-site.css

Requested by

Host: www.nexi.swiss
URL: https://www.nexi.swiss/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

16d1130503387aa924cf223ff72a029d402ead92f5c6366798aa57582bc97e7f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.nexi.swiss/de
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 09 Apr 2024 15:12:14 GMT
Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Connection: Keep-Alive
Last-Modified: Wed, 03 Apr 2024 13:52:49 GMT
ETag: "482bc-6153189c85aeb"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: *
Content-Type: text/css
Cache-Control: max-age=8380800, public
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, x-ma-bid, x-ma-sid
Keep-Alive: timeout=5, max=86

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 36ms
5ms Script
text/javascript 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.nexi.swiss
URL: https://www.nexi.swiss/de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.nexi.swiss/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 14:16:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Apr 2025 14:16:00 GMT

GET
H/1.1 200
OK nexi-logo-white.svg
www.nexi.swiss/content/dam/nexinew/icone/ 2 KB
3 KB 330ms
112ms Image
image/svg+xml 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nexi.swiss/content/dam/nexinew/icone/nexi-logo-white.svg

Requested by

Host: www.nexi.swiss
URL: https://www.nexi.swiss/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

4c399d83f036f296ac9cdc6cbb47af8f77b8892218b7c0ae7c26b292f4eddd08

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.nexi.swiss/de
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 09 Apr 2024 15:12:14 GMT
Content-Security-Policy: frame-ancestors 'self'
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Connection: Keep-Alive
Last-Modified: Wed, 03 Apr 2024 13:52:55 GMT
ETag: "72c-615318a1e0491"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: *
Content-Type: image/svg+xml
Cache-Control: max-age=8380800, public
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, x-ma-bid, x-ma-sid
Keep-Alive: timeout=5, max=79

GET
H/1.1 200
OK nexi-logo-dark.svg
www.nexi.swiss/content/dam/nexinew/icone/ 2 KB
3 KB 352ms
128ms Image
image/svg+xml 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nexi.swiss/content/dam/nexinew/icone/nexi-logo-dark.svg

Requested by

Host: www.nexi.swiss
URL: https://www.nexi.swiss/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

2bef6e7b4bd23a7009ddf29a2896bbdc7e25a365b501b2c34b5fd42917e12337

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.nexi.swiss/de
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 09 Apr 2024 15:12:14 GMT
Content-Security-Policy: frame-ancestors 'self'
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Connection: Keep-Alive
Content-Length: 2298
Last-Modified: Wed, 03 Apr 2024 13:53:11 GMT
ETag: "8fa-615318b139bbf"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: *
Content-Type: image/svg+xml
Cache-Control: max-age=8380800, public
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, x-ma-bid, x-ma-sid
Keep-Alive: timeout=5, max=71

GET
H/1.1 200
OK DE-Spring-Offer-1920x1080.webp
www.nexi.swiss/content/dam/nexich/img/offer/ 207 KB
208 KB 224ms
224ms Image
image/webp 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nexi.swiss/content/dam/nexich/img/offer/DE-Spring-Offer-1920x1080.webp

Requested by

Host: www.nexi.swiss
URL: https://www.nexi.swiss/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

b69f81a22e01c8d3ff33d004cdb7e5e0ed711a1d7dd66e998f5d2d3382d0d750

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.nexi.swiss/de
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 09 Apr 2024 15:12:14 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Thu, 04 Apr 2024 12:54:37 GMT
ETag: "33a20-61544d77c0ba7"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=8380800, public
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, x-ma-bid, x-ma-sid
Keep-Alive: timeout=5, max=78

GET
H/1.1 200
OK Home_Slide-Offer.png
www.nexi.swiss/content/dam/nexich/desktop/home/ 3 MB
3 MB 122ms
122ms Image
image/png 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nexi.swiss/content/dam/nexich/desktop/home/Home_Slide-Offer.png

Requested by

Host: www.nexi.swiss
URL: https://www.nexi.swiss/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

cb21219cb43b49ba2a9186786d42843956614f6d1374bac21ce276f336da5c6d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.nexi.swiss/de
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 09 Apr 2024 15:12:14 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Mon, 25 Mar 2024 07:06:16 GMT
ETag: "3146f4-61476cf4e5f94"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=8380800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, x-ma-bid, x-ma-sid
Content-Length: 3229428
Keep-Alive: timeout=5, max=80

