bank-connection.hml.openbanking.picpay.com Open in urlscan Pro
2606:4700:4400::6812:2a56  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response bank-connection.hml.openbanking.picpay.com/	33 KB 7 KB	537ms 423ms	Document text/html	2606:4700:4400::6812:2a56 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bank-connection.hml.openbanking.picpay.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2a56 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Next.js Resource Hash 3120f625072f639ae54ccf88d091bb8fc90ca45a595202abec4cb47db26318ee Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cf-cache-status DYNAMIC cf-ray 87ced20ada6f190b-FRA content-encoding gzip content-type text/html; charset=utf-8 date Wed, 01 May 2024 09:42:15 GMT server cloudflare vary Accept-Encoding x-envoy-upstream-service-time 3 x-powered-by Next.js
GET H2	200	57c10d71302077c6_complete.js Show response js-cdn.dynatrace.com/jstag/17b628055ae/bf23690qhp/	213 KB 81 KB	140ms 49ms	Script application/javascript	52.222.236.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js-cdn.dynatrace.com/jstag/17b628055ae/bf23690qhp/57c10d71302077c6_complete.js Requested by Host: bank-connection.hml.openbanking.picpay.com URL: https://bank-connection.hml.openbanking.picpay.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.7 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-7.fra56.r.cloudfront.net Software / Resource Hash 595e254bdd208e144acdb3589c17963e56454f55dfad2c2a8cd91a9dd8a4945d Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://bank-connection.hml.openbanking.picpay.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 09:00:25 GMT content-encoding gzip via 1.1 a823be133adad65df6d3bf471a742792.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P4 age 2511 x-cache Hit from cloudfront x-oneagent-js-injection true traffic-source UNKNOWN dynatrace-response-id 3Y38VIVTVKFB dynatrace-response-source Cluster vary Accept-Encoding content-type application/javascript;charset=utf-8 access-control-allow-origin * cache-control public, max-age=3600 timing-allow-origin * x-amz-cf-id RrnUZSLrPaw-c9ZxIpMuGQCYF1XxQVnssEJ2lRFQmWcR9DYGByWmng== expires Wed, 01 May 2024 10:00:25 GMT
GET H2	200	webpack-5f38ebd2ec83dd13.js Show response bank-connection.hml.openbanking.picpay.com/_next/static/chunks/	4 KB 2 KB	464ms 464ms	Script application/javascript	2606:4700:4400::6812:2a56 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bank-connection.hml.openbanking.picpay.com/_next/static/chunks/webpack-5f38ebd2ec83dd13.js Requested by Host: bank-connection.hml.openbanking.picpay.com URL: https://bank-connection.hml.openbanking.picpay.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2a56 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 29d2f68be61f0255adb16f93754650ca088d8d479815329f6af0ab127d594314 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://bank-connection.hml.openbanking.picpay.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 09:42:16 GMT content-encoding gzip cf-cache-status MISS last-modified Mon, 29 Apr 2024 13:14:26 GMT server cloudflare etag W/"fcd-18f29fe0b50" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 x-envoy-upstream-service-time 49 accept-ranges bytes cf-ray 87ced20d8e67190b-FRA content-length 1878 expires Thu, 01 May 2025 09:42:16 GMT
GET H2	200	framework-ef24aea04218e372.js Show response bank-connection.hml.openbanking.picpay.com/_next/static/chunks/	138 KB 44 KB	618ms 617ms	Script application/javascript	2606:4700:4400::6812:2a56 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bank-connection.hml.openbanking.picpay.com/_next/static/chunks/framework-ef24aea04218e372.js Requested by Host: bank-connection.hml.openbanking.picpay.com URL: https://bank-connection.hml.openbanking.picpay.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2a56 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8ae63fa2ac26370c815129d7b4248d13640d7b6961b01be25887d1ee494f25bd Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://bank-connection.hml.openbanking.picpay.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 09:42:16 GMT content-encoding gzip cf-cache-status MISS last-modified Mon, 29 Apr 2024 13:14:26 GMT server cloudflare etag W/"22696-18f29fe0b50" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 x-envoy-upstream-service-time 46 cf-ray 87ced20d9e82190b-FRA expires Thu, 01 May 2025 09:42:16 GMT
