urlscan.io logo urlscan.io
SecurityTrails logo

8.43.80.38 Open in urlscan Pro
8.43.80.38  Public Scan

Go To Rescan Add Verdict Report
URL: https://8.43.80.38/ca/en/web/user/login
Submission: On April 15 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 41 IPs in 4 countries across 30 domains to perform 139 HTTP transactions. The main IP is 8.43.80.38, located in United States and belongs to WURESTON, US. The main domain is 8.43.80.38.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on November 6th 2023. Valid for: a year.
This is the only time 8.43.80.38 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
56 8.43.80.38 36154 (WURESTON)
13 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 151.101.64.114 54113 (FASTLY)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2606:4700::c6... 13335 (CLOUDFLAR...)
1 2a04:4e42:400... 54113 (FASTLY)
1 18.173.187.59 16509 (AMAZON-02)
2 2a04:4e42:600... 54113 (FASTLY)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2600:9000:237... 16509 (AMAZON-02)
3 3.226.124.59 14618 (AMAZON-AES)
3 2a04:4e42:200... 54113 (FASTLY)
2 2600:9000:26d... 16509 (AMAZON-02)
1 3 54.170.203.21 16509 (AMAZON-02)
1 176.34.167.98 16509 (AMAZON-02)
3 63.140.62.222 16509 (AMAZON-02)
1 1 52.17.26.1 16509 (AMAZON-02)
3 18.218.8.61 16509 (AMAZON-02)
4 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a04:4e42:8e::84 54113 (FASTLY)
1 108.138.32.75 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 15.197.193.217 16509 (AMAZON-02)
2 4 142.250.184.198 15169 (GOOGLE)
1 99.84.88.11 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
3 54.195.39.4 16509 (AMAZON-02)
1 52.21.2.28 14618 (AMAZON-AES)
1 95.101.148.37 16625 (AKAMAI-AS)
1 34.117.39.58 396982 (GOOGLE-CL...)
1 208.118.62.69 7296 (DYNASCALE)
1 35.244.174.68 396982 (GOOGLE-CL...)
3 104.197.114.177 396982 (GOOGLE-CL...)
2 2600:9000:225... 16509 (AMAZON-02)
1 34.96.67.224 396982 (GOOGLE-CL...)
3 104.17.208.240 13335 (CLOUDFLAR...)
2 34.66.3.160 396982 (GOOGLE-CL...)
139 41
56    8.43.80.38 (United States)

ASN36154 (WURESTON, US)
8.43.80.38
13    2a02:26f0:3500:587::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
1    151.101.64.114 (United States)

ASN54113 (FASTLY, US)
cdn.evergage.com
1    2606:4700:10::6816:34fc (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.quantummetric.com
1    2606:4700:4400::ac40:9483 (United States)

ASN13335 (CLOUDFLARENET, US)
ws.audioeye.com
2    2606:4700::c6d9:fbfb (United States)

ASN13335 (CLOUDFLARENET, US)
songbirdstag.cardinalcommerce.com
1    2a04:4e42:400::645 (United States)

ASN54113 (FASTLY, US)
jssdkcdns.mparticle.com
1    18.173.187.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-59.muc50.r.cloudfront.net
cdn.branch.io
2    2a04:4e42:600::645 (United States)

ASN54113 (FASTLY, US)
identity.mparticle.com
1    2606:4700:4400::6812:277d (United States)

ASN13335 (CLOUDFLARENET, US)
wsv3cdn.audioeye.com
1    2600:9000:237d:c00:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)
app.link
3    3.226.124.59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-124-59.compute-1.amazonaws.com
westernunion.evergage.com
3    2a04:4e42:200::645 (United States)

ASN54113 (FASTLY, US)
jssdks.mparticle.com
2    2600:9000:26da:8600:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)
api2.branch.io
3    54.170.203.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-203-21.eu-west-1.compute.amazonaws.com
westernunion.demdex.net
dpm.demdex.net
1    176.34.167.98 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-167-98.eu-west-1.compute.amazonaws.com
westernunion.demdex.net
3    63.140.62.222 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-222.data.adobedc.net
smetrics.westernunion.com
1    52.17.26.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-26-1.eu-west-1.compute.amazonaws.com
cm.everesttech.net
3    18.218.8.61 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-218-8-61.us-east-2.compute.amazonaws.com
collector-40051.us.tvsquared.com
4    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2a04:4e42:8e::84 (United States)

ASN54113 (FASTLY, US)
s.pinimg.com
1    108.138.32.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-32-75.muc50.r.cloudfront.net
c.amazon-adsystem.com
2    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
4    142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
12972499.fls.doubleclick.net
1    99.84.88.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-11.muc50.r.cloudfront.net
openfpcdn.io
2    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    54.195.39.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-39-4.eu-west-1.compute.amazonaws.com
mpsnare.iesnare.com
1    52.21.2.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-2-28.compute-1.amazonaws.com
content-cdn.com
1    95.101.148.37 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-37.deploy.static.akamaitechnologies.com
www.westernunion.com
1    34.117.39.58 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 58.39.117.34.bc.googleusercontent.com
www.upsellit.com
1    208.118.62.69 (United States)

ASN7296 (DYNASCALE, US)
app.upsellit.com
1    35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
3    104.197.114.177 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 177.114.197.104.bc.googleusercontent.com
wutest-app.quantummetric.com
2    2600:9000:225b:ec00:16:4ed5:12c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.mczbf.com
1    34.96.67.224 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 224.67.96.34.bc.googleusercontent.com
cdn.sift.com
3    104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)
zn8v3mbh5ld4zg5w1-wuvoc.siteintercept.qualtrics.com
siteintercept.qualtrics.com
2    34.66.3.160 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 160.3.66.34.bc.googleusercontent.com
rl.quantummetric.com
Apex Domain
Subdomains		 Transfer
13 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 436
179 KB
6 mparticle.com
jssdkcdns.mparticle.com — Cisco Umbrella Rank: 6411
identity.mparticle.com — Cisco Umbrella Rank: 3165
jssdks.mparticle.com — Cisco Umbrella Rank: 6009
46 KB
6 quantummetric.com
cdn.quantummetric.com — Cisco Umbrella Rank: 2669
wutest-app.quantummetric.com
rl.quantummetric.com — Cisco Umbrella Rank: 3924
89 KB
4 doubleclick.net
12972499.fls.doubleclick.net — Cisco Umbrella Rank: 312336
860 B
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 335
14 KB
4 westernunion.com
smetrics.westernunion.com — Cisco Umbrella Rank: 165179
www.westernunion.com — Cisco Umbrella Rank: 109808 Failed
15 KB
4 demdex.net
westernunion.demdex.net — Cisco Umbrella Rank: 200644
dpm.demdex.net — Cisco Umbrella Rank: 240
2 KB
4 evergage.com
cdn.evergage.com — Cisco Umbrella Rank: 20312
westernunion.evergage.com — Cisco Umbrella Rank: 205922
115 KB
3 qualtrics.com
zn8v3mbh5ld4zg5w1-wuvoc.siteintercept.qualtrics.com — Cisco Umbrella Rank: 349117
siteintercept.qualtrics.com — Cisco Umbrella Rank: 915
27 KB
3 iesnare.com
mpsnare.iesnare.com — Cisco Umbrella Rank: 6306
21 KB
3 tvsquared.com
collector-40051.us.tvsquared.com — Cisco Umbrella Rank: 236604
9 KB
3 branch.io
cdn.branch.io — Cisco Umbrella Rank: 890
api2.branch.io — Cisco Umbrella Rank: 1171
24 KB
2 mczbf.com
www.mczbf.com — Cisco Umbrella Rank: 6199
834 B
2 upsellit.com
www.upsellit.com — Cisco Umbrella Rank: 11093
app.upsellit.com — Cisco Umbrella Rank: 19530
12 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
879 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
134 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
157 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 918
22 KB
2 cardinalcommerce.com
songbirdstag.cardinalcommerce.com — Cisco Umbrella Rank: 195872
155 KB
2 audioeye.com
ws.audioeye.com — Cisco Umbrella Rank: 9822
wsv3cdn.audioeye.com — Cisco Umbrella Rank: 4915
696 B
1 sift.com
cdn.sift.com — Cisco Umbrella Rank: 14948
21 KB
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 464
98 B
1 content-cdn.com
content-cdn.com — Cisco Umbrella Rank: 343557
183 B
1 gstatic.com
www.gstatic.com
201 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
1 openfpcdn.io
openfpcdn.io — Cisco Umbrella Rank: 17102
14 KB
1 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 611
149 B
1 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 311
5 KB
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1309
517 B
1 app.link
app.link — Cisco Umbrella Rank: 2501
633 B
139 30
Domain Requested by
13 assets.adobedtm.com 8.43.80.38
assets.adobedtm.com
4 12972499.fls.doubleclick.net 2 redirects www.googletagmanager.com
4 bat.bing.com assets.adobedtm.com
bat.bing.com
8.43.80.38
3 wutest-app.quantummetric.com cdn.quantummetric.com
3 mpsnare.iesnare.com 8.43.80.38
mpsnare.iesnare.com
3 collector-40051.us.tvsquared.com 8.43.80.38
3 smetrics.westernunion.com assets.adobedtm.com
8.43.80.38
3 westernunion.demdex.net 1 redirects 8.43.80.38
assets.adobedtm.com
3 jssdks.mparticle.com jssdkcdns.mparticle.com
3 westernunion.evergage.com cdn.evergage.com
cdn.quantummetric.com
2 rl.quantummetric.com cdn.quantummetric.com
2 siteintercept.qualtrics.com zn8v3mbh5ld4zg5w1-wuvoc.siteintercept.qualtrics.com
cdn.quantummetric.com
2 www.mczbf.com www.westernunion.com
2 www.google.com 8.43.80.38
2 connect.facebook.net 8.43.80.38
connect.facebook.net
2 www.googletagmanager.com 8.43.80.38
www.googletagmanager.com
2 s.pinimg.com assets.adobedtm.com
s.pinimg.com
2 api2.branch.io cdn.branch.io
2 identity.mparticle.com jssdkcdns.mparticle.com
2 songbirdstag.cardinalcommerce.com 8.43.80.38
songbirdstag.cardinalcommerce.com
1 zn8v3mbh5ld4zg5w1-wuvoc.siteintercept.qualtrics.com assets.adobedtm.com
1 cdn.sift.com 8.43.80.38
1 idsync.rlcdn.com 8.43.80.38
1 app.upsellit.com www.upsellit.com
1 www.upsellit.com 8.43.80.38
1 content-cdn.com 8.43.80.38
1 www.gstatic.com www.google.com
1 www.facebook.com 8.43.80.38
1 openfpcdn.io 8.43.80.38
1 www.westernunion.com 8.43.80.38
cdn.quantummetric.com
1 insight.adsrvr.org 8.43.80.38
1 c.amazon-adsystem.com 8.43.80.38
1 dpm.demdex.net 8.43.80.38
1 cm.everesttech.net 1 redirects
1 app.link cdn.branch.io
1 wsv3cdn.audioeye.com ws.audioeye.com
1 cdn.branch.io 8.43.80.38
1 jssdkcdns.mparticle.com 8.43.80.38
1 ws.audioeye.com 8.43.80.38
1 cdn.quantummetric.com 8.43.80.38
1 cdn.evergage.com 8.43.80.38
139 41

This site contains links to these domains. Also see Links.