GET
H/1.1 200
OK Home_Slide-Offer2.png
www.nexi.swiss/content/dam/nexich/desktop/home/ 341 KB
342 KB 112ms
110ms Image
image/png 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nexi.swiss/content/dam/nexich/desktop/home/Home_Slide-Offer2.png

Requested by

Host: www.nexi.swiss
URL: https://www.nexi.swiss/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

cbc0db4c7cf95a8e6110801f0a85010d839580fcc71bbae20186e737c382d0e4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.nexi.swiss/de
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 09 Apr 2024 15:12:15 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Mon, 25 Mar 2024 07:05:35 GMT
ETag: "552a7-61476ccd6378f"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=8380800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, x-ma-bid, x-ma-sid
Content-Length: 348839
Keep-Alive: timeout=5, max=69

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 307 KB
100 KB 92ms
54ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NT44S8P

Requested by

Host: www.nexi.swiss
URL: https://www.nexi.swiss/de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

160fee54e9090c2b8d222e194c95403acd375cd09ff16436675f9686f3008283

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.nexi.swiss/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:12:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102243
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Apr 2024 15:12:15 GMT

GET
H/1.1 200
OK clientlib-site.js Show response
www.nexi.swiss/etc.clientlibs/nexinew/clientlibs/ 838 KB
839 KB 532ms
112ms Script
application/javascript 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nexi.swiss/etc.clientlibs/nexinew/clientlibs/clientlib-site.js

Requested by

Host: www.nexi.swiss
URL: https://www.nexi.swiss/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

56ac942979d04a52ea5050844008158594c1538eaaf42b227fac43efb9069242

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.nexi.swiss/de
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 09 Apr 2024 15:12:15 GMT
Content-Security-Policy: frame-ancestors 'self'
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Connection: Keep-Alive
Content-Length: 858427
Last-Modified: Wed, 03 Apr 2024 13:52:56 GMT
ETag: "d193b-615318a2fac30"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Cache-Control: max-age=8380800, public
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, x-ma-bid, x-ma-sid
Keep-Alive: timeout=5, max=67

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
883 B 55ms
30ms Script
text/javascript 2607:f8b0:4006:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Ld7ALUZAAAAAK4iDeutbuh9DdH-o4dwFyb6FGIP

Requested by

Host: www.nexi.swiss
URL: https://www.nexi.swiss/de

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e0ed21627124aa5aeb1dca86e27753296b1c43447a6f6a8dd18cce90f73b27e5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.nexi.swiss/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:12:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 09 Apr 2024 15:12:15 GMT

GET
H/1.1 200
OK 1 Show response
www.nexi.swiss/g78f9/in/356377d2933f5f2556974d0a42f036dd/2/ 0
829 B 133ms
131ms Script
text/plain 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nexi.swiss/g78f9/in/356377d2933f5f2556974d0a42f036dd/2/1?t=1712675534
Requested by: Host: www.nexi.swiss
URL: https://www.nexi.swiss/de
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.nexi.swiss/de
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Expires: 0
Pragma: no-cache
Date: Tue, 09 Apr 2024 15:12:15 GMT
Cache-Control: no-cache, no-store, proxy-revalidate, no-transform, must-revalidate
Content-Length: 0
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f15939181132a8ea3a1798da2a751abff0c0ffd3efae80b7229a921edc4f90b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 loader.js Show response
sdk.privacy-center.org/3b629be4-eb58-4096-bdbb-615b2c83c816/ 56 KB
21 KB 373ms
332ms Script
application/javascript 2600:9000:2510:8600:5:b7cc:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/3b629be4-eb58-4096-bdbb-615b2c83c816/loader.js?target=www.nexi.swiss
Requested by: Host: www.nexi.swiss
URL: https://www.nexi.swiss/de
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:8600:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3bb86e63c59a78794a756ae2bf0239dfc1dc8cd1a768690390e6791b7179925

