secure23uat.nmpaas.com Open in urlscan Pro
13.32.27.8  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response secure23uat.nmpaas.com/	7 KB 7 KB	590ms 559ms	Document text/html	13.32.27.8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure23uat.nmpaas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.8 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-8.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 119a75b0fe11b2e17c65ea4c3fccb4d719d02fbfe842d39dbc3ea44e541bb35c Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes content-length 6780 content-type text/html date Fri, 13 Jan 2023 11:22:18 GMT etag "87b30cde4f63e9eb5002be3752e9a37d" last-modified Wed, 28 Dec 2022 11:15:43 GMT server AmazonS3 via 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront) x-amz-cf-id 7cZELb3M-kjOsShC0HbjAqsBKTOR1B1EslbEk0y4yLn0udKuGq9-lg== x-amz-cf-pop FRA56-C2 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront
GET H2	200	main.3e3c35f0.js Show response secure23uat.nmpaas.com/static/js/	3 MB 3 MB	586ms 586ms	Script application/javascript	13.32.27.8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure23uat.nmpaas.com/static/js/main.3e3c35f0.js Requested by Host: secure23uat.nmpaas.com URL: https://secure23uat.nmpaas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.8 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-8.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 55b46f5532339c67d9a2780dfe66629d4f52cf4f9517477d503f274b3798f62c Request headers accept-language de-DE,de;q=0.9 Referer https://secure23uat.nmpaas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Fri, 13 Jan 2023 11:22:18 GMT via 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront) last-modified Wed, 28 Dec 2022 11:15:41 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 etag "ba6605b35cdbd8f1cacfde128f33e34c" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type application/javascript accept-ranges bytes content-length 2802297 x-amz-cf-id PrpP7TXkEyoV4AJ1UnTbsxeViKs9BqZ5owj59kDEsA-eB_GBjGbLBg==
GET H2	200	main.43c77989.css secure23uat.nmpaas.com/static/css/	8 KB 8 KB	549ms 548ms	Stylesheet text/css	13.32.27.8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure23uat.nmpaas.com/static/css/main.43c77989.css Requested by Host: secure23uat.nmpaas.com URL: https://secure23uat.nmpaas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.8 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-8.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 55b61ddaba76e01cb7d7828bcbdca72879d567ccbcdc57b91d7f1bfb7630e304 Request headers accept-language de-DE,de;q=0.9 Referer https://secure23uat.nmpaas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Fri, 13 Jan 2023 11:22:18 GMT via 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront) last-modified Wed, 28 Dec 2022 11:15:41 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 etag "d99f728585b54702ca415356f27b5d55" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 8344 x-amz-cf-id 4OjHcanN_LFfGPTWgSIR_H06ccY9KARInUdXHWQRGkLXO3VzjMO5BA==
GET H/1.1	200 OK	a.js Show response d2r1yp2w7bby2u.cloudfront.net/js/	45 KB 16 KB	35ms 7ms	Script application/javascript	143.204.215.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2r1yp2w7bby2u.cloudfront.net/js/a.js Requested by Host: secure23uat.nmpaas.com URL: https://secure23uat.nmpaas.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.204.215.67 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-67.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 49a8f325c9e04a943313b226fa05cba7fb2016ebeb369b6d26990ebed5554e74 Request headers accept-language de-DE,de;q=0.9 Referer https://secure23uat.nmpaas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Date Fri, 13 Jan 2023 11:13:38 GMT Content-Encoding gzip Via 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront) Last-Modified Thu, 12 Jan 2023 05:43:30 GMT Server AmazonS3 X-Amz-Cf-Pop FRA53-C1 Age 520 ETag W/"59198cf86d74f4ff2164d6d7d4c1f774" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript X-Cache Hit from cloudfront Cache-Control max-age=1800, private Connection keep-alive X-Amz-Cf-Id Dk1yjmlkuGuVmWcFfkiIALEwE8ZxKGU4n0LIO29YpRptibkCuoHlqg==