Domain
www.westernunion.com
Subject Issuer Validity Valid
origin-digital-stage.westernunion.com
COMODO RSA Organization Validation Secure Server CA		 2023-11-06 -
2024-11-05		 a year crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-11 -
2024-08-10		 a year crt.sh
cdn.evergage.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-14 -
2025-02-12		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-17 -
2024-05-16		 a year crt.sh
ws.audioeye.com
E1		 2024-03-03 -
2024-06-01		 3 months crt.sh
*.cardinalcommerce.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-26 -
2025-03-28		 a year crt.sh
jssdkcdns.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2023-05-02 -
2024-06-02		 a year crt.sh
*.branch.io
Amazon RSA 2048 M01		 2023-09-11 -
2024-10-09		 a year crt.sh
identity.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2024-02-08 -
2024-06-08		 4 months crt.sh
wsv3cdn.audioeye.com
E1		 2024-03-19 -
2024-06-17		 3 months crt.sh
appipv4.link
Amazon RSA 2048 M03		 2024-03-25 -
2025-04-22		 a year crt.sh
*.evergage.com
Amazon RSA 2048 M02		 2023-11-07 -
2024-12-05		 a year crt.sh
jssdks.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2023-09-16 -
2024-10-17		 a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
smetrics.westernunion.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-28 -
2025-04-28		 a year crt.sh
*.us.tvsquared.com
Amazon RSA 2048 M02		 2023-05-29 -
2024-06-26		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 02		 2024-04-15 -
2024-06-27		 2 months crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-31 -
2024-08-07		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-01-23 -
2024-04-22		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
openfpcdn.io
Amazon RSA 2048 M02		 2023-12-27 -
2025-01-25		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
mpsnare.iesnare.com
DigiCert SHA2 High Assurance Server CA		 2023-05-01 -
2024-05-29		 a year crt.sh
content-cdn.com
R3		 2024-03-18 -
2024-06-16		 3 months crt.sh
www.westernunion.com
GeoTrust RSA CA 2018		 2023-06-09 -
2024-06-11		 a year crt.sh
*.upsellit.com
RapidSSL TLS RSA CA G1		 2023-09-11 -
2024-10-03		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-06 -
2025-03-05		 a year crt.sh
*.quantummetric.com
Sectigo RSA Domain Validation Secure Server CA		 2024-01-19 -
2025-02-13		 a year crt.sh
www.mczbf.com
Amazon RSA 2048 M01		 2023-05-21 -
2024-06-18		 a year crt.sh
*.sift.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-05 -
2025-01-19		 a year crt.sh
*.qualtrics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-27 -
2025-02-19		 a year crt.sh

This page contains 7 frames:

Primary Page: https://8.43.80.38/ca/en/web/user/login
Frame ID: CE2359E1B8F8CEA202CA1E4D8C4DE4E4
Requests: 128 HTTP requests in this frame

Frame: https://westernunion.demdex.net/dest5.html?d_nsid=0
Frame ID: E8071094A73066ED51D05A1D9365F500
Requests: 1 HTTP requests in this frame

Frame: https://12972499.fls.doubleclick.net/activityi;dc_pre=CLvH1PCzw4UDFYtCHgIdAzoJ6w;src=12972499;type=brows0;cat=weste0;ord=9186263403066;npa=1;auiddc=2119935193.1713156122;u1=https%3A%2F%2F8.43.80.38%2Fca%2Fen%2Fweb%2Fuser%2Flogin;u2=;u3=;u4=;u6=;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44a0v9178321820za200;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2F8.43.80.38%2Fca%2Fen%2Fweb%2Fuser%2Flogin
Frame ID: 440FEE67B81C4D2BF9F456AF832E960E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 1D1A9F7F0E1C8B09E85D5B5D38279618
Requests: 1 HTTP requests in this frame

Frame: https://12972499.fls.doubleclick.net/activityi;dc_pre=CJXz_PCzw4UDFWFeHgIdaPMCvg;src=12972499;type=brows0;cat=weste0;ord=7775214381791;npa=1;auiddc=2119935193.1713156122;u1=https%3A%2F%2F8.43.80.38%2Fca%2Fen%2Fweb%2Fuser%2Flogin;u2=ca;u3=en;u4=notloggedin;u6=;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44a0v9178321820za200;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2F8.43.80.38%2Fca%2Fen%2Fweb%2Fuser%2Flogin
Frame ID: 31F011847DC0C9E93D5407F371592A5A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeIoFYnAAAAAHUjCFT2_gD5uDi1BmEnoBI1MvRi&co=aHR0cHM6Ly84LjQzLjgwLjM4OjQ0Mw..&hl=en&type=image&v=rz4DvU-cY2JYCwHSTck0_qm-&theme=light&size=invisible&badge=bottomright&cb=c35e9sjg3kp6
Frame ID: C8CE67C8252F80AAF54EBF21643E5610
Requests: 1 HTTP requests in this frame

Frame: https://wutest-app.quantummetric.com/?Q=4&rr=1713156122757
Frame ID: 76F4FE7CEFA9351BF99E66D5E696A846
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Western Union

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • audioeye\.com/ae\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.sift(?:science)?\.com/s\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

139
Requests

55 %
HTTPS

44 %
IPv6

30
Domains

41
Subdomains

41
IPs

4
Countries

3965 kB
Transfer

16286 kB
Size

35
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44
  • https://westernunion.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AACD3BC75245B4940A490D4D%40AdobeOrg&d_nsid=0&ts=1713156120950 HTTP 302
  • https://westernunion.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AACD3BC75245B4940A490D4D%40AdobeOrg&d_nsid=0&ts=1713156120950
Request Chain 49
  • https://cm.everesttech.net/cm/dd?d_uuid=09705219477135892333030997209352037060 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZhywGQAAAMmydwOJ
Request Chain 65
  • https://8.43.80.38/ca/en/web/user/%3Cimg%20src=%22https://14167169.fls.doubleclick.net/activityi;src=14167169;type=invmedia;cat=weste000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6030024064357.828?%22%20width=%221%22%20height=%221%22%20frameborder=%220%22%20style=%22display:none%22%20alt=%22%22/%3E HTTP 308
  • https://8.43.80.38/ca/en/web/user/%3Cimg%20src=%22https:/14167169.fls.doubleclick.net/activityi;src=14167169;type=invmedia;cat=weste000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6030024064357.828?%22%20width=%221%22%20height=%221%22%20frameborder=%220%22%20style=%22display:none%22%20alt=%22%22/%3E HTTP 307
  • https://www.westernunion.com/404.html
Request Chain 69
  • https://12972499.fls.doubleclick.net/activityi;src=12972499;type=brows0;cat=weste0;ord=9186263403066;npa=1;auiddc=2119935193.1713156122;u1=https%3A%2F%2F8.43.80.38%2Fca%2Fen%2Fweb%2Fuser%2Flogin;u2=;u3=;u4=;u6=;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44a0v9178321820za200;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2F8.43.80.38%2Fca%2Fen%2Fweb%2Fuser%2Flogin HTTP 302
  • https://12972499.fls.doubleclick.net/activityi;dc_pre=CLvH1PCzw4UDFYtCHgIdAzoJ6w;src=12972499;type=brows0;cat=weste0;ord=9186263403066;npa=1;auiddc=2119935193.1713156122;u1=https%3A%2F%2F8.43.80.38%2Fca%2Fen%2Fweb%2Fuser%2Flogin;u2=;u3=;u4=;u6=;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44a0v9178321820za200;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2F8.43.80.38%2Fca%2Fen%2Fweb%2Fuser%2Flogin
Request Chain 94
  • https://12972499.fls.doubleclick.net/activityi;src=12972499;type=brows0;cat=weste0;ord=7775214381791;npa=1;auiddc=2119935193.1713156122;u1=https%3A%2F%2F8.43.80.38%2Fca%2Fen%2Fweb%2Fuser%2Flogin;u2=ca;u3=en;u4=notloggedin;u6=;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44a0v9178321820za200;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2F8.43.80.38%2Fca%2Fen%2Fweb%2Fuser%2Flogin HTTP 302
  • https://12972499.fls.doubleclick.net/activityi;dc_pre=CJXz_PCzw4UDFWFeHgIdaPMCvg;src=12972499;type=brows0;cat=weste0;ord=7775214381791;npa=1;auiddc=2119935193.1713156122;u1=https%3A%2F%2F8.43.80.38%2Fca%2Fen%2Fweb%2Fuser%2Flogin;u2=ca;u3=en;u4=notloggedin;u6=;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44a0v9178321820za200;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2F8.43.80.38%2Fca%2Fen%2Fweb%2Fuser%2Flogin
Request Chain 95
  • https://8.43.80.38/ca/en/web/user/%3Cimg%20src=%22https://14167169.fls.doubleclick.net/activityi;src=14167169;type=invmedia;cat=weste000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2301324321735.598?%22%20width=%221%22%20height=%221%22%20frameborder=%220%22%20style=%22display:none%22%20alt=%22%22/%3E HTTP 308
  • https://8.43.80.38/ca/en/web/user/%3Cimg%20src=%22https:/14167169.fls.doubleclick.net/activityi;src=14167169;type=invmedia;cat=weste000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=2301324321735.598?%22%20width=%221%22%20height=%221%22%20frameborder=%220%22%20style=%22display:none%22%20alt=%22%22/%3E HTTP 307
  • https://www.westernunion.com/404.html

