www.payment.nuawin.com Open in urlscan Pro
192.185.149.133  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.payment.nuawin.com/	2 KB 2 KB	1085ms 793ms	Document text/html	192.185.149.133 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.payment.nuawin.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.149.133 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-149-133.unifiedlayer.com Software Apache / Resource Hash cfe8b8395328073bf7f2ea46e6139115bca8eba041aba4655bc460a56afa0bd7 Request headers :method GET :authority www.payment.nuawin.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 12 Jan 2021 10:09:29 GMT server Apache cache-control no-cache, private set-cookie XSRF-TOKEN=eyJpdiI6InhON1pJdzdlbnFpeWpRUTNcL1NDUXJBPT0iLCJ2YWx1ZSI6InJNbUpzQkdCanFFS0lJU0xwdkVLQVFRWHZseDA4UVN5VUVnRXBpT0g0K3cyZWt3MSsra09RUXRDUXhNcEgybDYiLCJtYWMiOiIwZjU2ZDI1NjVmMGIxMWZlYjU5ZTE2YTkyZmU0OTQzNGFhZDYwMDg2MGJkMzUyNTY0MGNmNWVkNzE0NGVmOWYzIn0%3D; expires=Tue, 12-Jan-2021 12:09:29 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6IjNjNVk5cnM0SkF4K3E3b1h3VmhWcUE9PSIsInZhbHVlIjoiQWxFaUs3TXhCWXMyOFdlQ0ROQ1ZORlA1ZWoyRjhUR0VteE5SN1JOZ0dETGlCZ0ZNR3kzeVRjbkl5ZDJMaDZWbCIsIm1hYyI6IjFkZjMwMjI5Y2VmZmYzZGJhNTQyMGY4ZjBiODRjYzE2ZTJjNmYyNTNiNDI0YjFkYWFkOGU5M2EwZmUzN2RmZGQifQ%3D%3D; expires=Tue, 12-Jan-2021 12:09:29 GMT; Max-Age=7200; path=/; httponly vary Accept-Encoding content-encoding gzip content-length 920 content-type text/html; charset=UTF-8
GET H2	200	css fonts.googleapis.com/	2 KB 535 B	15ms 15ms	Stylesheet text/css	2a00:1450:4001:800::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Cairo:200,600 Requested by Host: www.payment.nuawin.com URL: https://www.payment.nuawin.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 36ceb790a12e9cd2f2ba27e015c1a98b044976bbfca9b4f49ec88e2ca0d3496a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.payment.nuawin.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 12 Jan 2021 10:09:29 GMT server ESF date Tue, 12 Jan 2021 10:09:29 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 12 Jan 2021 10:09:29 GMT
GET H2	200	n_logo.png www.payment.nuawin.com/assets/	23 KB 23 KB	151ms 151ms	Image image/png	192.185.149.133 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://www.payment.nuawin.com/assets/n_logo.png Requested by Host: www.payment.nuawin.com URL: https://www.payment.nuawin.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.149.133 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-149-133.unifiedlayer.com Software Apache / Resource Hash 7e6abe63af521d76c01e478681b6997a5f5d608c8e59f68aa858036907e84412 Request headers Referer https://www.payment.nuawin.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 12 Jan 2021 10:09:29 GMT last-modified Wed, 19 Aug 2020 02:09:08 GMT server Apache accept-ranges bytes content-length 23153 content-type image/png
GET H/1.1	200 OK	paymentWidgets.js Show response test.oppwa.com/v1/	2 KB 2 KB	194ms 89ms	Script application/javascript	185.147.172.66 ACI-WORLDWIDE
General Check archive.org Show headers Download Go to Full URL https://test.oppwa.com/v1/paymentWidgets.js?checkoutId=51C41851923F438133239C1DCAFAD382.uat01-vm-tx01 Requested by Host: www.payment.nuawin.com URL: https://www.payment.nuawin.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.147.172.66 , Ireland, ASN14297 (ACI-WORLDWIDE, US), Reverse DNS test.ctpe.net Software Apache-Coyote/1.1 / Resource Hash 287e2f0b465b24642adb4d232c6b65456d8c6003de7b9ff0c0dd18e64c92cf6b Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff, nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.payment.nuawin.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 12 Jan 2021 10:09:29 GMT Content-Encoding gzip X-Content-Type-Options nosniff, nosniff Transfer-Encoding chunked Connection Keep-Alive X-XSS-Protection 1; mode=block Pragma no-cache Server Apache-Coyote/1.1 vary accept-encoding Strict-Transport-Security max-age=63072000; includeSubdomains; preload Content-Language en-US Access-Control-Allow-Origin * Cache-Control private, no-cache, no-store Access-Control-Allow-Credentials true X-Application-WAF-Action allow Content-Type application/javascript;charset=UTF-8 Keep-Alive timeout=5, max=100