GET H/1.1	200 OK	a Show response in1.wzrkt.com/	286 B 814 B	219ms 149ms	Script text/javascript	2600:9000:206e:6200:16:b4a8:d400:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://in1.wzrkt.com/a?t=96&type=push&d=N4IgLgngDgpiBcIoCcD2AzAlgGzgGiTS1wVAGMwB9VKMVAVzAXQENsBnGAXwMwBMEIACoBRAMpCAtABYAbLMkAtWQHZJATmWKQBKAHMEARi5AA%3D%3D&optOut=false&rn=1&i=1673608937&sn=0&useIP=false&r=1673608937437 Requested by Host: d2r1yp2w7bby2u.cloudfront.net URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206e:6200:16:b4a8:d400:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 95c29048838e0d1854bd7438797f1f9ac7c06fdfe095ea67033f353ffc09e09f Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubDomains;preload X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://secure23uat.nmpaas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Pragma no-cache Date Fri, 13 Jan 2023 11:22:17 GMT Strict-Transport-Security max-age=31536000;includeSubDomains;preload Content-Encoding gzip Via 1.1 cc6cd0f2b9d4d88785ea5a737059a4fe.cloudfront.net (CloudFront) X-Amz-Cf-Pop VIE50-C1 Transfer-Encoding chunked X-Frame-Options SAMEORIGIN Content-Type text/javascript;charset=utf-8 Vary Accept-Encoding, User-Agent X-Cache Miss from cloudfront Cache-Control no-cache, no-store, no-cache, no-store Connection keep-alive X-Amz-Cf-Id 1p27yTQCWR__akdZnXjr7IHPOwS4XthaySKRY-E9zxRPuM131AQxZw== Expires 0
GET H/1.1	200 OK	a Show response in1.wzrkt.com/	274 B 821 B	145ms 144ms	Script text/javascript	2600:9000:206e:6200:16:b4a8:d400:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://in1.wzrkt.com/a?t=96&type=page&d=N4IglgJiBcICoFEDKcC0AWAbJ1AtTA7KgJz64gA0IADgOYwCMVAxnTCABYAuX1AztAD0gvgFNmAVwBOogEwBmCQEMuAOgB2AW2pKlfVcwD2mwZRAB1XACUA0gH0AwgEEAsgAUYoAO7aYABiouABtmGABtAF0AXyigAA%3D&rn=2&i=1673608937&sn=0&gc=648534ec66a245c2b05a4c6a1454716c&arp=N4IgVg%2BgdiBcIC0DuBeFIA0ICW06IFsALKAUwHMBNAUUxABMIAXAZzgAYt6iOsA3OAEYskNvGAACAL51s9fABYAbEoC0CJQHZVATg0I6pZmM4gATsaFaAzEvYAOHdc1SgAA%3D&useIP=false&r=1673608937692 Requested by Host: d2r1yp2w7bby2u.cloudfront.net URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206e:6200:16:b4a8:d400:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 77187b35d797e855d9a13b924c371e47062ea05e090bf0fab91b773a65d51d3c Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubDomains;preload X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://secure23uat.nmpaas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Pragma no-cache Date Fri, 13 Jan 2023 11:22:17 GMT Strict-Transport-Security max-age=31536000;includeSubDomains;preload Content-Encoding gzip Via 1.1 cc6cd0f2b9d4d88785ea5a737059a4fe.cloudfront.net (CloudFront) X-Amz-Cf-Pop VIE50-C1 Transfer-Encoding chunked X-Frame-Options SAMEORIGIN Content-Type text/javascript;charset=utf-8 Vary Accept-Encoding, User-Agent X-Cache Miss from cloudfront Cache-Control no-cache, no-store, no-cache, no-store Connection keep-alive X-Amz-Cf-Id uFkaEa6FTeAuEATb3TzWce-IoIZOic7Pym6w04QkbwVGaAV6qs4wKA== Expires 0