139 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
8.43.80.38/ca/en/web/user/ 		2 MB
261 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/ca/en/web/user/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Next.js
Resource Hash
a0aba9da52b8e369fa01078c3b7066538ac7e29648c6f90d593b44806acb27aa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';script-src 'nonce-H13Gh0LSKI7AlPgeppGYCZoWs2VmdRfz+pIGKVkUF3g=' 'self' https://*.pubmatic.com https://tpc.googlesyndication.com https://3ds2-sandbox.ckotech.co https://api.sandbox.checkout.com https://pay.uae.uat.wu.com https://*.contentsquare.net https://*.contentsquare.com https://*.dapi.com https://*.contentsquare.net https://*.contentsquare.com https://pgt.cbuaepay.ae/ https://edge.adobedc.net https://secure.quantserve.com https://a.tribalfusion.com https://westernunion-gb.admo.tv https://adservice.google.com https://www.googletagservices.com https://*.googlesyndication.com https://securepubads.g.doubleclick.net https://bat.bing.com/ https://*.demdex.net https://dpm.demdex.net https://www.gstatic.com https://cdn.cookielaw.org http://jssdkcdn.mparticle.com http://jssdkcdns.mparticle.com https://cdn.evergage.com https://cdn.branch.io https://cdn.quantummetric.com http://cdn.quantummetric.com https://ws.audioeye.com/ae.js https://mpsnare.iesnare.com wss://mpsnare.iesnare.com https://wsv3cdn.audioeye.com https://assets.adobedtm.com https://cdn.amplitude.com https://maps.googleapis.com https://geolocation.onetrust.com http://*.westernunion.com/ https://*.westernunion.com/ https://*.qualtrics.com https://*.cardinalcommerce.com https://songbird.cardinalcommerce.com/edge/v1/songbird.js https://*.siteintercept.qualtrics.com https://*.arcot.com https://*.touch.tech https://*.rsa3dsauth.com https://*.mycardplace.com https://0eaf.cardinalcommerce.com https://1eaf.cardinalcommerce.com https://3d-secure.areeba.com https://3d-secure.olb.de https://3d-secure.pluscard.de https://3d-secure.six-group.com https://3d-secure1.sbanken.no https://3d-secure2.sbanken.no https://3debspay.boc.cn https://3ds-b.live.ext.prod.enfuce.com https://3ds-challenge.n26.com https://3ds-n2.nbg.gr https://3ds-n3.nbg.gr https://3ds-secure.cardcomplete.com https://3ds.abanca.com https://3ds.bancochile.cl:443 https://3ds.bov.com https://3ds.consorsfinanz.de https://3ds.egcp.com https://3ds.inteligo.pl https://3ds.kaspi.kz https://3ds.kombank.com:8447 https://3ds.kredobank.com.ua https://3ds.nexigroup.com https://3ds.oschadbank.ua https://3ds.pkobp.pl https://3ds.pl.ing.com https://3ds.qnb.com https://3ds.redsys.es https://3ds.rpc-raiffeisen.com https://3ds.seglan.com https://3ds.sia.eu https://3ds2-visasecure.acdcproc.com https://3dsec.cardcenter.ch https://3dsec.postfinance.ch https://3dsecure-2.wirecard.com https://3dsecure-prd2.monext.fr https://3dsecure-vrp.de https://3dsecure.bnpparibas.pl https://3dsecure.csas.cz https://3dsecure.ing.ro https://3dsecure.mbank.pl https://3dsecure.monext.fr https://3dsecure.nexi.it https://3dsecure.psa.at https://3dsecure.raiffeisen.al https://3dsecure.raiffeisenbank.rs https://3dsecure.rhb.com.my https://3dsecure.sgb.pl https://3dsecure.slsp.sk https://3dsecure.sumup.com https://3dsecure.tatrabanka.sk https://3dsecureA.sparda.de https://3dsecureB.sparda.de https://3dspayment.paylife.at https://6b0ad2e1-3ds.sibs.ro https://acs-trides2.asseco-see.hr https://acs.3ds-hanseaticbank.de https://acs.3dsecure.az https://acs.airplus.com https://acs.alfabank.kiev.ua https://acs.api.alignet.io https://acs.fssnet.co.in https://acs.gc.ge https://acs.kbcard.com https://acs.luminorgroup.com:443 https://acs.mashreq.com https://acs.mercurypaymentservices.it https://acs.netsgroup.com https://acs.paymaya.com https://acs.s2mgcc.com https://acs.sibs.pt https://acs.swisscard.ch https://acs.tbcbank.ge:443 https://acs.touch.tech https://acs.upc.ua https://acs1-3dsecure.cic.fr https://acs1-3dsecure.cm-cic.com https://acs1-3dsecure.creditmutuel.fr https://acs1-3dsecure.targobank.de https://acs1.3ds.modirum.com https://acs1.3dsecure.no https://acs1.edb.com https://acs1.luottokunta.fi https://acs1.mpts.modirum.com https://acs1.six-payment-services.com https://acs1.sparebank1.no https://acs1.swedbank.se https://acs1.viseca.ch https://acs2-3dsecure.cic.fr https://acs2-3dsecure.cm-cic.com https://acs2-3dsecure.creditmutuel.fr https://acs2-3dsecure.targobank.de https://acs2.3ds.modirum.com https://acs2.3dsecure.no https://acs2.a-bank.com.ua:443 https://acs2.arca.am https://acs2.bankofafrica.ma:443 https://acs2.edb.com https://acs2.estcard.ee https://acs2.kasikornbank.com https://acs2.luottokunta.fi https://acs2.mpts.modirum.com https://acs2.nedsecure.co.za https://acs2.rba.hr https://acs2.six-payment-services.com https://acs2.sparebank1.no https://acs2.swedbank.se https://acs2p.gpesecure.com https://acs3.3ds.modirum.com https://acs3.3dsecure.no https://acs3.edb.com https://acs3.sparebank1.no https://acs4.privatbank.ua https://acsabsa.bankserv.co.za https://acspa.petafuel.net https://acssbafrica.bankserv.co.za https://acssv.dskbank.bg https://acssv.otpbank.hu https://acsv2.centrum24.pl https://analytics.tiktok.com https://api.emv.acs.opentech.com https://aptopaysafe-vbv.mycardplace.com https://authentication-acs.marqeta.com https://authentication.cardinalcommerce.com https://authentication1.six-group.com https://authentication2.six-group.com https://bankieren.ideal.ing.nl https://belgium-3ds-bxl.wlp-acs.com https://belgium-3ds-vdm.wlp-acs.com https://betalen.rabobank.nl https://bezpecneplatby.rb.cz https://bfcoi-3ds-vdm.wlp-acs.com https://biztonsagikod.raiffeisen.hu https://bnpp-3ds-bxl.wlp-acs.com https://bnpp-3ds-vdm.wlp-acs.com https://boursorama-3ds-bxl.wlp-acs.com https://boursorama-3ds-vdm.wlp-acs.com https://bred-3ds-vdm.wlp-acs.com https://cacs-v2.icard.com https://cardsec.postfinance.ch https://cb2d09ce-3ds.sibs.ro https://checkout.trustly.com https://cimb-securee-pay.cimb.com https://clients.smartsecure.tsys.co.uk:443 https://credit-mutuel-3ds-vdm.wlp-acs.com https://crqsbiacs.sbi https://danskebank-3ds-bxl.wlp-acs.com https://danskebank-3ds-vdm.wlp-acs.com https://df0b7f32-3ds.sibs.ro https://diensten.asnbank.nl https://diensten.regiobank.nl https://diensten.snsbank.nl https://ecclients.btrl.ro https://emvacs.2c2p.com https://emvacs.bkm.com.tr https://esecure.sia.eu:443 https://family.ctbcbank.com https://forisau-vbv.mycardplace.com https://foriseu-vbv.mycardplace.com https://gateway2.tapngo.com.hk https://german-3ds-bxl.wlp-acs.com https://german-3ds-vdm.wlp-acs.com https://geschuetztkaufen1.commerzbank.de https://geschuetztkaufen2.commerzbank.de https://hsbc-3ds-bxl.wlp-acs.com https://hsbc-3ds-vdm.wlp-acs.com https://ideal.bunq.com https://ideal.ing.nl https://ideal.knab.nl https://ideal.triodos.nl https://ideal.vanlanschot.com https://ipay.bangkokbank.com https://labanquepostale-3ds-bxl.wlp-acs.com https://labanquepostale-3ds-vdm.wlp-acs.com https://luxembourg-3ds-bxl.wlp-acs.com https://luxembourg-3ds-vdm.wlp-acs.com https://lv-worldline-3ds-bxl.wlp-acs.com https://lv-worldline-3ds-vdm.wlp-acs.com https://mafrenchbank-3ds-vdm.wlp-acs.com https://mastercardidentitycheck.sparkassen-kreditkarten.de https://maybankcardsmsos.maybank.com.my https://mcconsumerv2.alahli.com https://mycardsecure.com https://natixispaymentsolutions-3ds-bxl.wlp-acs.com https://natixispaymentsolutions-3ds-vdm.wlp-acs.com https://neo-msc.mycardplace.com https://online.citadele.lv https://op-bxl.wlp-acs.com https://op-vdm.wlp-acs.com https://paas2.s2mgcc.com https://paiement1.secure.lcl.fr https://paiement2.secure.lcl.fr https://pay.eewosecure.com https://paymentauthenticationchallenge.apac.citibank.com https://paymentauthenticationchallenge2.apac.citibank.com https://paysecure2.bmci.ma https://pca3ds.gbp.ma:4443 https://postbank-3ds-bxl.wlp-acs.com https://postbank-3ds-vdm.wlp-acs.com https://ps4acs.netcetera-payment.ch https://secure-acs2ui-b1-indblr-blrtdc.wibmo.com https://secure-acs2ui-b1-indmum-mumrdc.wibmo.com https://secure.3ds.bonuscard.ch https://secure.3ds.cornercard.ch https://secure.dkb.de https://secure2.arcot.com https://secure4.arcot.com https://secure5.arcot.com https://secure7.arcot.com https://securepayment1.reisebank.de https://securepayment2.reisebank.de https://sg-3ds-bxl.wlp-acs.com https://sg-3ds-vdm.wlp-acs.com https://sgba-3ds-vdm.wlp-acs.com https://sicher-bezahlen.sparkasse.at https://ssl-prd-u7f-fo-acs-pa-casa-bxl.wlp-acs.com https://threedomainsecure.pekao24.pl https://tsys.arcot.com https://txn.apac.paywithpoli.com https://verify.monzo.com https://visa-secure-bxl.ing.de https://visa-secure-vdm.ing.de https://visasecure.sparkassen-kreditkarten.de https://visasecure1.comdirect.de https://visasecure1.consorsbank.de https://visasecure2.comdirect.de https://visasecure2.consorsbank.de https://wirexeu-msc.mycardplace.com https://www.abnamro.nl https://www.bankmillennium.pl https://www.centrum24.pl https://www.europabank.be https://www.ipko.pl https://www.mepsfpx.com.my https://www.rsa3dsauth.co.uk https://www.rsa3dsauth.com https://www.secure22gw.ro https://www.secure2gw.ro https://www.secure5gw.ro https://www.sofort.com https://www.zaba.hr https://*.jumio.ai https://westdemo.web.amer-1.jumio.ai https://uat.idmission.com https://kyc.idmission.com https://demo.idmission.com/apps/invokeApps https://demo.idmission.com https://api.myinfo.gov.sg https://test.api.myinfo.gov.sg https://app.referralsaasquatch.com https://fast.ssqt.io/* http://ssqt.co https://*.khipu.com https://js.khipu.com https://simpleui-au.vixverify.com https://simpleui-test-au.vixverify.com https://sydney.idscan.cloud https://au.vixverify.com https://test-au.vixverify.com https://prodoz.idscan.cloud https://hosted.mastersoftgroup.com/harmony/ https://auth.idmission.com https://websdk-cdn-dev.idmission.com https://cdn.jsdelivr.net https://storage.googleapis.com https://api.idmission.com https://portal-api.idmission.com 'strict-dynamic' 'unsafe-eval';
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
public, s-maxage=86400, immutable
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Mon, 15 Apr 2024 04:41:59 GMT
ETag
"f97eznpfe4110yy"
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
X-Powered-By
Next.js
access-control-max-age
86400
cache-control-max-age
86400
content-security-policy
frame-ancestors 'self';script-src 'nonce-H13Gh0LSKI7AlPgeppGYCZoWs2VmdRfz+pIGKVkUF3g=' 'self' https://*.pubmatic.com https://tpc.googlesyndication.com https://3ds2-sandbox.ckotech.co https://api.sandbox.checkout.com https://pay.uae.uat.wu.com https://*.contentsquare.net https://*.contentsquare.com https://*.dapi.com https://*.contentsquare.net https://*.contentsquare.com https://pgt.cbuaepay.ae/ https://edge.adobedc.net https://secure.quantserve.com https://a.tribalfusion.com https://westernunion-gb.admo.tv https://adservice.google.com https://www.googletagservices.com https://*.googlesyndication.com https://securepubads.g.doubleclick.net https://bat.bing.com/ https://*.demdex.net https://dpm.demdex.net https://www.gstatic.com https://cdn.cookielaw.org http://jssdkcdn.mparticle.com http://jssdkcdns.mparticle.com https://cdn.evergage.com https://cdn.branch.io https://cdn.quantummetric.com http://cdn.quantummetric.com https://ws.audioeye.com/ae.js https://mpsnare.iesnare.com wss://mpsnare.iesnare.com https://wsv3cdn.audioeye.com https://assets.adobedtm.com https://cdn.amplitude.com https://maps.googleapis.com https://geolocation.onetrust.com http://*.westernunion.com/ https://*.westernunion.com/ https://*.qualtrics.com https://*.cardinalcommerce.com https://songbird.cardinalcommerce.com/edge/v1/songbird.js https://*.siteintercept.qualtrics.com https://*.arcot.com https://*.touch.tech https://*.rsa3dsauth.com https://*.mycardplace.com https://0eaf.cardinalcommerce.com https://1eaf.cardinalcommerce.com https://3d-secure.areeba.com https://3d-secure.olb.de https://3d-secure.pluscard.de https://3d-secure.six-group.com https://3d-secure1.sbanken.no https://3d-secure2.sbanken.no https://3debspay.boc.cn https://3ds-b.live.ext.prod.enfuce.com https://3ds-challenge.n26.com https://3ds-n2.nbg.gr https://3ds-n3.nbg.gr https://3ds-secure.cardcomplete.com https://3ds.abanca.com https://3ds.bancochile.cl:443 https://3ds.bov.com https://3ds.consorsfinanz.de https://3ds.egcp.com https://3ds.inteligo.pl https://3ds.kaspi.kz https://3ds.kombank.com:8447 https://3ds.kredobank.com.ua https://3ds.nexigroup.com https://3ds.oschadbank.ua https://3ds.pkobp.pl https://3ds.pl.ing.com https://3ds.qnb.com https://3ds.redsys.es https://3ds.rpc-raiffeisen.com https://3ds.seglan.com https://3ds.sia.eu https://3ds2-visasecure.acdcproc.com https://3dsec.cardcenter.ch https://3dsec.postfinance.ch https://3dsecure-2.wirecard.com https://3dsecure-prd2.monext.fr https://3dsecure-vrp.de https://3dsecure.bnpparibas.pl https://3dsecure.csas.cz https://3dsecure.ing.ro https://3dsecure.mbank.pl https://3dsecure.monext.fr https://3dsecure.nexi.it https://3dsecure.psa.at https://3dsecure.raiffeisen.al https://3dsecure.raiffeisenbank.rs https://3dsecure.rhb.com.my https://3dsecure.sgb.pl https://3dsecure.slsp.sk https://3dsecure.sumup.com https://3dsecure.tatrabanka.sk https://3dsecureA.sparda.de https://3dsecureB.sparda.de https://3dspayment.paylife.at https://6b0ad2e1-3ds.sibs.ro https://acs-trides2.asseco-see.hr https://acs.3ds-hanseaticbank.de https://acs.3dsecure.az https://acs.airplus.com https://acs.alfabank.kiev.ua https://acs.api.alignet.io https://acs.fssnet.co.in https://acs.gc.ge https://acs.kbcard.com https://acs.luminorgroup.com:443 https://acs.mashreq.com https://acs.mercurypaymentservices.it https://acs.netsgroup.com https://acs.paymaya.com https://acs.s2mgcc.com https://acs.sibs.pt https://acs.swisscard.ch https://acs.tbcbank.ge:443 https://acs.touch.tech https://acs.upc.ua https://acs1-3dsecure.cic.fr https://acs1-3dsecure.cm-cic.com https://acs1-3dsecure.creditmutuel.fr https://acs1-3dsecure.targobank.de https://acs1.3ds.modirum.com https://acs1.3dsecure.no https://acs1.edb.com https://acs1.luottokunta.fi https://acs1.mpts.modirum.com https://acs1.six-payment-services.com https://acs1.sparebank1.no https://acs1.swedbank.se https://acs1.viseca.ch https://acs2-3dsecure.cic.fr https://acs2-3dsecure.cm-cic.com https://acs2-3dsecure.creditmutuel.fr https://acs2-3dsecure.targobank.de https://acs2.3ds.modirum.com https://acs2.3dsecure.no https://acs2.a-bank.com.ua:443 https://acs2.arca.am https://acs2.bankofafrica.ma:443 https://acs2.edb.com https://acs2.estcard.ee https://acs2.kasikornbank.com https://acs2.luottokunta.fi https://acs2.mpts.modirum.com https://acs2.nedsecure.co.za https://acs2.rba.hr https://acs2.six-payment-services.com https://acs2.sparebank1.no https://acs2.swedbank.se https://acs2p.gpesecure.com https://acs3.3ds.modirum.com https://acs3.3dsecure.no https://acs3.edb.com https://acs3.sparebank1.no https://acs4.privatbank.ua https://acsabsa.bankserv.co.za https://acspa.petafuel.net https://acssbafrica.bankserv.co.za https://acssv.dskbank.bg https://acssv.otpbank.hu https://acsv2.centrum24.pl https://analytics.tiktok.com https://api.emv.acs.opentech.com https://aptopaysafe-vbv.mycardplace.com https://authentication-acs.marqeta.com https://authentication.cardinalcommerce.com https://authentication1.six-group.com https://authentication2.six-group.com https://bankieren.ideal.ing.nl https://belgium-3ds-bxl.wlp-acs.com https://belgium-3ds-vdm.wlp-acs.com https://betalen.rabobank.nl https://bezpecneplatby.rb.cz https://bfcoi-3ds-vdm.wlp-acs.com https://biztonsagikod.raiffeisen.hu https://bnpp-3ds-bxl.wlp-acs.com https://bnpp-3ds-vdm.wlp-acs.com https://boursorama-3ds-bxl.wlp-acs.com https://boursorama-3ds-vdm.wlp-acs.com https://bred-3ds-vdm.wlp-acs.com https://cacs-v2.icard.com https://cardsec.postfinance.ch https://cb2d09ce-3ds.sibs.ro https://checkout.trustly.com https://cimb-securee-pay.cimb.com https://clients.smartsecure.tsys.co.uk:443 https://credit-mutuel-3ds-vdm.wlp-acs.com https://crqsbiacs.sbi https://danskebank-3ds-bxl.wlp-acs.com https://danskebank-3ds-vdm.wlp-acs.com https://df0b7f32-3ds.sibs.ro https://diensten.asnbank.nl https://diensten.regiobank.nl https://diensten.snsbank.nl https://ecclients.btrl.ro https://emvacs.2c2p.com https://emvacs.bkm.com.tr https://esecure.sia.eu:443 https://family.ctbcbank.com https://forisau-vbv.mycardplace.com https://foriseu-vbv.mycardplace.com https://gateway2.tapngo.com.hk https://german-3ds-bxl.wlp-acs.com https://german-3ds-vdm.wlp-acs.com https://geschuetztkaufen1.commerzbank.de https://geschuetztkaufen2.commerzbank.de https://hsbc-3ds-bxl.wlp-acs.com https://hsbc-3ds-vdm.wlp-acs.com https://ideal.bunq.com https://ideal.ing.nl https://ideal.knab.nl https://ideal.triodos.nl https://ideal.vanlanschot.com https://ipay.bangkokbank.com https://labanquepostale-3ds-bxl.wlp-acs.com https://labanquepostale-3ds-vdm.wlp-acs.com https://luxembourg-3ds-bxl.wlp-acs.com https://luxembourg-3ds-vdm.wlp-acs.com https://lv-worldline-3ds-bxl.wlp-acs.com https://lv-worldline-3ds-vdm.wlp-acs.com https://mafrenchbank-3ds-vdm.wlp-acs.com https://mastercardidentitycheck.sparkassen-kreditkarten.de https://maybankcardsmsos.maybank.com.my https://mcconsumerv2.alahli.com https://mycardsecure.com https://natixispaymentsolutions-3ds-bxl.wlp-acs.com https://natixispaymentsolutions-3ds-vdm.wlp-acs.com https://neo-msc.mycardplace.com https://online.citadele.lv https://op-bxl.wlp-acs.com https://op-vdm.wlp-acs.com https://paas2.s2mgcc.com https://paiement1.secure.lcl.fr https://paiement2.secure.lcl.fr https://pay.eewosecure.com https://paymentauthenticationchallenge.apac.citibank.com https://paymentauthenticationchallenge2.apac.citibank.com https://paysecure2.bmci.ma https://pca3ds.gbp.ma:4443 https://postbank-3ds-bxl.wlp-acs.com https://postbank-3ds-vdm.wlp-acs.com https://ps4acs.netcetera-payment.ch https://secure-acs2ui-b1-indblr-blrtdc.wibmo.com https://secure-acs2ui-b1-indmum-mumrdc.wibmo.com https://secure.3ds.bonuscard.ch https://secure.3ds.cornercard.ch https://secure.dkb.de https://secure2.arcot.com https://secure4.arcot.com https://secure5.arcot.com https://secure7.arcot.com https://securepayment1.reisebank.de https://securepayment2.reisebank.de https://sg-3ds-bxl.wlp-acs.com https://sg-3ds-vdm.wlp-acs.com https://sgba-3ds-vdm.wlp-acs.com https://sicher-bezahlen.sparkasse.at https://ssl-prd-u7f-fo-acs-pa-casa-bxl.wlp-acs.com https://threedomainsecure.pekao24.pl https://tsys.arcot.com https://txn.apac.paywithpoli.com https://verify.monzo.com https://visa-secure-bxl.ing.de https://visa-secure-vdm.ing.de https://visasecure.sparkassen-kreditkarten.de https://visasecure1.comdirect.de https://visasecure1.consorsbank.de https://visasecure2.comdirect.de https://visasecure2.consorsbank.de https://wirexeu-msc.mycardplace.com https://www.abnamro.nl https://www.bankmillennium.pl https://www.centrum24.pl https://www.europabank.be https://www.ipko.pl https://www.mepsfpx.com.my https://www.rsa3dsauth.co.uk https://www.rsa3dsauth.com https://www.secure22gw.ro https://www.secure2gw.ro https://www.secure5gw.ro https://www.sofort.com https://www.zaba.hr https://*.jumio.ai https://westdemo.web.amer-1.jumio.ai https://uat.idmission.com https://kyc.idmission.com https://demo.idmission.com/apps/invokeApps https://demo.idmission.com https://api.myinfo.gov.sg https://test.api.myinfo.gov.sg https://app.referralsaasquatch.com https://fast.ssqt.io/* http://ssqt.co https://*.khipu.com https://js.khipu.com https://simpleui-au.vixverify.com https://simpleui-test-au.vixverify.com https://sydney.idscan.cloud https://au.vixverify.com https://test-au.vixverify.com https://prodoz.idscan.cloud https://hosted.mastersoftgroup.com/harmony/ https://auth.idmission.com https://websdk-cdn-dev.idmission.com https://cdn.jsdelivr.net https://storage.googleapis.com https://api.idmission.com https://portal-api.idmission.com 'strict-dynamic' 'unsafe-eval';
