urlscan.io logo urlscan.io
SecurityTrails logo

br-open-banking-handoff.sumup-bank.info Open in urlscan Pro
2a05:d014:275:cb02::c8  Public Scan

Go To Rescan Add Verdict Report
URL: https://br-open-banking-handoff.sumup-bank.info/
Submission: On July 23 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 7 HTTP transactions. The main IP is 2a05:d014:275:cb02::c8, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is br-open-banking-handoff.sumup-bank.info.
TLS certificate: Issued by E5 on July 23rd 2024. Valid for: 3 months.
This is the only time br-open-banking-handoff.sumup-bank.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2a05:d014:275... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:244... 16509 (AMAZON-02)
2 76.76.21.61 16509 (AMAZON-02)
7 4
Apex Domain
Subdomains		 Transfer
3 sumup-bank.info
br-open-banking-handoff.sumup-bank.info
99 KB
2 sumup.com
static.sumup.com — Cisco Umbrella Rank: 422295
142 KB
1 ctfassets.net
images.ctfassets.net — Cisco Umbrella Rank: 5094
3 KB
1 google.com
play.google.com — Cisco Umbrella Rank: 73
18 KB
7 4
Domain Requested by
3 br-open-banking-handoff.sumup-bank.info br-open-banking-handoff.sumup-bank.info
2 static.sumup.com br-open-banking-handoff.sumup-bank.info
1 images.ctfassets.net br-open-banking-handoff.sumup-bank.info
1 play.google.com br-open-banking-handoff.sumup-bank.info
7 4

This site contains links to these domains. Also see Links.

Domain
sumup.com.br
play.google.com
apps.apple.com
Subject Issuer Validity Valid
br-open-banking-handoff.sumup-bank.info
E5		 2024-07-23 -
2024-10-21		 3 months crt.sh
*.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
images.ctfassets.net
Amazon RSA 2048 M02		 2023-12-19 -
2025-01-16		 a year crt.sh
static.sumup.com
R10		 2024-07-15 -
2024-10-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://br-open-banking-handoff.sumup-bank.info/
Frame ID: 7B11D2A0AD61B5204E7FB5B183045824
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SumUp Bank | Open Finance

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+(?:https?:)?//(?:assets|downloads|images|videos)\.(?:ct?fassets\.net|contentful\.com)

Page Statistics

7
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

262 kB
Transfer

456 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
br-open-banking-handoff.sumup-bank.info/ 		615 B
838 B 		Document
General
Check archive.org
Download Go to
Full URL
https://br-open-banking-handoff.sumup-bank.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
cd4702129ca7037b481487966aebfaaef8a5ffcee00957b522dd9ee6295ae292
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
738
cache-control
public,max-age=0,must-revalidate
cache-status
"Netlify Edge"; hit
content-length
615
content-type
text/html; charset=UTF-8
date
Tue, 23 Jul 2024 14:55:35 GMT
etag
"e12c09475e0cfd855f747aa7d12d5188-ssl"
server
Netlify
strict-transport-security
max-age=31536000
x-nf-request-id
01J3G1ECYDVWTGJ6G1XS4KAVKS
main.96c668aa.js
br-open-banking-handoff.sumup-bank.info/static/js/ 		292 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://br-open-banking-handoff.sumup-bank.info/static/js/main.96c668aa.js
Requested by
Host: br-open-banking-handoff.sumup-bank.info
URL: https://br-open-banking-handoff.sumup-bank.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
6b99cc3db36c05c87c7d3b2560dfde37d8563b0cb2f4056653f53c9f0c0f3c4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://br-open-banking-handoff.sumup-bank.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J3G1ECYT16N1Q4SN1GXN398J
date
Tue, 23 Jul 2024 14:55:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000
server
Netlify
age
0
cache-status
"Netlify Edge"; fwd=miss
etag
"e94e396a03f09772ab7f09429f87380d-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
pt-br_badge_web_generic.png
play.google.com/intl/en_us/badges/static/images/badges/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.google.com/intl/en_us/badges/static/images/badges/pt-br_badge_web_generic.png
Requested by
Host: br-open-banking-handoff.sumup-bank.info
URL: https://br-open-banking-handoff.sumup-bank.info/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1ad5e03f636d94b05448c1f156e39b012b9e1d772b730d9e27d066695531a6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://br-open-banking-handoff.sumup-bank.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 14:55:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/play_google
report-to
{"group":"uxe-owners-acl/play_google","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/play_google"}]}
content-type
image/png
cache-control
private, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17728
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="uxe-owners-acl/play_google"
expires
Tue, 23 Jul 2024 14:55:35 GMT
574e4daf9b32a-_ndice.png
images.ctfassets.net/txhaodyqr481/7IJfYbeS2vwffY0RXFc3uH/601928664817c0740011e44aa1ec4e8a/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/txhaodyqr481/7IJfYbeS2vwffY0RXFc3uH/601928664817c0740011e44aa1ec4e8a/574e4daf9b32a-_ndice.png?fm=webp&q=85&h=85
Requested by
Host: br-open-banking-handoff.sumup-bank.info
URL: https://br-open-banking-handoff.sumup-bank.info/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:2000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
71c60e725f9c1c6f020c747b714b5613ecc361d8bbeb83b5e4465f26dfd81abc