GET H2	200	api.js Show response apis.google.com/js/	17 KB 7 KB	93ms 57ms	Script text/javascript	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/api.js Requested by Host: secure23uat.nmpaas.com URL: https://secure23uat.nmpaas.com/static/js/main.3e3c35f0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e0be6e128dd58edd11961625cf917b5f322aad95e5c5fcc04907ff08bbc3ca59 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://secure23uat.nmpaas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers content-security-policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team content-encoding gzip x-content-type-options nosniff date Fri, 13 Jan 2023 11:22:19 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6893 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="gapi-team" etag "1dad2ebfba88234b" vary Accept-Encoding report-to {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]} content-type text/javascript access-control-allow-origin * cache-control private, max-age=1800, stale-while-revalidate=1800 accept-ranges bytes timing-allow-origin * expires Fri, 13 Jan 2023 11:22:19 GMT
GET H2	200	cb=gapi.loaded_0 Show response apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.pt_BR.l4Bv_WkVC6g.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOuH5S2uqmF6E8zOW7n3yiqiwhzNQ/	301 KB 301 KB	47ms 13ms	Script text/javascript	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.pt_BR.l4Bv_WkVC6g.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOuH5S2uqmF6E8zOW7n3yiqiwhzNQ/cb=gapi.loaded_0 Requested by Host: secure23uat.nmpaas.com URL: https://secure23uat.nmpaas.com/static/js/main.3e3c35f0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d210709f5f638e192d493f1d872b07587b89a17e289826657c1801039b82bdf2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://secure23uat.nmpaas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 11 Jan 2023 04:47:09 GMT x-content-type-options nosniff age 196509 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 307797 x-xss-protection 0 last-modified Thu, 19 Nov 2020 17:03:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="social-frontend-mpm-access" vary Accept-Encoding, Origin report-to {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Thu, 11 Jan 2024 04:47:09 GMT
GET H2	200	reverseWave.de78c24186c8e036ccb32bdf96d51f45.svg secure23uat.nmpaas.com/static/media/	2 KB 2 KB	543ms 542ms	Image image/svg+xml	13.32.27.8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://secure23uat.nmpaas.com/static/media/reverseWave.de78c24186c8e036ccb32bdf96d51f45.svg Requested by Host: secure23uat.nmpaas.com URL: https://secure23uat.nmpaas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.8 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-8.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 597bf0580dda8725392014fcb5401754636bf83ee5d809d56416eb70f8ffa18f Request headers accept-language de-DE,de;q=0.9 Referer https://secure23uat.nmpaas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Fri, 13 Jan 2023 11:22:20 GMT via 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront) last-modified Wed, 28 Dec 2022 11:15:43 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 etag "41e704581fcbc57acc5538f3798255dc" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/svg+xml accept-ranges bytes content-length 1857 x-amz-cf-id aT6HO5LqgWSECATt-VZjHjuGoAzEWWlwBl61BHAKdWmkzBLmfpY6Iw==
GET H2	200	Niyo_Money_white.png www.niyomoney.com/gw-web-assets/img/niyo-money/	15 KB 14 KB	644ms 250ms	Image image/png	13.234.206.238 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.niyomoney.com/gw-web-assets/img/niyo-money/Niyo_Money_white.png Requested by Host: secure23uat.nmpaas.com URL: https://secure23uat.nmpaas.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.234.206.238 Mumbai, India, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-234-206-238.ap-south-1.compute.amazonaws.com Software / Resource Hash d762c15a6f2d5aa2e33f113c09a6700b3d02eb1b4e6862ea095324d3a2c4c6a1 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://secure23uat.nmpaas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Fri, 13 Jan 2023 11:22:19 GMT content-encoding gzip strict-transport-security max-age=16070400; includeSubDomains last-modified Fri, 06 Nov 2020 16:05:35 GMT etag W/"5fa5744f-3bf2" vary Accept-Encoding content-type image/png cache-control max-age=604800, private, must-revalidate, proxy-revalidate expires Fri, 20 Jan 2023 11:22:19 GMT