wu-csp-nonce
H13Gh0LSKI7AlPgeppGYCZoWs2VmdRfz+pIGKVkUF3g=
globals.css
8.43.80.38/exp-static-assets/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-static-assets/globals.css
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
ab67beed7e00d9138cbcf786f2e4efffeacc584e3763101827f67ee589d0567e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:41:59 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:23:48 GMT
X-Powered-By
Express
ETag
W/"2912-18ec487f420"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
text/css; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=0
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
b431a148a3b17054.css
8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/css/ 		481 KB
67 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/css/b431a148a3b17054.css
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
0c2b9d4d0fbccc0ba65b71f3f5c958dc6e6486afb7a45fe4fe1ff1f09efd34fa
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:41:59 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:50:22 GMT
X-Powered-By
Express
ETag
W/"78243-18ec4a046b0"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
text/css; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=31536000, immutable
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
0093dfc35a2beb44.css
8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/css/ 		41 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/css/0093dfc35a2beb44.css
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
eaa59773025b698c2a2b1d249e0d0824c1dc58f912475bec23d7a7ea70d372f8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:41:59 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:50:23 GMT
X-Powered-By
Express
ETag
W/"a4f7-18ec4a04a98"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
text/css; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=31536000, immutable
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
bb0b3381d0aebbe6.css
8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/css/bb0b3381d0aebbe6.css
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
5f7f1559e7b5afa461d0362f3c4341efe0caed94b12db49ebc2765a9f18ed58b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:41:59 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:50:22 GMT
X-Powered-By
Express
ETag
W/"1086-18ec4a046b0"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
text/css; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=31536000, immutable
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
webpack-5d4806e5f0c97502.js
8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/webpack-5d4806e5f0c97502.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
bb749d5e339e1e7bdfc6c56f956dffba83ba99d6825d6bf7816c622238ecab9d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:41:59 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:50:23 GMT
X-Powered-By
Express
ETag
W/"28f2-18ec4a04a98"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=31536000, immutable
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
framework-4e8a62f770b19b63.js
8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/ 		207 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/framework-4e8a62f770b19b63.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
4fdf28314853fd8d26f3f47630675627065b33d3ae41ab4c648bb81f71142eee
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:41:59 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:50:23 GMT
X-Powered-By
Express
ETag
W/"33b5e-18ec4a04a98"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=31536000, immutable
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
main-77ec44a651c96025.js
8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/ 		128 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/main-77ec44a651c96025.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
ad86fb1e7c6f08f6366eeb2f2a973673b0433a1cd66fee4923eaa29fee3d729f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:41:59 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:50:22 GMT
X-Powered-By
Express
ETag
W/"200b7-18ec4a046b0"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=31536000, immutable
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
_app-b77325822c078ba8.js
8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/pages/ 		8 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/pages/_app-b77325822c078ba8.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
6e580e81fe25b4b2220f909df05ec7cd342cb5dbed8082dc0ae25c25ba3a4068
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:41:59 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:50:22 GMT
X-Powered-By
Express
ETag
W/"84c657-18ec4a046b0"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=31536000, immutable
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
4410-4893d05349d64bae.js
8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/4410-4893d05349d64bae.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
ea13a2f47c99087dec4d5183513c3081f3d22b9f2f5547f17aab997f532893b8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:41:59 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:50:23 GMT
X-Powered-By
Express
ETag
W/"1c93-18ec4a04a98"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=31536000, immutable
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
8635-fba1fea46c5aeb67.js
8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/ 		75 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/8635-fba1fea46c5aeb67.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
ff5a774c9a9a5b8f1d287a578f136cc35f2f4ea256842908e42692ff0b11311f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:00 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:50:23 GMT
X-Powered-By
Express
ETag
W/"12d0f-18ec4a04a98"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=31536000, immutable
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
login-8388b0722310edf7.js
8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/pages/%5BcountryCode%5D/%5BlangCode%5D/%5BpartnerName%5D/user/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/pages/%5BcountryCode%5D/%5BlangCode%5D/%5BpartnerName%5D/user/login-8388b0722310edf7.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
a61c5e23197b23151b277fb52588e7c5dc2d9ece10e9b721e3acd01d2f7570a4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:00 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:50:22 GMT
X-Powered-By
Express
ETag
W/"afb1-18ec4a046b0"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=31536000, immutable
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
_buildManifest.js
8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/mD31PWHkLDWAoJ89K1kjV/ 		69 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/mD31PWHkLDWAoJ89K1kjV/_buildManifest.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
339c311696518bbb0d044e9dd105fc4d9a256828c66880dd1397a8f59ce67d2c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:00 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:50:22 GMT
X-Powered-By
Express
ETag
W/"1148c-18ec4a046b0"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=31536000, immutable
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
_ssgManifest.js
8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/mD31PWHkLDWAoJ89K1kjV/ 		77 B
512 B 		Script
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/mD31PWHkLDWAoJ89K1kjV/_ssgManifest.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:00 GMT
cache-control-max-age
86400
Last-Modified
Tue, 09 Apr 2024 20:50:22 GMT
X-Powered-By
Express
ETag
W/"4d-18ec4a046b0"
X-Frame-Options
SAMEORIGIN
access-control-max-age
86400
Content-Type
application/javascript; charset=UTF-8
Vary
Accept-Encoding
Cache-Control
public, max-age=31536000, immutable
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
77
logo-big.svg
8.43.80.38/exp-static-assets/svg-icons/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://8.43.80.38/exp-static-assets/svg-icons/logo-big.svg
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
fec64419d338779fb8f45a0c2a925e2e644109e75059e128d98301d14ea9864b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:00 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:23:49 GMT
X-Powered-By
Express
ETag
W/"e68-18ec487f808"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
image/svg+xml
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=0
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
logo-small.svg
8.43.80.38/exp-static-assets/svg-icons/ 		449 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://8.43.80.38/exp-static-assets/svg-icons/logo-small.svg
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
ff8e9663d74c9eb3e27f9aad666b360449fa6fde945c9bdf5a3510d4e15a846e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:00 GMT
cache-control-max-age
86400
Last-Modified
Tue, 09 Apr 2024 20:23:49 GMT
X-Powered-By
Express
ETag
W/"1c1-18ec487f808"
X-Frame-Options
SAMEORIGIN
access-control-max-age
86400
Content-Type
image/svg+xml
Vary
Accept-Encoding
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
449
icon-sm-facebook.svg
8.43.80.38/exp-static-assets/svg-icons/social-icon-svgs/ 		631 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://8.43.80.38/exp-static-assets/svg-icons/social-icon-svgs/icon-sm-facebook.svg
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
fe8ccb3fd712e6a9594fab7b1de692bb0dfa7857e4b330bb7a67faea755b2f8c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:00 GMT
cache-control-max-age
86400
Last-Modified
Tue, 09 Apr 2024 20:23:49 GMT
X-Powered-By
Express
ETag
W/"277-18ec487f808"
X-Frame-Options
SAMEORIGIN
access-control-max-age
86400
Content-Type
image/svg+xml
Vary
Accept-Encoding
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
631
icon-sm-youtube.svg
8.43.80.38/exp-static-assets/svg-icons/social-icon-svgs/ 		1001 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://8.43.80.38/exp-static-assets/svg-icons/social-icon-svgs/icon-sm-youtube.svg
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
19899ddabb8f22569bfaebded111382a4f889f56339fb8b04d0c68416f4bb197
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:00 GMT
cache-control-max-age
86400
Last-Modified
Tue, 09 Apr 2024 20:23:49 GMT
X-Powered-By
Express
ETag
W/"3e9-18ec487f808"
X-Frame-Options
SAMEORIGIN
access-control-max-age
86400
Content-Type
image/svg+xml
Vary
Accept-Encoding
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1001
icon-sm-instagram.svg
8.43.80.38/exp-static-assets/svg-icons/social-icon-svgs/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://8.43.80.38/exp-static-assets/svg-icons/social-icon-svgs/icon-sm-instagram.svg
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
fc90e6ed9b1462aadfe1a9d3150d3c07921930ea8276f4fa1a484913df002d44
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:00 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:23:49 GMT
X-Powered-By
Express
ETag
W/"909-18ec487f808"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
image/svg+xml
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=0
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
icon-sm-twitter.svg
8.43.80.38/exp-static-assets/svg-icons/social-icon-svgs/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://8.43.80.38/exp-static-assets/svg-icons/social-icon-svgs/icon-sm-twitter.svg
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
e2d9c8180f77127bccc0ea42fe06e0d880414ca38ff2204a5b64e5a4bb5cbbe8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:00 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:23:49 GMT
X-Powered-By
Express
ETag
W/"4ba-18ec487f808"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
image/svg+xml
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=0
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
logo-text.svg
8.43.80.38/exp-static-assets/svg-icons/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://8.43.80.38/exp-static-assets/svg-icons/logo-text.svg
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
910c61ad5012c15c0c0158c4cf4469cfd65c338f7032b7dc8d8ca33d7e60b29a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:00 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:23:49 GMT
X-Powered-By
Express
ETag
W/"e05-18ec487f808"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
image/svg+xml
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=0
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
util_240409-070000-215d5c3879_24.03.5.1.js
8.43.80.38/exp-static-assets/vendor/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-static-assets/vendor/util_240409-070000-215d5c3879_24.03.5.1.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
257b06b3cf071ced8eb3407213054b7bc7844dca7662ecfed636f344f2ca1bcf
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:00 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:23:49 GMT
X-Powered-By
Express
ETag
W/"7abf-18ec487f808"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=0
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
outage-configuration.js
8.43.80.38/content/wucom/outage-banner/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/content/wucom/outage-banner/outage-configuration.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:00 GMT
Content-Security-Policy
default-src 'none'
X-Content-Type-Options
nosniff
X-Powered-By
Express
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Connection
keep-alive
Content-Length
190
outage-banner-logic-r4.js
8.43.80.38/content/wucom/outage-banner/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/content/wucom/outage-banner/outage-banner-logic-r4.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:00 GMT
Content-Security-Policy
default-src 'none'
X-Content-Type-Options
nosniff
X-Powered-By
Express
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Connection
keep-alive
Content-Length
192
Roboto-Regular.ttf
8.43.80.38/exp-static-assets/fonts/roboto/ 		168 KB
89 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-static-assets/fonts/roboto/Roboto-Regular.ttf
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/exp-static-assets/globals.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/exp-static-assets/globals.css
Origin
https://8.43.80.38
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:00 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:23:48 GMT
X-Powered-By
Express
ETag
W/"29e9c-18ec487f420"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
font/ttf
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=0
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
PPRightGrotesk-WideMedium.ttf
8.43.80.38/exp-static-assets/fonts/pprightgrotesk/ 		131 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-static-assets/fonts/pprightgrotesk/PPRightGrotesk-WideMedium.ttf
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/exp-static-assets/globals.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
0a187915d115d0a02f7805de98394a704d92f73ce761fd72c7fc2c5e1f940379
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/exp-static-assets/globals.css
Origin
https://8.43.80.38
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:00 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:23:48 GMT
X-Powered-By
Express
ETag
W/"20ca0-18ec487f420"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
font/ttf
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=0
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
launch-4547d5af58c0.min.js
assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/ 		706 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/launch-4547d5af58c0.min.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/exp-static-assets/vendor/util_240409-070000-215d5c3879_24.03.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c3515e31c3fd9db9136263199a6277079be29d1f9fe1f0ada17dc74e861c8362