GET H2	200	main-7920f8bb24279ffe.js Show response bank-connection.hml.openbanking.picpay.com/_next/static/chunks/	104 KB 31 KB	539ms 537ms	Script application/javascript	2606:4700:4400::6812:2a56 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bank-connection.hml.openbanking.picpay.com/_next/static/chunks/main-7920f8bb24279ffe.js Requested by Host: bank-connection.hml.openbanking.picpay.com URL: https://bank-connection.hml.openbanking.picpay.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2a56 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7195b39d674ca205ad1a2e60de87b354f3407fbd11451a9a24d106752fc05e77 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://bank-connection.hml.openbanking.picpay.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 09:42:16 GMT content-encoding gzip cf-cache-status MISS last-modified Mon, 29 Apr 2024 13:14:26 GMT server cloudflare etag W/"19fad-18f29fe0b50" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 x-envoy-upstream-service-time 28 cf-ray 87ced20d9e8e190b-FRA expires Thu, 01 May 2025 09:42:16 GMT
GET H2	200	_app-1e85aa1551c295f7.js Show response bank-connection.hml.openbanking.picpay.com/_next/static/chunks/pages/	2 MB 607 KB	556ms 555ms	Script application/javascript	2606:4700:4400::6812:2a56 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bank-connection.hml.openbanking.picpay.com/_next/static/chunks/pages/_app-1e85aa1551c295f7.js Requested by Host: bank-connection.hml.openbanking.picpay.com URL: https://bank-connection.hml.openbanking.picpay.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2a56 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 49a52ff5e6117943fa2dd2bef60acf17055d759a37fbdf4fd1db9b60ccff9ef4 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://bank-connection.hml.openbanking.picpay.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 09:42:16 GMT content-encoding gzip cf-cache-status MISS last-modified Mon, 29 Apr 2024 13:14:26 GMT server cloudflare etag W/"1ac059-18f29fe0b50" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 x-envoy-upstream-service-time 5 cf-ray 87ced20d9e91190b-FRA expires Thu, 01 May 2025 09:42:16 GMT
GET H2	200	965-bcd6eef791472a89.js Show response bank-connection.hml.openbanking.picpay.com/_next/static/chunks/	17 KB 5 KB	449ms 448ms	Script application/javascript	2606:4700:4400::6812:2a56 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bank-connection.hml.openbanking.picpay.com/_next/static/chunks/965-bcd6eef791472a89.js Requested by Host: bank-connection.hml.openbanking.picpay.com URL: https://bank-connection.hml.openbanking.picpay.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2a56 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1fe48bcc1b857262e2061832510577426d6b9b8450014ce2141e0a95aad3e1c4 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://bank-connection.hml.openbanking.picpay.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 09:42:16 GMT content-encoding gzip cf-cache-status MISS last-modified Mon, 29 Apr 2024 13:14:26 GMT server cloudflare etag W/"427b-18f29fe0b50" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 x-envoy-upstream-service-time 37 cf-ray 87ced20d9e94190b-FRA expires Thu, 01 May 2025 09:42:16 GMT