GET H2	200	google-icon.0faab3abd8459e996c7142aaa3f8e2b3.svg secure23uat.nmpaas.com/static/media/	1 KB 1 KB	554ms 553ms	Image image/svg+xml	13.32.27.8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://secure23uat.nmpaas.com/static/media/google-icon.0faab3abd8459e996c7142aaa3f8e2b3.svg Requested by Host: secure23uat.nmpaas.com URL: https://secure23uat.nmpaas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.8 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-8.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash fd4b4d816eba8642d8da913ec417de452267b767f6565bd45a858cd75a4bc19a Request headers accept-language de-DE,de;q=0.9 Referer https://secure23uat.nmpaas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Fri, 13 Jan 2023 11:22:20 GMT via 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront) last-modified Wed, 28 Dec 2022 11:15:42 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 etag "7416b61f2f3ff4ce12d7cd200ac3d399" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/svg+xml accept-ranges bytes content-length 1157 x-amz-cf-id QPRYhzPLNKTCESlasyLJcYBoox4EF4ZY6Tyc1bLpxJWBVkq5KOMA3w==
GET H2	200	wave.99e33c851e95288384cc384968508eff.svg secure23uat.nmpaas.com/static/media/	2 KB 2 KB	541ms 541ms	Image image/svg+xml	13.32.27.8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://secure23uat.nmpaas.com/static/media/wave.99e33c851e95288384cc384968508eff.svg Requested by Host: secure23uat.nmpaas.com URL: https://secure23uat.nmpaas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.8 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-8.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 91c79abeb5d97407a9d7a084c4d25f42990c0ee46777586391b5d617bed3059d Request headers accept-language de-DE,de;q=0.9 Referer https://secure23uat.nmpaas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Fri, 13 Jan 2023 11:22:20 GMT via 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront) last-modified Wed, 28 Dec 2022 11:15:43 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 etag "91731303cea54fdaa1e717258e99e67a" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/svg+xml accept-ranges bytes content-length 1855 x-amz-cf-id _AHLoBt_g_l6TJ_noD-wo501BsOCDj9p3ONxb_DXsmmn6pNrx0KR3w==
GET H2	200	iframe Show response accounts.google.com/o/oauth2/ Frame 9534	280 B 1 KB	69ms 24ms	Document text/html	2a00:1450:4001:827::200d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/o/oauth2/iframe Requested by Host: apis.google.com URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.pt_BR.l4Bv_WkVC6g.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOuH5S2uqmF6E8zOW7n3yiqiwhzNQ/cb=gapi.loaded_0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 719b0b6b1791150d996e4097839f99c01b39eae73fa7bd90621fd04c1ca67fe2 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-ROgZ_dAs0cN8DZ4AE5C3wA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://secure23uat.nmpaas.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-ROgZ_dAs0cN8DZ4AE5C3wA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy cross-origin date Fri, 13 Jan 2023 11:22:19 GMT expires Mon, 01 Jan 1990 00:00:00 GMT permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=* pragma no-cache server ESF strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff x-xss-protection 0