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 04:42:00 GMT
content-encoding
gzip
last-modified
Fri, 12 Apr 2024 15:18:12 GMT
server
AkamaiNetStorage
etag
"13d25c11204cf48daa25108521ca5830:1712935092.441759"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://8.43.80.38
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
144271
expires
Mon, 15 Apr 2024 05:42:00 GMT
evergage.min.js
cdn.evergage.com/beacon/westernunion/ca_uat_web_responsive/scripts/ 		347 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.evergage.com/beacon/westernunion/ca_uat_web_responsive/scripts/evergage.min.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/exp-static-assets/vendor/util_240409-070000-215d5c3879_24.03.5.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a05b5453afedc2aa67051cbefb9994a6043231220a82e505dc1b5867f6f101c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
iFL_FqUTPGV_9lEXvHM.7dVtc8H5YjXw
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Mon, 15 Apr 2024 04:42:00 GMT
x-amz-request-id
N0HZRPW1HF1M7D6B
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
x-amz-replication-status
COMPLETED
content-length
112442
x-amz-id-2
W/rSmyBPVslfnOM0vSKAVVtCkqr8ilnldQ8yfVoPBvbuuISNGbU+Sln9XwW/DrLVR9T7FCr+Ofc=
x-served-by
cache-iad-kcgs7200086-IAD, cache-fra-eddf8230056-FRA
x-amz-meta-evergage-sum
2d06b1da371d97234201d5f192422684ce33d4d4
last-modified
Mon, 08 Apr 2024 17:21:47 GMT
server
AmazonS3
x-timer
S1713156120.321777,VS0,VE109
etag
"9025196c90d465bbc2ef38d3fa6b679f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=120
accept-ranges
bytes
timing-allow-origin
*
x-amz-meta-evergage-beacon-ver
14
x-cache-hits
8, 0
quantum-wutest.js
cdn.quantummetric.com/qscripts/ 		329 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.quantummetric.com/qscripts/quantum-wutest.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/exp-static-assets/vendor/util_240409-070000-215d5c3879_24.03.5.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:34fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
673705a57a02153606a907a7b7fa0f180bfec9375eb52b787be6b0a60ec13c65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options no-sniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 04:42:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
no-sniff
cf-cache-status
EXPIRED
content-encoding
br
server
cloudflare
etag
W/"171268847580817125957944131713081602018"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
x-robots-tag
noindex
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
alt-svc
h3=":443"; ma=86400
cf-ray
87494437ffa818d8-FRA
ae.js
ws.audioeye.com/ 		1 KB
696 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.audioeye.com/ae.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/exp-static-assets/vendor/util_240409-070000-215d5c3879_24.03.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56ddebf765baaa81a520ac900a5d62c1261bbbe55ec697354f68c989f1564f70