GET H2	200	index-80b237945a22eeb6.js Show response bank-connection.hml.openbanking.picpay.com/_next/static/chunks/pages/	424 B 447 B	446ms 445ms	Script application/javascript	2606:4700:4400::6812:2a56 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bank-connection.hml.openbanking.picpay.com/_next/static/chunks/pages/index-80b237945a22eeb6.js Requested by Host: bank-connection.hml.openbanking.picpay.com URL: https://bank-connection.hml.openbanking.picpay.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2a56 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 972dc9d78d0f9f9218f0e0355f5edf04423a3637dad9013eacff4fd52cbd7dec Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://bank-connection.hml.openbanking.picpay.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 09:42:16 GMT content-encoding gzip cf-cache-status MISS last-modified Mon, 29 Apr 2024 13:14:26 GMT server cloudflare etag W/"1a8-18f29fe0b50" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 x-envoy-upstream-service-time 31 cf-ray 87ced20d9e97190b-FRA expires Thu, 01 May 2025 09:42:16 GMT
GET H2	200	_buildManifest.js Show response bank-connection.hml.openbanking.picpay.com/_next/static/1LkrlgOMQO1vae_uc5la1/	1 KB 579 B	451ms 450ms	Script application/javascript	2606:4700:4400::6812:2a56 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bank-connection.hml.openbanking.picpay.com/_next/static/1LkrlgOMQO1vae_uc5la1/_buildManifest.js Requested by Host: bank-connection.hml.openbanking.picpay.com URL: https://bank-connection.hml.openbanking.picpay.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2a56 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 810651e96e21d7299c12c27b2d9725cf95515eff01084ee697189b441c186846 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://bank-connection.hml.openbanking.picpay.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 09:42:16 GMT content-encoding gzip cf-cache-status MISS last-modified Mon, 29 Apr 2024 13:14:26 GMT server cloudflare etag W/"4af-18f29fe0b50" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 x-envoy-upstream-service-time 17 cf-ray 87ced20d9e98190b-FRA expires Thu, 01 May 2025 09:42:16 GMT
GET H2	200	_ssgManifest.js Show response bank-connection.hml.openbanking.picpay.com/_next/static/1LkrlgOMQO1vae_uc5la1/	77 B 137 B	452ms 451ms	Script application/javascript	2606:4700:4400::6812:2a56 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bank-connection.hml.openbanking.picpay.com/_next/static/1LkrlgOMQO1vae_uc5la1/_ssgManifest.js Requested by Host: bank-connection.hml.openbanking.picpay.com URL: https://bank-connection.hml.openbanking.picpay.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2a56 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://bank-connection.hml.openbanking.picpay.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 09:42:16 GMT content-encoding gzip cf-cache-status MISS last-modified Mon, 29 Apr 2024 13:14:26 GMT server cloudflare etag W/"4d-18f29fe0b50" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 x-envoy-upstream-service-time 28 cf-ray 87ced20d9e99190b-FRA expires Thu, 01 May 2025 09:42:16 GMT
GET H2	200	UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2 fonts.gstatic.com/s/inter/v13/	45 KB 46 KB	128ms 39ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2 Requested by Host: bank-connection.hml.openbanking.picpay.com URL: https://bank-connection.hml.openbanking.picpay.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://bank-connection.hml.openbanking.picpay.com/ Origin https://bank-connection.hml.openbanking.picpay.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 29 Apr 2024 18:20:53 GMT x-content-type-options nosniff age 141683 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 46552 x-xss-protection 0 last-modified Thu, 14 Sep 2023 00:46:39 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 29 Apr 2025 18:20:53 GMT
POST H2	200	bf Show response bf23690qhp.bf.dynatrace.com/	602 B 886 B	363ms 117ms	Fetch text/plain	3.223.81.29 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bf23690qhp.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_-2D28_sn_4N8FEATMAD267ODNFQ3SI7GHEAVFEAVV&svrid=-28&flavor=cors&vi=FRSACJQJNCIFUPWMPOOKVEMHDBQKCRMF-0&contentType=event&modifiedSince=1710891181314&rf=https%3A%2F%2Fbank-connection.hml.openbanking.picpay.com%2F&bp=3&app=57c10d71302077c6&v=10287240325103108&crc=170339565&en=525hnxdq&end=1 Requested by Host: js-cdn.dynatrace.com URL: https://js-cdn.dynatrace.com/jstag/17b628055ae/bf23690qhp/57c10d71302077c6_complete.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.223.81.29 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-223-81-29.compute-1.amazonaws.com Software / Resource Hash 3e135c3ca0c6fa30a9c5ab286996f9560b24a40f972b21d2afc5644d3f1a990e Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://bank-connection.hml.openbanking.picpay.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://bank-connection.hml.openbanking.picpay.com x-oneagent-js-injection true date Wed, 01 May 2024 09:42:17 GMT cache-control no-cache content-length 602 content-type text/plain;charset=utf-8