POST H2	400	cspreport accounts.google.com/_/IdpIFrameHttp/ Frame 9534	2 KB 913 B	21ms 20ms	Other text/html	2a00:1450:4001:827::200d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/_/IdpIFrameHttp/cspreport Requested by Host: secure23uat.nmpaas.com URL: https://secure23uat.nmpaas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 7bdc794b23af16bc4ec5b01ea5ddc56a5b57d8a81bf8e58978a14a938328682e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://accounts.google.com/o/oauth2/iframe accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Content-Type application/csp-report Response headers pragma no-cache date Fri, 13 Jan 2023 11:22:19 GMT content-encoding gzip x-content-type-options nosniff server GSE content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 1; mode=block expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	m=base Show response www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.p3aLoM3CVsc.es5.O/d=1/rs=AOaEmlGWpo6Bkh4GUBZ4Y-spI0W7MEIIww/ Frame 9534	100 KB 35 KB	101ms 40ms	Script text/javascript	2a00:1450:400d:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.p3aLoM3CVsc.es5.O/d=1/rs=AOaEmlGWpo6Bkh4GUBZ4Y-spI0W7MEIIww/m=base Requested by Host: accounts.google.com URL: https://accounts.google.com/o/oauth2/iframe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8563827f413560646f5c738b68f52ed0b803500e6e7c5e8a7b906ddfbc6e2ba7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://accounts.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Tue, 10 Jan 2023 06:39:23 GMT content-encoding gzip x-content-type-options nosniff age 276176 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35061 x-xss-protection 0 last-modified Sat, 07 Jan 2023 03:40:23 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/identity-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Wed, 10 Jan 2024 06:39:23 GMT
GET H3	200	iframerpc Show response accounts.google.com/o/oauth2/ Frame 9534	49 B 98 B	49ms 49ms	XHR application/json	2a00:1450:4001:827::200d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fsecure23uat.nmpaas.com&client_id=887012426450-e49juc8bnu95kf6ocjeh3hv7c8sqnnf0.apps.googleusercontent.com Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.p3aLoM3CVsc.es5.O/d=1/rs=AOaEmlGWpo6Bkh4GUBZ4Y-spI0W7MEIIww/m=base Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0b233ef74e66bceb574d4c8ea432703b8bbdfbc6e5d0e5f6c14cf191799d63c7 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-VuiSAPEVWSddaM-G5bWliw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://accounts.google.com/o/oauth2/iframe X-Requested-With XmlHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Fri, 13 Jan 2023 11:22:19 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy script-src 'report-sample' 'nonce-VuiSAPEVWSddaM-G5bWliw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport content-encoding gzip cross-origin-embedder-policy require-corp p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cross-origin-resource-policy same-site alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, Origin content-type application/json; charset=utf-8 cache-control private, max-age=3600 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=* expires Fri, 13 Jan 2023 11:22:19 GMT
GET H2	200	584e4ec98428d1e331000351.js Show response beacon.errorception.com/	4 KB 3 KB	52ms 17ms	Script text/javascript	2a06:98c1:3121::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://beacon.errorception.com/584e4ec98428d1e331000351.js Requested by Host: secure23uat.nmpaas.com URL: https://secure23uat.nmpaas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4a591b988e535760d9411c71d40928d3f9ff1fa71efceab321ac7bd2220a281f Request headers accept-language de-DE,de;q=0.9 Referer https://secure23uat.nmpaas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers pragma