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.nexi.swiss/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:12:15 GMT
x-didomi-configs-version: 100
x-didomi-remote-config-metadata: multiReg:true;legacyGlobalGdpr:true
content-encoding: br
via: 1.1 241db89625f6ef70a00b0e19e0cfc332.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
x-amzn-requestid: 31e90f6a-f1b9-4b6a-9c36-80ed57970a80
etag: W/"37466bdf3fcdc7abf80f56c5dd3a7cc7"
vary: Accept-Encoding
x-amzn-trace-id: root=1-66155acf-7967e9b92738c1f017e0fe6d;parent=7aa5a5f6dcb8d315;sampled=0;lineage=eaae1266:0
content-type: application/javascript; charset=utf-8
x-cache: Miss from cloudfront
cache-control: max-age=7200, public
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: uSa6a_G9L-pycyCLH6dQ5s7JRrNjq_IzejvPeLq3epG5iTCyTxG7ng==

GET
H2 200 app.js Show response
acsbapp.com/apps/app/dist/js/ 302 KB
92 KB 79ms
39ms Script
application/javascript 2606:4700:10::ac43:b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/app.js
Requested by: Host: www.nexi.swiss
URL: https://www.nexi.swiss/de
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27798a9f2d3863843469a5fa22c490c8871ad717a279a723d766a2fb0c24335e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.nexi.swiss/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:12:15 GMT
content-encoding: br
cf-cache-status: HIT
x-guploader-uploadid: ABPtcPpfdmJDlRz7ULFulgKQkwIlaRjT020NOFIQco_Klzf2TRDwh0ffMj0aiuxcsbS0sv4c4YQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
last-modified: Sun, 07 Apr 2024 11:28:54 GMT
server: cloudflare
etag: W/"7afe6223ae565a114eb25528dc023135"
vary: Accept-Encoding
x-goog-hash: crc32c=PsGSJQ==, md5=ev5iI65WWhFOslUo3AIxNQ==
x-goog-generation: 1712489334423378
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=300, must-revalidate
x-goog-stored-content-length: 308748
cf-ray: 871b6f2e0ffa4294-EWR
expires: Wed, 09 Apr 2025 15:12:15 GMT

GET
H/1.1 200
OK KarbonAppMedium.woff2
www.nexi.swiss/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/karbon/ 39 KB
40 KB 243ms
124ms Font
font/woff2 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nexi.swiss/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/karbon/KarbonAppMedium.woff2

Requested by

Host: www.nexi.swiss
URL: https://www.nexi.swiss/etc.clientlibs/nexinew/clientlibs/clientlib-site.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

87526f6a2177902e89ac67e69e6152671d38625024ae399ce3ba149599614bb9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.nexi.swiss/etc.clientlibs/nexinew/clientlibs/clientlib-site.css
Origin: https://www.nexi.swiss
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 09 Apr 2024 15:12:15 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Wed, 03 Apr 2024 13:52:50 GMT
ETag: "9a74-6153189d791f1"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: font/woff2
Access-Control-Allow-Origin: *
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=8380800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, x-ma-bid, x-ma-sid
Content-Length: 39540
Keep-Alive: timeout=5, max=85

GET
H/1.1 200
OK nexinew.ttf
www.nexi.swiss/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/nexinew/ 21 KB
22 KB 304ms
118ms Font
application/font-sfnt 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nexi.swiss/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/nexinew/nexinew.ttf

Requested by

Host: www.nexi.swiss
URL: https://www.nexi.swiss/etc.clientlibs/nexinew/clientlibs/clientlib-site.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

525ffea0234afc7e31ca14912e889ef7d13a4c2b741db7e737a1244bbd9c0b73

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.nexi.swiss/etc.clientlibs/nexinew/clientlibs/clientlib-site.css
Origin: https://www.nexi.swiss
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 09 Apr 2024 15:12:15 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Wed, 03 Apr 2024 13:52:55 GMT
ETag: "5360-615318a244239"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: application/font-sfnt
Access-Control-Allow-Origin: *
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=8380800, public
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, x-ma-bid, x-ma-sid
Keep-Alive: timeout=5, max=75

GET
H/1.1 200
OK KarbonApp.woff2
www.nexi.swiss/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/karbon/ 40 KB
41 KB 335ms
119ms Font
font/woff2 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nexi.swiss/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/karbon/KarbonApp.woff2

