bank-link-widget-demo.grailpay.com Open in urlscan Pro
54.204.238.15  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response bank-link-widget-demo.grailpay.com/	10 KB 11 KB	403ms 124ms	Document text/html	54.204.238.15 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bank-link-widget-demo.grailpay.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.204.238.15 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-204-238-15.compute-1.amazonaws.com Software Cowboy / Express Resource Hash 63c9e3e0bd674ee6a2f73463b03eea5d31209389b84b4faa81f2b6192864e208 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Accept-Ranges bytes Cache-Control public, max-age=0 Connection keep-alive Content-Length 10268 Content-Type text/html; charset=UTF-8 Date Fri, 09 Aug 2024 15:27:44 GMT Etag W/"281c-1912277df58" Last-Modified Mon, 05 Aug 2024 12:16:07 GMT Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1723217264&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=LJzf9NNzkigIPjRRvVT93QWY7NC9MgJC%2BAntQXHXrdU%3D"}]} Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1723217264&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=LJzf9NNzkigIPjRRvVT93QWY7NC9MgJC%2BAntQXHXrdU%3D Server Cowboy Via 1.1 vegur X-Powered-By Express
GET H2	200	grailpay-qa.min.js Show response cdn.jsdelivr.net/npm/@grailpay/banklink-widget@0.1.7/dist/	234 KB 56 KB	65ms 22ms	Script application/javascript	2a04:4e42:400::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@grailpay/banklink-widget@0.1.7/dist/grailpay-qa.min.js Requested by Host: bank-link-widget-demo.grailpay.com URL: https://bank-link-widget-demo.grailpay.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash fefeb13de5638063186a323eb74de8ca32c79af4fa92bfa25141b603b12f5fff Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://bank-link-widget-demo.grailpay.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 09 Aug 2024 15:27:44 GMT x-content-type-options nosniff content-encoding br age 700674 x-jsd-version 0.1.7 x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 56917 x-served-by cache-fra-etou8220126-FRA x-jsd-version-type version etag W/"3a693-7GcbAWFFbvaIkhLU4OCwK4+kxr0" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H3	200	inter-400.ttf cdn.jsdelivr.net/npm/@grailpay/banklink-widget@0.1.7/dist/fonts/	303 KB 130 KB	47ms 23ms	Font font/ttf	2a04:4e42:400::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@grailpay/banklink-widget@0.1.7/dist/fonts/inter-400.ttf Requested by Host: bank-link-widget-demo.grailpay.com URL: https://bank-link-widget-demo.grailpay.com/ Protocol H3 Security QUIC, , AES_256_GCM Server 2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 3127f0b873387ee37e2040135a06e9e9c05030f509eb63689529becf28b50384 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://bank-link-widget-demo.grailpay.com/ Origin https://bank-link-widget-demo.grailpay.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 09 Aug 2024 15:27:44 GMT x-content-type-options nosniff content-encoding br age 700674 x-jsd-version 0.1.7 x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 133173 x-served-by cache-fra-etou8220154-FRA x-jsd-version-type version etag W/"4bbec-z6eA0LULK7fqy4KYTxsYqVqqQMU" vary Accept-Encoding content-type font/ttf access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H3	200	inter-500.ttf cdn.jsdelivr.net/npm/@grailpay/banklink-widget@0.1.7/dist/fonts/	308 KB 140 KB	46ms 22ms	Font font/ttf	2a04:4e42:400::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@grailpay/banklink-widget@0.1.7/dist/fonts/inter-500.ttf Requested by Host: bank-link-widget-demo.grailpay.com URL: https://bank-link-widget-demo.grailpay.com/ Protocol H3 Security QUIC, , AES_256_GCM Server 2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash a645f55492d1c8cdace43c72be8cbec08e680b5a86d8b4c2d1c50d6e41e9cc96 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://bank-link-widget-demo.grailpay.com/ Origin https://bank-link-widget-demo.grailpay.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 09 Aug 2024 15:27:44 GMT x-content-type-options nosniff content-encoding br age 700613 x-jsd-version 0.1.7 x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 142658 x-served-by cache-fra-etou8220154-FRA x-jsd-version-type version etag W/"4cefc-529YCBHgMYE+cVATGgckgRzdc3o" vary Accept-Encoding content-type font/ttf access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H3	200	inter-700.ttf cdn.jsdelivr.net/npm/@grailpay/banklink-widget@0.1.7/dist/fonts/	309 KB 141 KB	87ms 63ms	Font font/ttf	2a04:4e42:400::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@grailpay/banklink-widget@0.1.7/dist/fonts/inter-700.ttf Requested by Host: bank-link-widget-demo.grailpay.com URL: https://bank-link-widget-demo.grailpay.com/ Protocol H3 Security QUIC, , AES_256_GCM Server 2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 412c068eab6f36e6807d630ff89127165e8e4d3e8653434cdfb56b60cdcc3a32 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://bank-link-widget-demo.grailpay.com/ Origin https://bank-link-widget-demo.grailpay.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 09 Aug 2024 15:27:44 GMT x-content-type-options nosniff content-encoding br age 700673 x-jsd-version 0.1.7 x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 143896 x-served-by cache-fra-etou8220154-FRA x-jsd-version-type version etag W/"4d4a8-R/8Hx1dGaCEzuB56wFN85QpMmRY" vary Accept-Encoding content-type font/ttf access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H/1.1	404 Not Found	favicon.ico bank-link-widget-demo.grailpay.com/	150 B 936 B	122ms 122ms	Other text/html	54.204.238.15 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bank-link-widget-demo.grailpay.com/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.204.238.15 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-204-238-15.compute-1.amazonaws.com Software Cowboy / Express Resource Hash 6e21162bc64073fe9e3d3d6375ca24d04fed1912a5b7716aac0cb0f2d16fae7c Security Headers Name Value Content-Security-Policy default-src 'none' X-Content-Type-Options nosniff Request headers Referer https://bank-link-widget-demo.grailpay.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Content-Security-Policy default-src 'none' Date Fri, 09 Aug 2024 15:27:44 GMT X-Content-Type-Options nosniff Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Server Cowboy Via 1.1 vegur X-Powered-By Express Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1723217264&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=LJzf9NNzkigIPjRRvVT93QWY7NC9MgJC%2BAntQXHXrdU%3D"}]} Content-Type text/html; charset=utf-8 Connection keep-alive Content-Length 150 Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1723217264&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=LJzf9NNzkigIPjRRvVT93QWY7NC9MgJC%2BAntQXHXrdU%3D

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| loadScript string| role object| userInput object| vendorInput object| tokenInput object| timeoutInput object| initWidgetButton object| openWidgetButton object| roleSelect object| brandingInput object| subtitleInput object| searchPlaceholderInput function| a0_0xcc26 function| a0_0x5653 object| grailpay

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bank-link-widget-demo.grailpay.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bank-link-widget-demo.grailpay.com
cdn.jsdelivr.net
2a04:4e42:400::485
54.204.238.15
3127f0b873387ee37e2040135a06e9e9c05030f509eb63689529becf28b50384
412c068eab6f36e6807d630ff89127165e8e4d3e8653434cdfb56b60cdcc3a32
63c9e3e0bd674ee6a2f73463b03eea5d31209389b84b4faa81f2b6192864e208
6e21162bc64073fe9e3d3d6375ca24d04fed1912a5b7716aac0cb0f2d16fae7c
a645f55492d1c8cdace43c72be8cbec08e680b5a86d8b4c2d1c50d6e41e9cc96
fefeb13de5638063186a323eb74de8ca32c79af4fa92bfa25141b603b12f5fff