GET H/1.1	200 OK	static.min.js Show response test.oppwa.com/v1/static/60f09a7c7bd3814d470e28055de86f29/js/	597 KB 156 KB	61ms 61ms	Script text/javascript	185.147.172.66 ACI-WORLDWIDE
General Check archive.org Show headers Download Go to Full URL https://test.oppwa.com/v1/static/60f09a7c7bd3814d470e28055de86f29/js/static.min.js Requested by Host: test.oppwa.com URL: https://test.oppwa.com/v1/paymentWidgets.js?checkoutId=51C41851923F438133239C1DCAFAD382.uat01-vm-tx01 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.147.172.66 , Ireland, ASN14297 (ACI-WORLDWIDE, US), Reverse DNS test.ctpe.net Software Apache-Coyote/1.1 / Resource Hash 0f5ab05591f0296e2592214b04a36fa90d08d8dab9deddc738bf24154af6369f Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff, nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.payment.nuawin.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 12 Jan 2021 10:09:29 GMT Content-Encoding gzip X-Content-Type-Options nosniff, nosniff Transfer-Encoding chunked Connection Keep-Alive X-XSS-Protection 1; mode=block Pragma no-cache Last-Modified Fri, 08 Jan 2021 13:10:20 GMT Server Apache-Coyote/1.1 vary accept-encoding Strict-Transport-Security max-age=63072000; includeSubdomains; preload Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control private, no-cache, no-store, max-age=31536000, public Access-Control-Allow-Credentials true X-Application-WAF-Action allow Accept-Ranges bytes Keep-Alive timeout=5, max=99
GET H/1.1	200 OK	pciIframe.html test.oppwa.com/v1/ Frame 7142	0 0	55ms 55ms	Document text/html	185.147.172.66 ACI-WORLDWIDE
General Check archive.org Show headers Download Go to Full URL https://test.oppwa.com/v1/pciIframe.html?checkoutId=51C41851923F438133239C1DCAFAD382.uat01-vm-tx01 Requested by Host: test.oppwa.com URL: https://test.oppwa.com/v1/static/60f09a7c7bd3814d470e28055de86f29/js/static.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.147.172.66 , Ireland, ASN14297 (ACI-WORLDWIDE, US), Reverse DNS test.ctpe.net Software Apache-Coyote/1.1 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff nosniff X-Xss-Protection 1; mode=block Request headers Host test.oppwa.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.payment.nuawin.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.payment.nuawin.com/ Response headers Date Tue, 12 Jan 2021 10:09:29 GMT Server Apache-Coyote/1.1 Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff nosniff X-XSS-Protection 1; mode=block Cache-Control private, no-cache, no-store Pragma no-cache X-Application-WAF-Action allow Access-Control-Allow-Origin * Access-Control-Allow-Credentials true Content-Type text/html;charset=utf-8 Content-Language en-US Vary Accept-Encoding Content-Encoding gzip Content-Length 807 Keep-Alive timeout=5, max=98 Connection Keep-Alive
GET H/1.1	200 OK	pciIframe.html test.oppwa.com/v1/ Frame C9FD	0 0	115ms 61ms	Document text/html	185.147.172.66 ACI-WORLDWIDE
General Check archive.org Show headers Download Go to Full URL https://test.oppwa.com/v1/pciIframe.html?checkoutId=51C41851923F438133239C1DCAFAD382.uat01-vm-tx01 Requested by Host: test.oppwa.com URL: https://test.oppwa.com/v1/static/60f09a7c7bd3814d470e28055de86f29/js/static.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.147.172.66 , Ireland, ASN14297 (ACI-WORLDWIDE, US), Reverse DNS test.ctpe.net Software Apache-Coyote/1.1 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff nosniff X-Xss-Protection 1; mode=block Request headers Host test.oppwa.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.payment.nuawin.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.payment.nuawin.com/ Response headers Date Tue, 12 Jan 2021 10:09:29 GMT Server Apache-Coyote/1.1 Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff nosniff X-XSS-Protection 1; mode=block Cache-Control private, no-cache, no-store Pragma no-cache X-Application-WAF-Action allow Access-Control-Allow-Origin * Access-Control-Allow-Credentials true Content-Type text/html;charset=utf-8 Content-Language en-US Vary Accept-Encoding Content-Encoding gzip Content-Length 807 Keep-Alive timeout=5, max=97 Connection Keep-Alive