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 04:42:00 GMT
content-encoding
br
surrogate-keys
cf-cache-status
HIT
server
cloudflare
age
77
etag
W/"64be54646eaee1d2b22b083dcc7fe2e0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=120
cf-ray
874944381ff22c4f-FRA
songbird.js
songbirdstag.cardinalcommerce.com/edge/v1/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://songbirdstag.cardinalcommerce.com/edge/v1/songbird.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/exp-static-assets/vendor/util_240409-070000-215d5c3879_24.03.5.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98bc8d2ab3fcba4ad61c8394c02055d5b69c12eaf380c263b3f7f4ed08597360
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 04:42:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1701
cf-polished
origSize=4950
cf-bgj
minify
last-modified
Tue, 01 Mar 2022 19:58:10 GMT
server
cloudflare
etag
W/"0f522ada62dd81:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K5L%2F8%2Ffc8EUnofIAyhAlnk0wA8zgltAsYCgY56o0q8vH2Cjq5gaGmzcTdOTc6JbIG7WBkr4jOHL5uZe%2FJOoCcjHkitUBJx00BWzY1waiLany0JToMAhgOUXo0H01docdSkW4XsDXmSUEBGYu9n0XI1kfDgXqhzDpoaT9lyvysA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
874944380c763813-FRA
expires
Mon, 15 Apr 2024 08:42:00 GMT
mparticle.js
jssdkcdns.mparticle.com/js/v2/us1-d3c3f9d925e81f44bfa4b45141e08492/ 		175 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jssdkcdns.mparticle.com/js/v2/us1-d3c3f9d925e81f44bfa4b45141e08492/mparticle.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/exp-static-assets/vendor/util_240409-070000-215d5c3879_24.03.5.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
9e817ad5553c9b855980839e95d34a98b0d04c0b9da9b8aac18f10b1a3c10cd1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kiad7000021-IAD, cache-fra-eddf8230064-FRA
date
Mon, 15 Apr 2024 04:42:00 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
server
Kestrel
age
43
x-timer
S1713156120.320888,VS0,VE1
x-origin-name
fastlyshield--shield_ssl_cache_iad_kiad7000021_IAD
x-cache
HIT, HIT
content-type
application/javascript
vary
Accept, Accept-Encoding
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
45322
x-cache-hits
28, 1
branch-latest.min.js
cdn.branch.io/ 		75 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.branch.io/branch-latest.min.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-59.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8c436394846ea20127a8db032f848015d4d239789429b7e0202609089b5525a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
JdSJSDd4bnNFPjlwdZ2RC7ixUU_rrhPQ
content-encoding
gzip
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
date
Mon, 15 Apr 2024 04:40:58 GMT
last-modified
Wed, 10 Apr 2024 21:44:10 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
age
93
etag
"f4ec9657a3dc111d088e2eca7b9796a4"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=300
content-length
23431
x-amz-cf-id
N4i1YGRt6B5JCfdgBwrhtTA32v933CF1z2XYTh00rnQIBPqxpL3z4Q==
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://8.43.80.38
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
2585
date
Mon, 15 Apr 2024 04:42:00 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
954
x-fastly-trace-id
1055503343
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-fra-eddf8230123-FRA
x-timer
S1713156120.377930,VS0,VE0
identify
identity.mparticle.com/v1/ 		223 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-d3c3f9d925e81f44bfa4b45141e08492/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c296b44d3a18bbc7103ac9eb06250d36356dc016b0bad4a2cc97d006eb40e83c
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
x-mp-key
us1-d3c3f9d925e81f44bfa4b45141e08492
Referer
https://8.43.80.38/
sec-ch-ua-platform
"Win32"