Requested by

Host: www.nexi.swiss
URL: https://www.nexi.swiss/etc.clientlibs/nexinew/clientlibs/clientlib-site.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

53192495ec43c0d10022eb2fecefd9bd2967f56dab0fd98d3a3d5831422f7323

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.nexi.swiss/etc.clientlibs/nexinew/clientlibs/clientlib-site.css
Origin: https://www.nexi.swiss
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 09 Apr 2024 15:12:15 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Wed, 03 Apr 2024 13:52:56 GMT
ETag: "9e2c-615318a3956b3"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: font/woff2
Access-Control-Allow-Origin: *
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=8380800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, x-ma-bid, x-ma-sid
Content-Length: 40492
Keep-Alive: timeout=5, max=99

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/ 499 KB
199 KB 209ms
6ms Script
text/javascript 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Ld7ALUZAAAAAK4iDeutbuh9DdH-o4dwFyb6FGIP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f2c6777c7ccc01ab67290fa8acd5a4c4866be64129f39dfaeb9197dfa15e137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.nexi.swiss/
Origin: https://www.nexi.swiss
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 07:29:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27747
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 203369
x-xss-protection: 0
last-modified: Fri, 29 Mar 2024 04:30:36 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Apr 2025 07:29:48 GMT

GET
H2 200 config.json Show response
cdn.acsbapp.com/config/nexi.swiss/ 164 B
701 B 102ms
59ms Fetch
application/json 2606:4700:10::6816:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/config/nexi.swiss/config.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e3de6d0bb1cc35c3c0d2773b226a0c4fa11123f57ff08612b62b45e57793a2f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.nexi.swiss/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:12:15 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABPtcPpJCUQh1NQ2AsaZ1IOxfz6V3D8lxHX-p9euheVRNatIHKLr6ABdlaN2sePz4JV3H1jOgQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Mon, 18 Sep 2023 09:58:33 GMT
server: cloudflare
etag: W/"9656e420ca850c2ca696289d9d7da45f"
vary: Accept-Encoding
x-goog-generation: 1695031113781002
content-type: application/json
access-control-allow-origin: *
x-goog-hash: crc32c=4yfFKg==, md5=llbkIMqFDCymliidnX2kXw==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=300, must-revalidate
x-goog-stored-content-length: 164
cf-ray: 871b6f2fcf030f65-EWR
expires: Wed, 09 Apr 2025 15:12:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 304 KB
100 KB 65ms
64ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8SHS235GSV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NT44S8P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c3376b8ced68bbf27ad22a8ae6af8eca7059cd016571e5e7447188b3b017687b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.nexi.swiss/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:12:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102501
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Apr 2024 15:12:15 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame A867 0
0 53ms
40ms Document
text/html 2607:f8b0:4006:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld7ALUZAAAAAK4iDeutbuh9DdH-o4dwFyb6FGIP&co=aHR0cHM6Ly93d3cubmV4aS5zd2lzczo0NDM.&hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&size=invisible&cb=65fyucxxdf07

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Gli3hTNuXpG6k-ZlCyjTGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nexi.swiss/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Gli3hTNuXpG6k-ZlCyjTGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 09 Apr 2024 15:12:15 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 de-app.json Show response
acsbapp.com/apps/app/dist/js/locale/ 4 KB
2 KB 47ms
46ms Fetch
application/json 2606:4700:10::6816:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/locale/de-app.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b06d837458d194658b3a4744b4b0a7a012a0b26d3473a99b7aab66d56e321944

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.nexi.swiss/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:12:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
age: 0
x-guploader-uploadid: ABPtcPrIaXm21aIp7QLAUpazN_LtEsV-wno3YlfRTB_O5Z5MiCQGOwFSuwkN3NDXDiv52ZXlfe0
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
last-modified: Sun, 07 Apr 2024 11:29:38 GMT
server: cloudflare
etag: W/"4b20464e59c71221b5a003350aa73d2c"
x-goog-hash: crc32c=1wpTwA==, md5=SyBGTlnHEiG1oAM1Cqc9LA==
x-goog-generation: 1712489378457622
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=300, must-revalidate
x-goog-stored-content-length: 3682
cf-ray: 871b6f305fbf0f65-EWR
expires: Wed, 09 Apr 2025 15:12:15 GMT