GET H/1.1	200 OK	plain.min.css test.oppwa.com/v1/static/60f09a7c7bd3814d470e28055de86f29/css/	44 KB 9 KB	152ms 59ms	Stylesheet text/css	185.147.172.66 ACI-WORLDWIDE
General Check archive.org Show headers Download Go to Full URL https://test.oppwa.com/v1/static/60f09a7c7bd3814d470e28055de86f29/css/plain.min.css Requested by Host: test.oppwa.com URL: https://test.oppwa.com/v1/static/60f09a7c7bd3814d470e28055de86f29/js/static.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.147.172.66 , Ireland, ASN14297 (ACI-WORLDWIDE, US), Reverse DNS test.ctpe.net Software Apache-Coyote/1.1 / Resource Hash 0ba2d444db6bdfb4fe3234537b07c31fa025605237797fc679e30b130a510471 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff, nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.payment.nuawin.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 12 Jan 2021 10:09:29 GMT Content-Encoding gzip X-Content-Type-Options nosniff, nosniff Transfer-Encoding chunked Connection Keep-Alive X-XSS-Protection 1; mode=block Pragma no-cache Last-Modified Fri, 08 Jan 2021 13:10:20 GMT Server Apache-Coyote/1.1 vary accept-encoding Strict-Transport-Security max-age=63072000; includeSubdomains; preload Content-Type text/css Access-Control-Allow-Origin * Cache-Control private, no-cache, no-store, max-age=31536000, public Access-Control-Allow-Credentials true X-Application-WAF-Action allow Accept-Ranges bytes Keep-Alive timeout=5, max=100
GET H/1.1	200 OK	internalRequestIframe.html test.oppwa.com/v1/ Frame F222	0 0	141ms 51ms	Document text/html	185.147.172.66 ACI-WORLDWIDE
General Check archive.org Show headers Download Go to Full URL https://test.oppwa.com/v1/internalRequestIframe.html Requested by Host: test.oppwa.com URL: https://test.oppwa.com/v1/static/60f09a7c7bd3814d470e28055de86f29/js/static.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.147.172.66 , Ireland, ASN14297 (ACI-WORLDWIDE, US), Reverse DNS test.ctpe.net Software Apache-Coyote/1.1 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff nosniff X-Xss-Protection 1; mode=block Request headers Host test.oppwa.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.payment.nuawin.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.payment.nuawin.com/ Response headers Date Tue, 12 Jan 2021 10:09:29 GMT Server Apache-Coyote/1.1 Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff nosniff X-XSS-Protection 1; mode=block Cache-Control private, no-cache, no-store Pragma no-cache X-Application-WAF-Action allow Access-Control-Allow-Origin * Access-Control-Allow-Credentials true Content-Type text/html;charset=utf-8 Content-Language en-US Vary Accept-Encoding Content-Encoding gzip Content-Length 287 Keep-Alive timeout=5, max=100 Connection Keep-Alive
GET H/1.1	200 OK	brand.png test.oppwa.com/v1/static/60f09a7c7bd3814d470e28055de86f29/img/	145 KB 145 KB	52ms 51ms	Image image/png	185.147.172.66 ACI-WORLDWIDE