GET H2	200	favicon.ico bank-connection.hml.openbanking.picpay.com/	33 KB 7 KB	420ms 420ms	Other text/html	2606:4700:4400::6812:2a56 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bank-connection.hml.openbanking.picpay.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2a56 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Next.js Resource Hash 20d5e7de3a76fb996ea57d06d3a6a08a5e3c2309d76b44c6f0d089143ee7e01c Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://bank-connection.hml.openbanking.picpay.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 09:42:17 GMT content-encoding gzip cf-cache-status MISS server cloudflare x-powered-by Next.js vary Accept-Encoding content-type text/html; charset=utf-8 cache-control public, max-age=14400 x-envoy-upstream-service-time 7 cf-ray 87ced213df5f190b-FRA expires Wed, 01 May 2024 13:42:17 GMT
OPTIONS H2	200	providers gateway.service.ppay.me/openbanking/v4/	0 0	394ms 142ms	Preflight	18.235.34.206 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://gateway.service.ppay.me/openbanking/v4/providers?sortedBy=HIGHLIGHT_OVER_ALPHABETICAL Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.235.34.206 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-235-34-206.compute-1.amazonaws.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers app_version,campaign,channel,content-type,device_os,flowid,sessionid,token,x-origin Access-Control-Request-Method GET Origin https://bank-connection.hml.openbanking.picpay.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers access-control-allow-headers app_version,campaign,channel,content-type,device_os,flowid,sessionid,token,x-origin access-control-allow-methods GET,POST,OPTIONS access-control-allow-origin https://bank-connection.hml.openbanking.picpay.com access-control-max-age 3600 content-length 0 date Wed, 01 May 2024 09:42:17 GMT vary Origin x-request-id 7a90211f-8358-45c5-95af-f2b2f922a17e
GET H2	401	providers Show response gateway.service.ppay.me/openbanking/v4/	52 B 244 B	149ms 149ms	Fetch application/json	18.235.34.206 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://gateway.service.ppay.me/openbanking/v4/providers?sortedBy=HIGHLIGHT_OVER_ALPHABETICAL Requested by Host: js-cdn.dynatrace.com URL: https://js-cdn.dynatrace.com/jstag/17b628055ae/bf23690qhp/57c10d71302077c6_complete.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.235.34.206 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-235-34-206.compute-1.amazonaws.com Software / Resource Hash cb98dd8cef37a07799de786aa09d0da40aad9fb8ca0c175fdba99b440e505b74 Request headers device_os sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" x-origin Accept-Language de-DE,de;q=0.9;q=0.9 channel sec-ch-ua-platform "Win32" flowid cc489ace-4923-4dfb-9f4e-2c9c5c69feba sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 content-type application/json; charset=utf-8 accept application/json sessionid fe24c26a-6b33-4ab1-a68c-74470e64afa8 Referer https://bank-connection.hml.openbanking.picpay.com/ campaign token app_version Response headers access-control-allow-origin https://bank-connection.hml.openbanking.picpay.com date Wed, 01 May 2024 09:42:17 GMT content-length 52 vary Origin x-request-id 1c2d8637-02a3-40d3-8a2c-26983c3f9b2b content-type application/json; charset=utf-8