GET
H2 200 sdk.4ee70385a827876ed22e1c022a02fc63ec620f9e.js Show response
sdk.privacy-center.org/sdk/4ee70385a827876ed22e1c022a02fc63ec620f9e/modern/ 342 KB
88 KB 7ms
6ms Script
application/javascript 2600:9000:2510:8600:5:b7cc:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/sdk/4ee70385a827876ed22e1c022a02fc63ec620f9e/modern/sdk.4ee70385a827876ed22e1c022a02fc63ec620f9e.js
Requested by: Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/3b629be4-eb58-4096-bdbb-615b2c83c816/loader.js?target=www.nexi.swiss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:8600:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24a87858c735bc97c97325274dcfac3022ce2f544f27c35e09fa6f31de31e1ee

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.nexi.swiss/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 13:33:35 GMT
content-encoding: br
via: 1.1 241db89625f6ef70a00b0e19e0cfc332.cloudfront.net (CloudFront)
last-modified: Mon, 08 Apr 2024 13:33:09 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
age: 92321
etag: W/"d2cd0acd274f7bfeb66560a3e30d6e1c-1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: rQonmiZfawAdv2FGcZsDF8yELqy653KIt46SwZbS0CJhuHclW5UL4w==

GET
H3 200 ui-gdpr-en-web.4ee70385a827876ed22e1c022a02fc63ec620f9e.js Show response
sdk.privacy-center.org/sdk/4ee70385a827876ed22e1c022a02fc63ec620f9e/modern/ 264 KB
55 KB 6ms
4ms Script
application/javascript 2600:9000:2510:8600:5:b7cc:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/sdk/4ee70385a827876ed22e1c022a02fc63ec620f9e/modern/ui-gdpr-en-web.4ee70385a827876ed22e1c022a02fc63ec620f9e.js
Requested by: Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk/4ee70385a827876ed22e1c022a02fc63ec620f9e/modern/sdk.4ee70385a827876ed22e1c022a02fc63ec620f9e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2510:8600:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31b55f9ceb6046068f3ef37edcefb33ff8525cb641043d2e25543e7cd7bb6f0b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.nexi.swiss/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 13:33:48 GMT
content-encoding: br
via: 1.1 fa503ecd9278a874859948f3b586c782.cloudfront.net (CloudFront)
last-modified: Mon, 08 Apr 2024 13:33:11 GMT
server: AmazonS3
age: 92309
x-amz-cf-pop: JFK50-P5
etag: W/"8a8210ec198fd7723d11f7b538f552e4-1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: fIRTM2qjqW5ADwmog_8s1u_AeVSfK4o8o5SztCycseph9Zt_HVtDBg==

GET
H/1.1 200
OK KarbonAppSemibold.woff2
www.nexi.swiss/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/karbon/ 39 KB
40 KB 113ms
112ms Font
font/woff2 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nexi.swiss/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/karbon/KarbonAppSemibold.woff2

Requested by

Host: www.nexi.swiss
URL: https://www.nexi.swiss/etc.clientlibs/nexinew/clientlibs/clientlib-site.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

83e9a25bc3d65aa88a683b34f650213f0c74e657b29436a37ef138c2ea689dda

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.nexi.swiss/etc.clientlibs/nexinew/clientlibs/clientlib-site.css
Origin: https://www.nexi.swiss
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 09 Apr 2024 15:12:16 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Wed, 03 Apr 2024 13:52:48 GMT
ETag: "9b3c-6153189bb398c"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: font/woff2
Access-Control-Allow-Origin: *
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=8380800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, x-ma-bid, x-ma-sid
Content-Length: 39740
Keep-Alive: timeout=5, max=78