General Check archive.org Show headers Download Go to Show image Full URL https://test.oppwa.com/v1/static/60f09a7c7bd3814d470e28055de86f29/img/brand.png Requested by Host: test.oppwa.com URL: https://test.oppwa.com/v1/static/60f09a7c7bd3814d470e28055de86f29/css/plain.min.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.147.172.66 , Ireland, ASN14297 (ACI-WORLDWIDE, US), Reverse DNS test.ctpe.net Software Apache-Coyote/1.1 / Resource Hash 8277dabead822c4a5d4175f57c4f98eefd2b3c863e14fa156bef9c490ff9e081 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff, nosniff X-Xss-Protection 1; mode=block Request headers Referer https://test.oppwa.com/v1/static/60f09a7c7bd3814d470e28055de86f29/css/plain.min.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 12 Jan 2021 10:09:29 GMT Content-Encoding gzip X-Content-Type-Options nosniff, nosniff Transfer-Encoding chunked Connection Keep-Alive X-XSS-Protection 1; mode=block Pragma no-cache Last-Modified Fri, 08 Jan 2021 13:10:20 GMT Server Apache-Coyote/1.1 Vary Accept-Encoding Strict-Transport-Security max-age=63072000; includeSubdomains; preload Content-Type image/png Access-Control-Allow-Origin * Cache-Control private, no-cache, no-store, max-age=31536000, public Access-Control-Allow-Credentials true X-Application-WAF-Action allow Accept-Ranges bytes Keep-Alive timeout=5, max=99
POST H/1.1	200 OK	logs Show response test.oppwa.com/v1/checkouts/51C41851923F438133239C1DCAFAD382.uat01-vm-tx01/	16 B 560 B	152ms 53ms	XHR application/json	185.147.172.66 ACI-WORLDWIDE
General Check archive.org Show headers Download Go to Full URL https://test.oppwa.com/v1/checkouts/51C41851923F438133239C1DCAFAD382.uat01-vm-tx01/logs Requested by Host: test.oppwa.com URL: https://test.oppwa.com/v1/static/60f09a7c7bd3814d470e28055de86f29/js/static.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.147.172.66 , Ireland, ASN14297 (ACI-WORLDWIDE, US), Reverse DNS test.ctpe.net Software Apache-Coyote/1.1 / Resource Hash 7124e26367bf1fe9c82e083ecdc81a1bef689ee5a78360c134b9d81a73251ed4 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff, nosniff X-Xss-Protection 1; mode=block Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://www.payment.nuawin.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Pragma no-cache Date Tue, 12 Jan 2021 10:09:34 GMT X-Content-Type-Options nosniff, nosniff Server Apache-Coyote/1.1 Strict-Transport-Security max-age=63072000; includeSubdomains; preload Content-Type application/json;charset=UTF-8 Access-Control-Allow-Origin * Cache-Control private, no-cache, no-store Access-Control-Allow-Credentials true X-Application-WAF-Action allow Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 16 X-XSS-Protection 1; mode=block

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| wpwlOptions object| wpwl undefined| $ undefined| jQuery undefined| _

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.payment.nuawin.com/	1970-01-19 15:20:53	Name: laravel_session Value: eyJpdiI6IjNjNVk5cnM0SkF4K3E3b1h3VmhWcUE9PSIsInZhbHVlIjoiQWxFaUs3TXhCWXMyOFdlQ0ROQ1ZORlA1ZWoyRjhUR0VteE5SN1JOZ0dETGlCZ0ZNR3kzeVRjbkl5ZDJMaDZWbCIsIm1hYyI6IjFkZjMwMjI5Y2VmZmYzZGJhNTQyMGY4ZjBiODRjYzE2ZTJjNmYyNTNiNDI0YjFkYWFkOGU5M2EwZmUzN2RmZGQifQ%3D%3D
			www.payment.nuawin.com/	1970-01-19 15:20:53	Name: XSRF-TOKEN Value: eyJpdiI6InhON1pJdzdlbnFpeWpRUTNcL1NDUXJBPT0iLCJ2YWx1ZSI6InJNbUpzQkdCanFFS0lJU0xwdkVLQVFRWHZseDA4UVN5VUVnRXBpT0g0K3cyZWt3MSsra09RUXRDUXhNcEgybDYiLCJtYWMiOiIwZjU2ZDI1NjVmMGIxMWZlYjU5ZTE2YTkyZmU0OTQzNGFhZDYwMDg2MGJkMzUyNTY0MGNmNWVkNzE0NGVmOWYzIn0%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://test.oppwa.com/v1/static/60f09a7c7bd3814d470e28055de86f29/js/static.min.js(Line 126) Message: found payment forms: [object HTMLFormElement]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
test.oppwa.com
www.payment.nuawin.com
185.147.172.66
192.185.149.133
2a00:1450:4001:800::200a
0ba2d444db6bdfb4fe3234537b07c31fa025605237797fc679e30b130a510471
0f5ab05591f0296e2592214b04a36fa90d08d8dab9deddc738bf24154af6369f
287e2f0b465b24642adb4d232c6b65456d8c6003de7b9ff0c0dd18e64c92cf6b
36ceb790a12e9cd2f2ba27e015c1a98b044976bbfca9b4f49ec88e2ca0d3496a
7124e26367bf1fe9c82e083ecdc81a1bef689ee5a78360c134b9d81a73251ed4
7e6abe63af521d76c01e478681b6997a5f5d608c8e59f68aa858036907e84412
8277dabead822c4a5d4175f57c4f98eefd2b3c863e14fa156bef9c490ff9e081
cfe8b8395328073bf7f2ea46e6139115bca8eba041aba4655bc460a56afa0bd7