URL: https://iiopay.com/
Submission: On November 28 via manual from BR — Scanned from DE

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 25 HTTP transactions. The main IP is 34.66.145.20, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is iiopay.com.
TLS certificate: Issued by R3 on November 26th 2023. Valid for: 3 months.
This is the only time iiopay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 34.66.145.20 396982 (GOOGLE-CL...)
8 2a00:1450:400... 15169 (GOOGLE)
3 3.220.53.239 14618 (AMAZON-AES)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
25 6
Apex Domain
Subdomains
Transfer
11 gstatic.com
www.gstatic.com
fonts.gstatic.com
881 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
37 KB
3 picpay.com
auth2.picpay.com Failed
3 KB
1 iiopay.com
iiopay.com
28 KB
25 4
Domain Requested by
8 www.gstatic.com iiopay.com
www.google.com
www.gstatic.com
4 www.google.com iiopay.com
www.gstatic.com
www.google.com
3 fonts.gstatic.com www.google.com
3 auth2.picpay.com iiopay.com
1 iiopay.com
25 5

This site contains no links.

Subject Issuer Validity Valid
iiopay.com
R3
2023-11-26 -
2024-02-24
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.picpay.com
Amazon RSA 2048 M02
2023-05-12 -
2024-06-09
a year crt.sh
www.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh

This page contains 3 frames:

Primary Page: https://iiopay.com/
Frame ID: 6F1829441AEAD2C7EC0B29DA142AB870
Requests: 13 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeljH0cAAAAAIurKXTZczmlQ1x3WTELlb8ft9aX&co=aHR0cHM6Ly9hdXRoMi5waWNwYXkuY29tOjQ0Mw..&hl=pt-BR&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=quxhcvcb6cki
Frame ID: 5926F6CAC51DB0169F216358DD243D23
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeljH0cAAAAAIurKXTZczmlQ1x3WTELlb8ft9aX&co=aHR0cHM6Ly9paW9wYXkuY29tOjQ0Mw..&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=5pt2uim0fmqe
Frame ID: E4AF4A20C0B2BE388E41C0170F2F48E9
Requests: 5 HTTP requests in this frame

Screenshot

Page Title

PicPay - Login

Detected technologies

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

25
Requests

76 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

6
IPs

2
Countries

949 kB
Transfer

2270 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
iiopay.com/
168 KB
28 KB
Document
General
Full URL
https://iiopay.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.66.145.20 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
20.145.66.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
cd138e8b70f0bad84c60deb7f94b8d7e9aae72302cbed35bf2ade78fc967643b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 28 Nov 2023 14:55:07 GMT
ETag
W/"65519c0a-29e20"
Last-Modified
Mon, 13 Nov 2023 03:46:18 GMT
Server
nginx/1.18.0
Transfer-Encoding
chunked
recaptcha__pt_br.js
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/
468 KB
189 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__pt_br.js
Requested by
Host: iiopay.com
URL: https://iiopay.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c667f33f78ccc9840960a3ef56c7c8d58670737ce399d9a11b489c7ff3cf1a74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iiopay.com/
Origin
https://iiopay.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 10:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14595
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192462
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 03:03:27 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Nov 2024 10:51:52 GMT
files.js
auth2.picpay.com/auth/resources/wib9r/login/internet-banking-pf/src/utils/files/
0
0