Request headers

Referer
https://br-open-banking-handoff.sumup-bank.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 14:55:35 GMT
via
1.1 b7258653b42aa6de9758e92b2878c108.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jun 2024 01:33:23 GMT
server
Contentful Images API
x-amz-cf-pop
AMS58-P6
etag
"a5d644195b7148560180994e9aeacad2"
x-cache
Miss from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
2994
x-amz-cf-id
qac788y3H5CCMdIYrlHv31AD3ikWLkYfUB6qxoPKb8rjdIKsMKQOEg==
aktiv-grotest-700.woff2
static.sumup.com/fonts/latin-greek-cyrillic/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.sumup.com/fonts/latin-greek-cyrillic/aktiv-grotest-700.woff2
Requested by
Host: br-open-banking-handoff.sumup-bank.info
URL: https://br-open-banking-handoff.sumup-bank.info/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
e451877da2530b878787df451468521a062720dd71f337838252e7723842a8d6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://br-open-banking-handoff.sumup-bank.info/
Origin
https://br-open-banking-handoff.sumup-bank.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 14:55:35 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
age
411567
x-dns-prefetch-control
on
content-disposition
inline; filename="aktiv-grotest-700.woff2"
content-length
71928
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
Vercel
x-vercel-id
fra1::88tml-1721746535625-9b628a501378
etag
"98d09f7aed2696f695a9610eb0dd5943"
x-vercel-cache
HIT
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, s-maxage=60, stale-while-revalidate=86400
accept-ranges
bytes
access-control-allow-headers
Authorization
aktiv-grotest-400.woff2
static.sumup.com/fonts/latin-greek-cyrillic/ 		71 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.sumup.com/fonts/latin-greek-cyrillic/aktiv-grotest-400.woff2
Requested by
Host: br-open-banking-handoff.sumup-bank.info
URL: https://br-open-banking-handoff.sumup-bank.info/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
d113ff86028bee5f78ca0c950f53d7159289fd7439abd59316abd2422ac2c567
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://br-open-banking-handoff.sumup-bank.info/
Origin
https://br-open-banking-handoff.sumup-bank.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 14:55:35 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
age
406681
x-dns-prefetch-control
on
content-disposition
inline; filename="aktiv-grotest-400.woff2"
content-length
73000
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
Vercel
x-vercel-id
fra1::n85bq-1721746535625-a6eba63078ef
etag
"aba3578609093365ea38d7a3355c7409"
x-vercel-cache
HIT
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, s-maxage=60, stale-while-revalidate=86400
accept-ranges
bytes
access-control-allow-headers
Authorization
favicon.png
br-open-banking-handoff.sumup-bank.info/assets/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://br-open-banking-handoff.sumup-bank.info/assets/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
96367c35bce20dc8c35916ecf09e735b823046d8e1773fa321e77eec6a673953
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://br-open-banking-handoff.sumup-bank.info/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J3G1EDC2TQB0PVB4B71SZFR2
date
Tue, 23 Jul 2024 14:55:35 GMT
strict-transport-security
max-age=31536000
server
Netlify
age
0
cache-status
"Netlify Edge"; fwd=miss
etag
"ff0acdfdda89f5ab4a66355ce15f52c2-ssl"
content-type
image/png
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
1724

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunkbr_open_banking_handoff

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000