POST
H2 204 collect
www.google-analytics.com/g/ 0
254 B 41ms
19ms Ping
text/plain 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-8SHS235GSV&gtm=45je4430v9165671458z89105342861za200&_p=1712675534580&gcs=G100&gcd=13p3p3p3p5&npa=1&dma_cps=-&dma=0&gdid=dMTc4Zm&tt=external&cid=2077536415.1712675537&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&_s=1&sid=1712675536&sct=1&seg=0&dl=https%3A%2F%2Fwww.nexi.swiss%2Fde&dt=Bezahll%C3%B6sungen%20f%C3%BCr%20Ihr%20Gesch%C3%A4ft%20%7C%20Nexi%20Schweiz%20-%20Ihr%20Payment%20Partner&en=slider&_fv=1&_nsi=1&_ss=1&ep.container_id=GTM-NT44S8P&ep.container_version=27&ep.connection_speed=4g&epn.is_internal_traffic=0&epn.device_pixel_ratio=1&ep.content_language=DE&ep.action=impression&ep.label=Unser%20Special&ep.click_url=https%3A%2F%2Fwww.nexi.swiss%2Fde%2Fangebote%2Fspecials&epn.position=1&tfd=3782
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8SHS235GSV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.nexi.swiss/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 09 Apr 2024 15:12:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nexi.swiss
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Verlauf_Nexi.jpg
www.nexi.swiss/content/dam/nexich/img/ 90 KB
91 KB 109ms
109ms Image
image/jpeg 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nexi.swiss/content/dam/nexich/img/Verlauf_Nexi.jpg

Requested by

Host: www.nexi.swiss
URL: https://www.nexi.swiss/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

261da024915b2029c9f8097cf9d6e8c58141720167467908b6d5972ea3da8859

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.nexi.swiss/de
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 09 Apr 2024 15:12:16 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Mon, 25 Mar 2024 06:14:33 GMT
ETag: "16954-61476164beef3"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=8380800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, x-ma-bid, x-ma-sid
Content-Length: 92500
Keep-Alive: timeout=5, max=64

GET
H/1.1 200
OK Border_Nexi.png
www.nexi.swiss/content/dam/nexich/img/ 14 KB
15 KB 116ms
115ms Image
image/png 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nexi.swiss/content/dam/nexich/img/Border_Nexi.png

Requested by

Host: www.nexi.swiss
URL: https://www.nexi.swiss/de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

e2ed3b0a025d512182f96ed82e8ebc9d4d5695b26d63b2b85f27e95e98f7c2be

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.nexi.swiss/de
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 09 Apr 2024 15:12:16 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Mon, 25 Mar 2024 06:14:33 GMT
ETag: "37c3-61476164b7037"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=8380800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, x-ma-bid, x-ma-sid
Content-Length: 14275
Keep-Alive: timeout=5, max=75

GET
H/1.1 200
OK favicon.png
www.nexi.swiss/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/favicons/ 801 B
2 KB 119ms
119ms Other
image/png 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nexi.swiss/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/favicons/favicon.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

e5c0e42bb6a3f3a244f8724587feb409c48a467a098e94c708bbb58117d41369

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.nexi.swiss/de
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 09 Apr 2024 15:12:20 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Wed, 03 Apr 2024 13:52:52 GMT
ETag: "321-6153189fa6f31"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=8380800, public
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, x-ma-bid, x-ma-sid
Keep-Alive: timeout=5, max=52

GET
H/1.1 200
OK favicon.ico
www.nexi.swiss/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/favicons/ 34 KB
35 KB 124ms
124ms Other
image/vnd.microsoft.icon 185.198.117.126
NEXI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nexi.swiss/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/favicons/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.198.117.126 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

ddcb12028caf567e0f9d6af1adc7e51df78b7c800f99eab2608c11ca47f9b77e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.nexi.swiss/de
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 09 Apr 2024 15:12:20 GMT
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Wed, 03 Apr 2024 13:52:58 GMT
ETag: "86be-615318a510b1b"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: image/vnd.microsoft.icon
Access-Control-Allow-Origin: *
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=8380800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, x-ma-bid, x-ma-sid
Content-Length: 34494
Keep-Alive: timeout=5, max=83

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Nexi (Banking)