global.css
auth2.picpay.com/auth/resources/wib9r/login/internet-banking-pf/src/assets/styles/
432 B
777 B
Stylesheet
General
Full URL
https://auth2.picpay.com/auth/resources/wib9r/login/internet-banking-pf/src/assets/styles/global.css?v=1.0.7
Requested by
Host: iiopay.com
URL: https://iiopay.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.53.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-53-239.compute-1.amazonaws.com
Software
/
Resource Hash
bbc5c31df2f78c565a4ed7e15ee3effe45de6c8bc135b06c8d88700dc0264034
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iiopay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 14:55:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
content-encoding
gzip
via
kong/2.8.3
x-kong-proxy-latency
1
content-type
text/css;charset=UTF-8
x-kong-upstream-latency
2
cache-control
max-age=2592000
content-length
246
x-xss-protection
1; mode=block
my-theme.css
auth2.picpay.com/auth/resources/wib9r/login/internet-banking-pf/src/assets/styles/
176 B
681 B
Stylesheet
General
Full URL
https://auth2.picpay.com/auth/resources/wib9r/login/internet-banking-pf/src/assets/styles/my-theme.css?v=1.0.7
Requested by
Host: iiopay.com
URL: https://iiopay.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.53.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-53-239.compute-1.amazonaws.com
Software
/
Resource Hash
298f06310c5f035553e53bac0cc39f5b9dc9c22086fd72c3aaeccd92d266bbea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iiopay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 14:55:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
content-encoding
gzip
via
kong/2.8.3
x-kong-proxy-latency
0
content-type
text/css;charset=UTF-8
x-kong-upstream-latency
2
cache-control
max-age=2592000
content-length
151
x-xss-protection
1; mode=block
logo.png
auth2.picpay.com/auth/resources/wib9r/login/internet-banking-pf/src/assets/images/
1 KB
2 KB
Image
General
Full URL
https://auth2.picpay.com/auth/resources/wib9r/login/internet-banking-pf/src/assets/images/logo.png
Requested by
Host: iiopay.com
URL: https://iiopay.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.53.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-53-239.compute-1.amazonaws.com
Software
/
Resource Hash
59ef746ee78f878ef6853aa4559bf84bd5861c60a4b32de7285e1d5d44eda106
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iiopay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 14:55:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
via
kong/2.8.3
x-kong-proxy-latency
1
content-type
image/png
x-kong-upstream-latency
4
cache-control
max-age=2592000
content-length
1301
x-xss-protection
1; mode=block
api.js
www.google.com/recaptcha/
1 KB
1 KB
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6LeljH0cAAAAAIurKXTZczmlQ1x3WTELlb8ft9aX
Requested by
Host: iiopay.com
URL: https://iiopay.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
225defa3554cd94ed8b65fc567324059dbde2e42260a04a6d4b5c35551453dcd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://iiopay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 14:55:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Tue, 28 Nov 2023 14:55:07 GMT
dependencies.js
auth2.picpay.com/auth/resources/wib9r/login/internet-banking-pf/builds/default-theme/
0
0

template.js
auth2.picpay.com/auth/resources/wib9r/login/internet-banking-pf/src/pages/template/
0
0

login.js
auth2.picpay.com/auth/resources/wib9r/login/internet-banking-pf/src/pages/login/
0
0

interface.svg
auth2.picpay.com/auth/resources/wib9r/login/internet-banking-pf/builds/design-system/www/assets/design-system/icons/
0
0

recaptcha__de.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/
468 KB
188 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeljH0cAAAAAIurKXTZczmlQ1x3WTELlb8ft9aX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iiopay.com/
Origin
https://iiopay.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 13:42:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4363
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192016
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Nov 2024 13:42:24 GMT
anchor
www.google.com/recaptcha/api2/ Frame 5926
60 KB
34 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeljH0cAAAAAIurKXTZczmlQ1x3WTELlb8ft9aX&co=aHR0cHM6Ly9hdXRoMi5waWNwYXkuY29tOjQ0Mw..&hl=pt-BR&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=quxhcvcb6cki
Requested by
Host: iiopay.com
URL: https://iiopay.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2e645c283a48426176bc50829b808c9aa68c0e1f02466502cd6b187efa4fc833
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5LQa_W66FY0q0TcyHisVeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iiopay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-5LQa_W66FY0q0TcyHisVeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 14:55:07 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
recaptcha.js
auth2.picpay.com/auth/resources/wib9r/login/internet-banking-pf/src/utils/recaptcha/
0
0