Response headers

x-mp-trace-id
661cb018db412b1ed97d082b452cc87a
date
Mon, 15 Apr 2024 04:42:00 GMT
content-encoding
gzip
via
1.1 varnish
x-mp-max-age
86400
strict-transport-security
max-age=900
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache
MISS
x-served-by
cache-fra-eddf8230123-FRA
server
Kestrel
x-timer
S1713156120.385031,VS0,VE114
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-MP-Max-Age
x-fastly-trace-id
1055503388
accept-ranges
bytes
x-cache-hits
0
bootstrap.js
wsv3cdn.audioeye.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://wsv3cdn.audioeye.com/bootstrap.js?d=8.43.80.38&cb=226608b
Requested by
Host: ws.audioeye.com
URL: https://ws.audioeye.com/ae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:277d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 04:42:01 GMT
cf-cache-status
MISS
server
cloudflare
cf-ray
874944387b67a01e-FRA
content-length
0
vary
Accept-Encoding
5.a960453caa80548c4a43.songbird.js
songbirdstag.cardinalcommerce.com/edge/v1/a960453caa80548c4a43/ 		388 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://songbirdstag.cardinalcommerce.com/edge/v1/a960453caa80548c4a43/5.a960453caa80548c4a43.songbird.js
Requested by
Host: songbirdstag.cardinalcommerce.com
URL: https://songbirdstag.cardinalcommerce.com/edge/v1/songbird.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fbe342adbdff73a5b3ce23bc7cf241b9d68c05ce72979cd086f0dba5a817f26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Origin
https://8.43.80.38
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 04:42:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified
Tue, 01 Mar 2022 19:58:10 GMT
server
cloudflare
etag
"0f522ada62dd81:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X8rh1XuUeZJ9fKEatTXEEXA%2BJpfPwyUFw2lNgjiBxx1M5AiU2PqHuc8jZKRPzXZT29IBzO2VhHrcokZqaZVp43YmTWr%2Fh25DJ0D4xatWGn60COQ3TgqbsQVVUb%2F%2FhPC8AeUMslPmmwWVff3dsIYzm6OQxLS0%2BAEv5XS1mRoWgw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=15552000
cf-ray
874944386b2c9211-FRA
expires
Sat, 12 Oct 2024 04:42:00 GMT
_r
app.link/ 		91 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.link/_r?sdk=web2.85.0&branch_key=key_test_peb7TqvC8DB8xsaFaEATMbdnFxfzneuK&callback=branch_callback__0
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:c00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
ef39442ab0343e9634a309c3869644e17bca185dfcd6a7cb949b0e862541de12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 04:42:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 e33c4b19512a86c5972c18d1c60d21f8.cloudfront.net (CloudFront)
server
openresty
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
x-amz-cf-pop
MUC50-P2
etag
W/"5b-wj2wi9OKMFvWXJyYC+neXArUTYI"
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
content-length
91
x-amz-cf-id
Gz9_p4iMwc2FeMyXlB99PT1xaAaXLsCLIsvjjZdhQTrYog0Erlv0Cg==
twreceiver
westernunion.evergage.com/ 		46 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://westernunion.evergage.com/twreceiver?_r=222487&_ak=westernunion&_ds=ca_uat_web_responsive&.anonId=16ffe133617bb8fe&_anon=true&url=https%3A%2F%2F8.43.80.38%2Fca%2Fen%2Fweb%2Fuser%2Flogin&title=Western%20Union&.pt=11&.bt=153&.pv=&.bv=14&.scv=2
Requested by
Host: cdn.evergage.com
URL: https://cdn.evergage.com/beacon/westernunion/ca_uat_web_responsive/scripts/evergage.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.124.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-124-59.compute-1.amazonaws.com
Software
/
Resource Hash
c4eba59ed4342c130bb5d6ebf9d415716996f9da8f0848fe32a51656170ccfcd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://8.43.80.38
date
Mon, 15 Apr 2024 04:42:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
timing-allow-origin
*
vary
accept-encoding
content-type
application/json;charset=UTF-8
events
jssdks.mparticle.com/v3/JS/us1-d3c3f9d925e81f44bfa4b45141e08492/ 		41 B
154 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v3/JS/us1-d3c3f9d925e81f44bfa4b45141e08492/events
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-d3c3f9d925e81f44bfa4b45141e08492/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
a1a71fe53a8e24bc11d300d9bbff86b60c6ce34c4f667b9cf9cde2febbd34f4c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Accept
text/plain;charset=UTF-8
Referer
https://8.43.80.38/
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-fra-eddf8230031-FRA
x-mp-trace-id
661cb0188e08bfb05d5f0246772111c4
date
Mon, 15 Apr 2024 04:42:00 GMT
content-encoding
gzip
via
1.1 varnish
server
Kestrel
x-timer
S1713156121.543076,VS0,VE2
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
events
jssdks.mparticle.com/v3/JS/us1-d3c3f9d925e81f44bfa4b45141e08492/ 		41 B
162 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v3/JS/us1-d3c3f9d925e81f44bfa4b45141e08492/events
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-d3c3f9d925e81f44bfa4b45141e08492/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
a1a71fe53a8e24bc11d300d9bbff86b60c6ce34c4f667b9cf9cde2febbd34f4c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Accept
text/plain;charset=UTF-8
Referer
https://8.43.80.38/
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-fra-eddf8230031-FRA
x-mp-trace-id
661cb018199ecee05317f05d5e21cd6d
date
Mon, 15 Apr 2024 04:42:00 GMT
content-encoding
gzip
via
1.1 varnish
server
Kestrel
x-timer
S1713156121.543022,VS0,VE7
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
events
jssdks.mparticle.com/v3/JS/us1-d3c3f9d925e81f44bfa4b45141e08492/ 		41 B
343 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v3/JS/us1-d3c3f9d925e81f44bfa4b45141e08492/events
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-d3c3f9d925e81f44bfa4b45141e08492/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
a1a71fe53a8e24bc11d300d9bbff86b60c6ce34c4f667b9cf9cde2febbd34f4c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Accept
text/plain;charset=UTF-8
Referer
https://8.43.80.38/
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-fra-eddf8230031-FRA
x-mp-trace-id
661cb018d5792896a6ae0c0b754a58fd
date
Mon, 15 Apr 2024 04:42:00 GMT
content-encoding
gzip
via
1.1 varnish
server
Kestrel
x-timer
S1713156121.543005,VS0,VE2
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
open
api2.branch.io/v1/ 		310 B
703 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.branch.io/v1/open
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Branch
Resource Hash
0924703dedc11aba06b50618755d819568eda6df281858c56f999921f0398032
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 15 Apr 2024 04:42:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 21be3420a436f8727342146a9b19af68.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
x-powered-by
Branch
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
x-branch-request-id
f9b24c54-851c-41ef-9282-9385d93aa955-2024041504
content-length
310
x-amz-cf-id
zLq1vWN1M-JvD5-SSdBzOUvee_CIAU6j41nFgabxBqugnpFXgH2vVg==
pageview
api2.branch.io/v1/ 		29 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.branch.io/v1/pageview
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Branch
Resource Hash
c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 15 Apr 2024 04:42:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 21be3420a436f8727342146a9b19af68.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
x-powered-by
Branch
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
content-length
29
x-amz-cf-id
oGSF5AbtZ3bVYAyYsHlB5DNM0U2xcp-QijdfAS426EqoOdHclfJYig==
msreceiver
westernunion.evergage.com/ 		0
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://westernunion.evergage.com/msreceiver?_r=867014&_ak=westernunion&_ds=ca_uat_web_responsive&.anonId=16ffe133617bb8fe&_anon=true&.cStat=%5B%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22DeW88%22%2C%22stat%22%3A%22i%22%7D%5D%2C%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22zPRly%22%2C%22stat%22%3A%22i%22%7D%5D%2C%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22lEvJf%22%2C%22stat%22%3A%22i%22%7D%5D%2C%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22ZNQ6D%22%2C%22stat%22%3A%22i%22%7D%5D%2C%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22x7pun%22%2C%22stat%22%3A%22i%22%7D%5D%2C%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%222aVsQ%22%2C%22stat%22%3A%22i%22%7D%5D%2C%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%2228mRW%22%2C%22stat%22%3A%22i%22%7D%5D%2C%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22G13Er%22%2C%22stat%22%3A%22i%22%7D%5D%2C%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22DZD6a%22%2C%22stat%22%3A%22i%22%7D%5D%2C%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22y5SWR%22%2C%22stat%22%3A%22i%22%7D%5D%2C%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22bHsdm%22%2C%22stat%22%3A%22i%22%7D%5D%2C%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22GmXuP%22%2C%22stat%22%3A%22i%22%7D%5D%2C%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22NIqqw%22%2C%22stat%22%3A%22i%22%7D%5D%2C%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22MUYLV%22%2C%22stat%22%3A%22i%22%7D%5D%2C%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22GtFuy%22%2C%22stat%22%3A%22i%22%7D%5D%2C%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22TboCJ%22%2C%22stat%22%3A%22i%22%7D%5D%2C%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22jlNtX%22%2C%22stat%22%3A%22i%22%7D%5D%2C%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22mrZaD%22%2C%22stat%22%3A%22i%22%7D%5D%2C%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22krhkx%22%2C%22stat%22%3A%22i%22%7D%5D%2C%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%224OBVe%22%2C%22stat%22%3A%22i%22%7D%5D%2C%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22xLwQm%22%2C%22stat%22%3A%22i%22%7D%5D%2C%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22obnox%22%2C%22stat%22%3A%22i%22%7D%5D%2C%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22mp2Gd%22%2C%22stat%22%3A%22i%22%7D%5D%2C%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22UZo5J%22%2C%22stat%22%3A%22i%22%7D%5D%2C%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22MNZnt%22%2C%22stat%22%3A%22i%22%7D%5D%2C%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22km3GU%22%2C%22stat%22%3A%22i%22%7D%5D%2C%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%226EpLn%22%2C%22stat%22%3A%22i%22%7D%5D%2C%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22lOER5%22%2C%22stat%22%3A%22i%22%7D%5D%2C%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22nucp1%22%2C%22stat%22%3A%22i%22%7D%5D%2C%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22BM8Qi%22%2C%22stat%22%3A%22i%22%7D%5D%2C%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22A6qPQ%22%2C%22stat%22%3A%22i%22%7D%5D%2C%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22KChfY%22%2C%22stat%22%3A%22i%22%7D%5D%2C%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22lSmmQ%22%2C%22stat%22%3A%22i%22%7D%5D%5D&.bv=14&.scv=2
Requested by
Host: cdn.evergage.com
URL: https://cdn.evergage.com/beacon/westernunion/ca_uat_web_responsive/scripts/evergage.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.124.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-124-59.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://8.43.80.38
date
Mon, 15 Apr 2024 04:42:00 GMT
x-content-type-options
nosniff
timing-allow-origin
*
rd
westernunion.demdex.net/id/
Redirect Chain
  • https://westernunion.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AACD3BC75245B4940A490D4D%40AdobeOrg&d_nsid=0&ts=1713156120950
  • https://westernunion.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AACD3BC75245B4940A490D4D%40AdobeOrg&d_nsid=0&ts=1713156120950
371 B
911 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://westernunion.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AACD3BC75245B4940A490D4D%40AdobeOrg&d_nsid=0&ts=1713156120950
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
H2
Server
54.170.203.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-203-21.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
64c0d1f4124db3585579dd821c985412711c55aa6b5a8fc203b9b8ced9c9325d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://8.43.80.38/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v060-03a0364c5.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Mon, 15 Apr 2024 04:42:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
oQgl1FOkR5U=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://8.43.80.38
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
311
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-2-v060-0c10c489f.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Mon, 15 Apr 2024 04:42:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
i5lQzp6CRZA=
vary
Origin
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://westernunion.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AACD3BC75245B4940A490D4D%40AdobeOrg&d_nsid=0&ts=1713156120950
access-control-allow-origin
https://8.43.80.38
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
EX40269c3fbe1840d9b449667f93e88c6a-libraryCode_source.min.js
assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/0d624f0551d2/ 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/0d624f0551d2/EX40269c3fbe1840d9b449667f93e88c6a-libraryCode_source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/launch-4547d5af58c0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1e17c0ec575a63de5f47ba8830a3862f3349bb604d1f4b583ae5a5f213bf09b6