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.nexi.swiss/	1969-12-31 23:59:59	Name: TS0168694d Value: 01d37309fc456f0bff0872edf2f3ca3b1e1af7668bb0523cff0e22963b0f3b655bba59728bff721ffe18b5b0d386b477727b40d575
			.nexi.swiss/	1970-01-21 04:31:37	Name: didomi_token Value: eyJ1c2VyX2lkIjoiMThlYzM2YWItYzg4Yy02ZGY3LWI2ODMtNzgzY2Y4ZGFiMGUzIiwiY3JlYXRlZCI6IjIwMjQtMDQtMDlUMTU6MTI6MTYuMDA4WiIsInVwZGF0ZWQiOiIyMDI0LTA0LTA5VDE1OjEyOjE2LjAxMFoiLCJ2ZXJzaW9uIjpudWxsfQ==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acsbapp.com
ajax.googleapis.com
cdn.acsbapp.com
sdk.privacy-center.org
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.nexi.swiss
185.198.117.126
2600:9000:2510:8600:5:b7cc:d3c0:93a1
2606:4700:10::6816:1cc
2606:4700:10::ac43:b9b
2607:f8b0:4006:80b::200e
2607:f8b0:4006:80e::200a
2607:f8b0:4006:816::2004
2607:f8b0:4006:817::2003
2607:f8b0:4006:822::2008
160fee54e9090c2b8d222e194c95403acd375cd09ff16436675f9686f3008283
16d1130503387aa924cf223ff72a029d402ead92f5c6366798aa57582bc97e7f
24a87858c735bc97c97325274dcfac3022ce2f544f27c35e09fa6f31de31e1ee
261da024915b2029c9f8097cf9d6e8c58141720167467908b6d5972ea3da8859
27798a9f2d3863843469a5fa22c490c8871ad717a279a723d766a2fb0c24335e
2bef6e7b4bd23a7009ddf29a2896bbdc7e25a365b501b2c34b5fd42917e12337
2e3de6d0bb1cc35c3c0d2773b226a0c4fa11123f57ff08612b62b45e57793a2f
31b55f9ceb6046068f3ef37edcefb33ff8525cb641043d2e25543e7cd7bb6f0b
3f15939181132a8ea3a1798da2a751abff0c0ffd3efae80b7229a921edc4f90b
4c399d83f036f296ac9cdc6cbb47af8f77b8892218b7c0ae7c26b292f4eddd08
525ffea0234afc7e31ca14912e889ef7d13a4c2b741db7e737a1244bbd9c0b73
53192495ec43c0d10022eb2fecefd9bd2967f56dab0fd98d3a3d5831422f7323
56ac942979d04a52ea5050844008158594c1538eaaf42b227fac43efb9069242
74e51981ea1042ac1d4bd01ae861afa95ad88282678735b7c78a7341abf5bd8c
83e9a25bc3d65aa88a683b34f650213f0c74e657b29436a37ef138c2ea689dda
87526f6a2177902e89ac67e69e6152671d38625024ae399ce3ba149599614bb9
8f2c6777c7ccc01ab67290fa8acd5a4c4866be64129f39dfaeb9197dfa15e137
b06d837458d194658b3a4744b4b0a7a012a0b26d3473a99b7aab66d56e321944
b69f81a22e01c8d3ff33d004cdb7e5e0ed711a1d7dd66e998f5d2d3382d0d750
c3376b8ced68bbf27ad22a8ae6af8eca7059cd016571e5e7447188b3b017687b
cb21219cb43b49ba2a9186786d42843956614f6d1374bac21ce276f336da5c6d
cbc0db4c7cf95a8e6110801f0a85010d839580fcc71bbae20186e737c382d0e4
ddcb12028caf567e0f9d6af1adc7e51df78b7c800f99eab2608c11ca47f9b77e
e0ed21627124aa5aeb1dca86e27753296b1c43447a6f6a8dd18cce90f73b27e5
e2ed3b0a025d512182f96ed82e8ebc9d4d5695b26d63b2b85f27e95e98f7c2be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bb86e63c59a78794a756ae2bf0239dfc1dc8cd1a768690390e6791b7179925
e5c0e42bb6a3f3a244f8724587feb409c48a467a098e94c708bbb58117d41369
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

www.nexi.swiss Open in urlscan Pro 185.198.117.126 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

100 %HTTPS

89 %IPv6

8 Domains

9 Subdomains

10 IPs

2 Countries

5626 kBTransfer

7351 kBSize

2 Cookies

9 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nexi.swiss Open in urlscan Pro
185.198.117.126 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

100 %
HTTPS

89 %
IPv6

8
Domains

9
Subdomains

10
IPs

2
Countries

5626 kB
Transfer

7351 kB
Size

2
Cookies

30 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!