styles__ltr.css
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame 5926
55 KB
55 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeljH0cAAAAAIurKXTZczmlQ1x3WTELlb8ft9aX&co=aHR0cHM6Ly9hdXRoMi5waWNwYXkuY29tOjQ0Mw..&hl=pt-BR&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=quxhcvcb6cki
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:30:12 GMT
x-content-type-options
nosniff
age
386695
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56398
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 03:03:27 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 23 Nov 2024 03:30:12 GMT
recaptcha__pt_br.js
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame 5926
468 KB
188 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__pt_br.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeljH0cAAAAAIurKXTZczmlQ1x3WTELlb8ft9aX&co=aHR0cHM6Ly9hdXRoMi5waWNwYXkuY29tOjQ0Mw..&hl=pt-BR&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=quxhcvcb6cki
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c667f33f78ccc9840960a3ef56c7c8d58670737ce399d9a11b489c7ff3cf1a74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 10:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14595
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192462
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 03:03:27 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Nov 2024 10:51:52 GMT
anchor
www.google.com/recaptcha/api2/ Frame E4AF
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeljH0cAAAAAIurKXTZczmlQ1x3WTELlb8ft9aX&co=aHR0cHM6Ly9paW9wYXkuY29tOjQ0Mw..&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=5pt2uim0fmqe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1e46ce93be0f2bb4cabe4dab9ccfbdeb9c7d9ed4f3162cb812caa033adcdbd13
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kfuGOSCKun3XRYuEB4Ug-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iiopay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-kfuGOSCKun3XRYuEB4Ug-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 14:55:08 GMT
expires
Tue, 28 Nov 2023 14:55:08 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame E4AF
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeljH0cAAAAAIurKXTZczmlQ1x3WTELlb8ft9aX&co=aHR0cHM6Ly9paW9wYXkuY29tOjQ0Mw..&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=5pt2uim0fmqe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 08:31:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23010
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Nov 2024 08:31:38 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame E4AF
468 KB
188 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeljH0cAAAAAIurKXTZczmlQ1x3WTELlb8ft9aX&co=aHR0cHM6Ly9paW9wYXkuY29tOjQ0Mw..&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=5pt2uim0fmqe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 13:42:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4364
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192016
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Nov 2024 13:42:24 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 5926
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 20:04:28 GMT
x-content-type-options
nosniff
age
67840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 04 Dec 2023 20:04:28 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5926
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeljH0cAAAAAIurKXTZczmlQ1x3WTELlb8ft9aX&co=aHR0cHM6Ly9hdXRoMi5waWNwYXkuY29tOjQ0Mw..&hl=pt-BR&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=quxhcvcb6cki
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 02:58:03 GMT
x-content-type-options
nosniff
age
302225
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 02:58:03 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5926
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeljH0cAAAAAIurKXTZczmlQ1x3WTELlb8ft9aX&co=aHR0cHM6Ly9hdXRoMi5waWNwYXkuY29tOjQ0Mw..&hl=pt-BR&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=quxhcvcb6cki
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 18:52:48 GMT
x-content-type-options
nosniff
age
331340
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 18:52:48 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 5926
105 B
138 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=pt-BR&v=fGZmEzpfeSeqDJiApS_XZ4Y2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeljH0cAAAAAIurKXTZczmlQ1x3WTELlb8ft9aX&co=aHR0cHM6Ly9hdXRoMi5waWNwYXkuY29tOjQ0Mw..&hl=pt-BR&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=quxhcvcb6cki
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
daf6f2730e7d4f80835bf0b450f01655f24f51797ff33133422e4e0c6909f3a9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeljH0cAAAAAIurKXTZczmlQ1x3WTELlb8ft9aX&co=aHR0cHM6Ly9hdXRoMi5waWNwYXkuY29tOjQ0Mw..&hl=pt-BR&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=quxhcvcb6cki
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 14:55:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Tue, 28 Nov 2023 14:55:08 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame E4AF
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 20:04:28 GMT
x-content-type-options
nosniff
age
67840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 04 Dec 2023 20:04:28 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E4AF
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeljH0cAAAAAIurKXTZczmlQ1x3WTELlb8ft9aX&co=aHR0cHM6Ly9paW9wYXkuY29tOjQ0Mw..&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=5pt2uim0fmqe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 02:58:03 GMT
x-content-type-options
nosniff
age
302225
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 02:58:03 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
auth2.picpay.com
URL
https://auth2.picpay.com/auth/resources/wib9r/login/internet-banking-pf/src/utils/files/files.js
Domain
auth2.picpay.com
URL
https://auth2.picpay.com/auth/resources/wib9r/login/internet-banking-pf/builds/default-theme/dependencies.js?v=1.0.7
Domain
auth2.picpay.com
URL
https://auth2.picpay.com/auth/resources/wib9r/login/internet-banking-pf/src/pages/template/template.js?v=1.0.7
Domain
auth2.picpay.com
URL
https://auth2.picpay.com/auth/resources/wib9r/login/internet-banking-pf/src/pages/login/login.js?v=1.0.7
Domain
auth2.picpay.com
URL
https://auth2.picpay.com/auth/resources/wib9r/login/internet-banking-pf/builds/design-system/www/assets/design-system/icons/interface.svg
Domain
auth2.picpay.com
URL
https://auth2.picpay.com/auth/resources/wib9r/login/internet-banking-pf/src/utils/recaptcha/recaptcha.js