public date Fri, 13 Jan 2023 11:22:19 GMT content-encoding br cf-cache-status HIT last-modified Sun, 17 Mar 2019 07:14:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3405 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J4lMXGESL1y8rfPhoRXjOhicKYddSHKBBUwgya9QPJLjRu%2BMUgtsHMnMjqIY7crBtqHqILar4wVw5buqWdqy2o%2FTNVi1EYEV4ru8HO7PpfViv1iSITGo419EDuonRt4ICC%2F4BmD0ttyRVRpmly%2FEQs1%2BI67ppQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control public, max-age=3600 cf-ray 788dc0e0bae39b86-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange object| clevertap function| onDeviceReady function| onBackKeyDown object| _errs function| tokenReceivedFromNative object| loading function| sendNewToken function| getTokenForDigiLocker function| startLiveliness function| loadingImageCaptured function| loadingLivelinessCompleted function| loadingTokenReceivedForDigiLocker function| getFilesFromNative function| loadingFileReceivedFromNative function| exitFromPWA function| goToDashboard function| showHideAppInboxIcon object| loadingAppInbox function| getPressedLink function| shareVia object| bottomSheetStack function| clearStates function| onBackPressed function| hitDeeplink function| removeBottomSheet object| wizrocket object| $WZRK_WR object| $CLTP_WR object| webpackChunknm_web object| __core-js_shared__ number| 2f1acc6c3a606b082e5eef5e54414ffb object| gapi object| ___jsl object| gadgets object| osapi object| oauth2 object| shindig object| googleapis object| iframer object| __gapi_jstiming__ function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.nmpaas.com/	1970-01-20 18:29:28	Name: WZRK_G Value: 648534ec66a245c2b05a4c6a1454716c
			.nmpaas.com/	1970-01-20 08:53:30	Name: WZRK_S_TEST-466-Z67-9Z6Z Value: %7B%22p%22%3A1%2C%22s%22%3A1673608937%2C%22t%22%3A1673608937%7D
			.secure23uat.nmpaas.com/	1970-01-20 18:29:28	Name: G_ENABLED_IDPS Value: google
			.google.com/	1970-01-20 13:17:00	Name: NID Value: 511=mdthhSYjKQgzNDAGTUV7lZXNBxQNwPhsQ1TV5NO7BIglEv9KvOXCSqkYojSMVx0xH_qa2FAnEo5zB6ydlyd2yzrxvN7CB4BnD8Xl_uXXnLnKXrYhfDb3se61ljgKbVWNX1ihmOCflKR-t86yWP99nZUY4005OGmbyJwp5tqVj0E

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.pt_BR.l4Bv_WkVC6g.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOuH5S2uqmF6E8zOW7n3yiqiwhzNQ/cb=gapi.loaded_0(Line 278) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
beacon.errorception.com
d2r1yp2w7bby2u.cloudfront.net
in1.wzrkt.com
secure23uat.nmpaas.com
www.gstatic.com
www.niyomoney.com
13.234.206.238
13.32.27.8
143.204.215.67
2600:9000:206e:6200:16:b4a8:d400:93a1
2a00:1450:4001:827::200d
2a00:1450:4001:82b::200e
2a00:1450:400d:808::2003
2a06:98c1:3121::c
0b233ef74e66bceb574d4c8ea432703b8bbdfbc6e5d0e5f6c14cf191799d63c7
119a75b0fe11b2e17c65ea4c3fccb4d719d02fbfe842d39dbc3ea44e541bb35c
49a8f325c9e04a943313b226fa05cba7fb2016ebeb369b6d26990ebed5554e74
4a591b988e535760d9411c71d40928d3f9ff1fa71efceab321ac7bd2220a281f
55b46f5532339c67d9a2780dfe66629d4f52cf4f9517477d503f274b3798f62c
55b61ddaba76e01cb7d7828bcbdca72879d567ccbcdc57b91d7f1bfb7630e304
597bf0580dda8725392014fcb5401754636bf83ee5d809d56416eb70f8ffa18f
719b0b6b1791150d996e4097839f99c01b39eae73fa7bd90621fd04c1ca67fe2
77187b35d797e855d9a13b924c371e47062ea05e090bf0fab91b773a65d51d3c
7bdc794b23af16bc4ec5b01ea5ddc56a5b57d8a81bf8e58978a14a938328682e
8563827f413560646f5c738b68f52ed0b803500e6e7c5e8a7b906ddfbc6e2ba7
91c79abeb5d97407a9d7a084c4d25f42990c0ee46777586391b5d617bed3059d
95c29048838e0d1854bd7438797f1f9ac7c06fdfe095ea67033f353ffc09e09f
d210709f5f638e192d493f1d872b07587b89a17e289826657c1801039b82bdf2
d762c15a6f2d5aa2e33f113c09a6700b3d02eb1b4e6862ea095324d3a2c4c6a1
e0be6e128dd58edd11961625cf917b5f322aad95e5c5fcc04907ff08bbc3ca59
fd4b4d816eba8642d8da913ec417de452267b767f6565bd45a858cd75a4bc19a