POST H2	200	page api-event-tracking.picpay.com/event-collector/	0 0	129ms 129ms	Fetch application/json	34.237.207.61 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api-event-tracking.picpay.com/event-collector/page Requested by Host: js-cdn.dynatrace.com URL: https://js-cdn.dynatrace.com/jstag/17b628055ae/bf23690qhp/57c10d71302077c6_complete.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.237.207.61 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-237-207-61.compute-1.amazonaws.com Software / Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 x-event-key cRlu7fuR853f2y8Ngfnn14EYgqIbbx12 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/json Referer https://bank-connection.hml.openbanking.picpay.com/ sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 09:42:17 GMT ratelimit-reset 43 content-type application/json; charset=utf-8 x-ratelimit-limit-minute 250 access-control-allow-origin * x-ratelimit-limit-hour 700 x-ratelimit-remaining-minute 249 x-ratelimit-remaining-hour 699 ratelimit-limit 250 ratelimit-remaining 249 content-length 0 x-request-id 7e34cdad-431c-4c05-ba4d-2b994a6f3339#88488103
OPTIONS H2	200	page api-event-tracking.picpay.com/event-collector/	0 0	367ms 120ms	Preflight	34.237.207.61 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api-event-tracking.picpay.com/event-collector/page Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.237.207.61 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-237-207-61.compute-1.amazonaws.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type,x-event-key Access-Control-Request-Method POST Origin https://bank-connection.hml.openbanking.picpay.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers access-control-allow-headers content-type,x-event-key access-control-allow-methods POST access-control-allow-origin * content-length 0 date Wed, 01 May 2024 09:42:17 GMT x-request-id 021dfe9b-fa68-43ca-b9ca-10f0929a26df#88443998
POST H2	200	bf Show response bf23690qhp.bf.dynatrace.com/	204 B 488 B	118ms 118ms	Fetch text/plain	3.223.81.29 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bf23690qhp.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_4_sn_4N8FEATMAD267ODNFQ3SI7GHEAVFEAVV_app-3A57c10d71302077c6_1_ol_0_perc_100000_mul_1&svrid=4&flavor=cors&vi=FRSACJQJNCIFUPWMPOOKVEMHDBQKCRMF-0&contentType=event&modifiedSince=1712759173560&rf=https%3A%2F%2Fbank-connection.hml.openbanking.picpay.com%2F&bp=3&app=57c10d71302077c6&v=10287240325103108&crc=1959937232&en=525hnxdq&end=1 Requested by Host: js-cdn.dynatrace.com URL: https://js-cdn.dynatrace.com/jstag/17b628055ae/bf23690qhp/57c10d71302077c6_complete.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.223.81.29 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-223-81-29.compute-1.amazonaws.com Software / Resource Hash 1c509d9af5e46ba14d083a077637f4c5d49e49a14632f58f9818b4850f760731 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://bank-connection.hml.openbanking.picpay.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://bank-connection.hml.openbanking.picpay.com x-oneagent-js-injection true date Wed, 01 May 2024 09:42:17 GMT cache-control no-cache content-length 204 content-type text/plain;charset=utf-8
POST H2	200	page api-event-tracking.picpay.com/event-collector/	0 0	126ms 126ms	Fetch application/json	34.237.207.61 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api-event-tracking.picpay.com/event-collector/page Requested by Host: js-cdn.dynatrace.com URL: https://js-cdn.dynatrace.com/jstag/17b628055ae/bf23690qhp/57c10d71302077c6_complete.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.237.207.61 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-237-207-61.compute-1.amazonaws.com Software / Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 x-event-key cRlu7fuR853f2y8Ngfnn14EYgqIbbx12 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/json Referer https://bank-connection.hml.openbanking.picpay.com/ sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 09:42:18 GMT ratelimit-reset 42 content-type application/json; charset=utf-8 x-ratelimit-limit-minute 250 access-control-allow-origin * x-ratelimit-limit-hour 700 x-ratelimit-remaining-minute 249 x-ratelimit-remaining-hour 699 ratelimit-limit 250 ratelimit-remaining 249 content-length 0 x-request-id 0b63edbc-1485-4f59-add6-ffd924a84862#88443487