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture object| keycloak object| recaptcha object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| closure_lm_652136

0 Cookies

12 Console Messages

Source Level URL
Text
javascript error URL: https://iiopay.com/(Line 50)
Message:
Access to script at 'https://auth2.picpay.com/auth/resources/wib9r/login/internet-banking-pf/src/pages/login/login.js?v=1.0.7' from origin 'https://iiopay.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://auth2.picpay.com/auth/resources/wib9r/login/internet-banking-pf/src/pages/login/login.js?v=1.0.7
Message:
Failed to load resource: net::ERR_FAILED
security error URL: https://iiopay.com/(Line 79)
Message:
Unsafe attempt to load URL https://auth2.picpay.com/auth/resources/wib9r/login/internet-banking-pf/builds/design-system/www/assets/design-system/icons/interface.svg from frame with URL https://iiopay.com/. Domains, protocols and ports must match.
javascript error URL: https://iiopay.com/(Line 162)
Message:
Access to script at 'https://auth2.picpay.com/auth/resources/wib9r/login/internet-banking-pf/src/pages/template/template.js?v=1.0.7' from origin 'https://iiopay.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://auth2.picpay.com/auth/resources/wib9r/login/internet-banking-pf/src/pages/template/template.js?v=1.0.7
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://iiopay.com/(Line 162)
Message:
Access to script at 'https://auth2.picpay.com/auth/resources/wib9r/login/internet-banking-pf/src/utils/files/files.js' from origin 'https://iiopay.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://auth2.picpay.com/auth/resources/wib9r/login/internet-banking-pf/src/utils/files/files.js
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://iiopay.com/
Message:
Access to script at 'https://auth2.picpay.com/auth/resources/wib9r/login/internet-banking-pf/builds/default-theme/dependencies.js?v=1.0.7' from origin 'https://iiopay.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://auth2.picpay.com/auth/resources/wib9r/login/internet-banking-pf/builds/default-theme/dependencies.js?v=1.0.7
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://iiopay.com/
Message:
Access to script at 'https://auth2.picpay.com/auth/resources/wib9r/login/internet-banking-pf/src/utils/recaptcha/recaptcha.js' from origin 'https://iiopay.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://auth2.picpay.com/auth/resources/wib9r/login/internet-banking-pf/src/utils/recaptcha/recaptcha.js
Message:
Failed to load resource: net::ERR_FAILED
security error URL: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__pt_br.js(Line 435)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://auth2.picpay.com') does not match the recipient window's origin ('https://iiopay.com').