POST H2	200	bf Show response bf23690qhp.bf.dynatrace.com/	204 B 487 B	118ms 118ms	Fetch text/plain	3.223.81.29 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bf23690qhp.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_4_sn_4N8FEATMAD267ODNFQ3SI7GHEAVFEAVV_app-3A57c10d71302077c6_1_ol_0_perc_100000_mul_1&svrid=4&flavor=cors&vi=FRSACJQJNCIFUPWMPOOKVEMHDBQKCRMF-0&modifiedSince=1712759173560&rf=https%3A%2F%2Fbank-connection.hml.openbanking.picpay.com%2F&bp=3&app=57c10d71302077c6&crc=980641911&en=525hnxdq&end=1 Requested by Host: js-cdn.dynatrace.com URL: https://js-cdn.dynatrace.com/jstag/17b628055ae/bf23690qhp/57c10d71302077c6_complete.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.223.81.29 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-223-81-29.compute-1.amazonaws.com Software / Resource Hash 1c509d9af5e46ba14d083a077637f4c5d49e49a14632f58f9818b4850f760731 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://bank-connection.hml.openbanking.picpay.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://bank-connection.hml.openbanking.picpay.com x-oneagent-js-injection true date Wed, 01 May 2024 09:42:19 GMT cache-control no-cache content-length 204 content-type text/plain;charset=utf-8

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| bridgeWebviewEvent function| InitBridge object| BridgeWebview function| setToken function| setConsumerId function| setInstallationId function| setSessionId function| setAppVersion function| setDeviceOS object| dT_ object| dtrum object| dynatrace object| webpackChunk_N_E function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E function| __NEXT_PRELOADREADY number| 2f1acc6c3a606b082e5eef5e54414ffb function| IMask object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST object| logs object| memoryStorage

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.openbanking.picpay.com/	1970-01-20 20:15:58	Name: __cf_bm Value: wdRoOSA3OO2E0MPjED7tCDFm7FIGWyWFHGgRVIFCxlo-1714556535-1.0.1.1-pGz1HGN4IelMHvpwCcBCaM_czGsdpehe2wJPfshIpuR7BA7kSTwnpTx0N6LSQr9Pqwf_fwY8XCBQtSuA2NTXmw
			.picpay.com/	1969-12-31 23:59:59	Name: rxVisitor Value: 17145565360967OATEJTOAQ657K4C0BUO4VUBT38VI1PB
			.picpay.com/	1969-12-31 23:59:59	Name: dtSa Value: -
			.picpay.com/	1969-12-31 23:59:59	Name: rxvt Value: 1714558336875|1714556536097
			.picpay.com/	1969-12-31 23:59:59	Name: dtPC Value: -28$356536094_764h-vFRSACJQJNCIFUPWMPOOKVEMHDBQKCRMF-0e0
			.picpay.com/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_4_sn_4N8FEATMAD267ODNFQ3SI7GHEAVFEAVV_app-3A57c10d71302077c6_1_ol_0_perc_100000_mul_1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://gateway.service.ppay.me/openbanking/v4/providers?sortedBy=HIGHLIGHT_OVER_ALPHABETICAL Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-event-tracking.picpay.com
bank-connection.hml.openbanking.picpay.com
bf23690qhp.bf.dynatrace.com
fonts.gstatic.com
gateway.service.ppay.me
js-cdn.dynatrace.com
18.235.34.206
2606:4700:4400::6812:2a56
2a00:1450:4001:800::2003
3.223.81.29
34.237.207.61
52.222.236.7
1c509d9af5e46ba14d083a077637f4c5d49e49a14632f58f9818b4850f760731
1fe48bcc1b857262e2061832510577426d6b9b8450014ce2141e0a95aad3e1c4
20d5e7de3a76fb996ea57d06d3a6a08a5e3c2309d76b44c6f0d089143ee7e01c
29d2f68be61f0255adb16f93754650ca088d8d479815329f6af0ab127d594314
3120f625072f639ae54ccf88d091bb8fc90ca45a595202abec4cb47db26318ee
3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1
3e135c3ca0c6fa30a9c5ab286996f9560b24a40f972b21d2afc5644d3f1a990e
49a52ff5e6117943fa2dd2bef60acf17055d759a37fbdf4fd1db9b60ccff9ef4
595e254bdd208e144acdb3589c17963e56454f55dfad2c2a8cd91a9dd8a4945d
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
7195b39d674ca205ad1a2e60de87b354f3407fbd11451a9a24d106752fc05e77
810651e96e21d7299c12c27b2d9725cf95515eff01084ee697189b441c186846
8ae63fa2ac26370c815129d7b4248d13640d7b6961b01be25887d1ee494f25bd
972dc9d78d0f9f9218f0e0355f5edf04423a3637dad9013eacff4fd52cbd7dec
cb98dd8cef37a07799de786aa09d0da40aad9fb8ca0c175fdba99b440e505b74