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 04:42:00 GMT
content-encoding
gzip
last-modified
Fri, 12 Apr 2024 15:18:14 GMT
server
AkamaiNetStorage
etag
"27c9a0eb7c83481db0a289712ef79269:1712935094.42559"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://8.43.80.38
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
20117
expires
Mon, 15 Apr 2024 05:42:00 GMT
RC62ce7e8637544100b24e380c6652b310-source.min.js
assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/0d624f0551d2/ 		742 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/0d624f0551d2/RC62ce7e8637544100b24e380c6652b310-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/launch-4547d5af58c0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d5f803c89020a9e7ab3091e2ba6cdfbc21532a0fdedc0c2bc896bf57e6e19f6f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 04:42:01 GMT
content-encoding
gzip
last-modified
Fri, 12 Apr 2024 15:18:14 GMT
server
AkamaiNetStorage
etag
"27c9a0eb7c83481db0a289712ef79269:1712935094.42559"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://8.43.80.38
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
336
expires
Mon, 15 Apr 2024 05:42:01 GMT
dest5.html
westernunion.demdex.net/ Frame E807 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://westernunion.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/launch-4547d5af58c0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.34.167.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-167-98.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://8.43.80.38/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 15 Apr 2024 04:42:01 GMT
dcs
dcs-prod-irl1-1-v060-0e009dfae.edge-irl1.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Tue, 9 Apr 2024 11:23:04 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
cz/Ux4YGRJg=
id
smetrics.westernunion.com/ 		48 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://smetrics.westernunion.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=AACD3BC75245B4940A490D4D%40AdobeOrg&mid=04780168465883515242433631261351065873&ts=1713156121094
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/launch-4547d5af58c0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-62-222.data.adobedc.net
Software
jag /
Resource Hash
32e60ce6e85f31bed4df39d1df1081fa463c360e643aeec9b1cedd42b06afd74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 15 Apr 2024 04:42:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://8.43.80.38
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=ZhywGQAAAMmydwOJ
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=09705219477135892333030997209352037060
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZhywGQAAAMmydwOJ
42 B
715 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZhywGQAAAMmydwOJ
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
H2
Server
54.170.203.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-203-21.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://8.43.80.38/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v060-0682d7c8d.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Mon, 15 Apr 2024 04:42:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
3W2ZP590S9o=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZhywGQAAAMmydwOJ
Date
Mon, 15 Apr 2024 04:42:01 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
s58358950843049
smetrics.westernunion.com/b/ss/westernunionnewglobal/1/JS-2.23.0-LDQM/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smetrics.westernunion.com/b/ss/westernunionnewglobal/1/JS-2.23.0-LDQM/s58358950843049?AQB=1&ndh=1&pf=1&t=15%2F3%2F2024%206%3A42%3A1%201%20-120&ts=1713156121&mid=04780168465883515242433631261351065873&aamlh=6&ce=UTF-8&g=https%3A%2F%2F8.43.80.38%2Fca%2Fen%2Fweb%2Fuser%2Flogin&c.&getNewRepeat=3.0&.c&cc=USD&server=8.43.80.38&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c4=americas&v4=americas&c19=https%3A%2F%2F8.43.80.38%2Fca%2Fen%2Fweb%2Fuser%2Flogin&c22=New&v32=04780168465883515242433631261351065873&v33=https%3A%2F%2F8.43.80.38%2Fca%2Fen%2Fweb%2Fuser%2Flogin&v43=12%3A42%20AM%7CMonday&v54=New&v64=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F123.0.0.0%20Safari%2F537.36&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=AACD3BC75245B4940A490D4D%40AdobeOrg&AQE=1
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-62-222.data.adobedc.net
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 15 Apr 2024 04:42:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Tue, 16 Apr 2024 04:42:01 GMT
server
jag
etag
3678974757590433792-4618469034129402225
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 14 Apr 2024 04:42:01 GMT
RC0eb2039f953f49e984d46b9844edadcc-source.min.js
assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/0d624f0551d2/ 		298 B
433 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/0d624f0551d2/RC0eb2039f953f49e984d46b9844edadcc-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/launch-4547d5af58c0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
53673ab8f2befd49e330fc50edcee2903c2d85a7669c4ef94aebf1e1434a38a0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 04:42:01 GMT
content-encoding
gzip
last-modified
Fri, 12 Apr 2024 15:18:14 GMT
server
AkamaiNetStorage
etag
"27c9a0eb7c83481db0a289712ef79269:1712935094.42559"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://8.43.80.38
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
182
expires
Mon, 15 Apr 2024 05:42:01 GMT
RC562cd52dbd6c41d5a4d4fb9f90de7ea6-source.min.js
assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/0d624f0551d2/ 		866 B
750 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/0d624f0551d2/RC562cd52dbd6c41d5a4d4fb9f90de7ea6-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/launch-4547d5af58c0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5d7837cb1aacfaea50def1ea0d6c004564b79286cd0972bd0ffd0765d5de7b6e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 04:42:01 GMT
content-encoding
gzip
last-modified
Fri, 12 Apr 2024 15:18:14 GMT
server
AkamaiNetStorage
etag
"27c9a0eb7c83481db0a289712ef79269:1712935094.42559"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://8.43.80.38
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
498
expires
Mon, 15 Apr 2024 05:42:01 GMT
tv2track.js
collector-40051.us.tvsquared.com/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://collector-40051.us.tvsquared.com/tv2track.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.218.8.61 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-218-8-61.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:01 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Feb 2024 15:46:47 GMT
Server
nginx
ETag
"65d377e7-2133"
Content-Type
application/javascript
Cache-Control
max-age=600
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
8499
Expires
Mon, 15 Apr 2024 04:52:01 GMT
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/launch-4547d5af58c0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Mon, 15 Apr 2024 04:42:00 GMT
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2D44EF189512457085F954BEC5C2F54B Ref B: FRAEDGE1111 Ref C: 2024-04-15T04:42:01Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13261
core.js
s.pinimg.com/ct/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/launch-4547d5af58c0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1b8ad518b32b5554c4186df68d94a8abcf4e42b0d373894111adbbf0f3f0166f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 04:42:01 GMT
content-encoding
br
x-cdn
fastly
etag
"833dcd107a8faac1e10e3251faf8ba31"
x-amz-server-side-encryption
AES256
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=7200
alt-svc
h3=":443";ma=600
content-length
1903
RC9ab69233241a44d9a2f4a4ce92c708a9-source.min.js
assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/0d624f0551d2/ 		298 B
435 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/0d624f0551d2/RC9ab69233241a44d9a2f4a4ce92c708a9-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/launch-4547d5af58c0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
219946bdbe838453a6f415bbf286192b04d3221fa66e5abf2600176766b56b50

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 04:42:01 GMT
content-encoding
gzip
last-modified
Fri, 12 Apr 2024 15:18:14 GMT
server
AkamaiNetStorage
etag
"27c9a0eb7c83481db0a289712ef79269:1712935094.42559"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://8.43.80.38
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
183
expires
Mon, 15 Apr 2024 05:42:01 GMT
main.4701fd00.js
s.pinimg.com/ct/lib/ 		68 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.4701fd00.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
04869dd0aed2afc622054d94a65c3c5b49bbf44f71bb30609964166d4d679c49

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 04:42:01 GMT
content-encoding
br
x-cdn
fastly
etag
"de2c99f783d3217b95be1cda8849a9ad"
x-amz-server-side-encryption
AES256
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=1209600
alt-svc
h3=":443";ma=600
content-length
19825
343048575.js
bat.bing.com/p/action/ 		0
116 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/343048575.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Mon, 15 Apr 2024 04:42:00 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9EFE0799F6064D45AC9933703F43F5A1 Ref B: FRAEDGE1111 Ref C: 2024-04-15T04:42:01Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=343048575&tm=al001&Ver=2&mid=fda56b3a-1cdd-4a74-9c59-f4f3577bd908&sid=8022e400fae211eea285b974ab9dc63d&vid=8022cf10fae211ee879e1baedc1b9247&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Western%20Union&p=https%3A%2F%2F8.43.80.38%2Fca%2Fen%2Fweb%2Fuser%2Flogin&r=&pt=1713156117745,,,,,0,1,1,1,291,96,291,1767,2242,1774,2553,,,,,&pn=0,0&evt=pageLoad&sv=1&rn=528445
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 Apr 2024 04:42:00 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 445C64CC62B244ABA4DD63F2561DEE6D Ref B: FRAEDGE1111 Ref C: 2024-04-15T04:42:01Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
RCe71bc9c79bea4f40b02fd630e2cb1158-source.min.js
assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/0d624f0551d2/ 		78 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/0d624f0551d2/RCe71bc9c79bea4f40b02fd630e2cb1158-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/launch-4547d5af58c0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
89697b385e354cf8f4549262f639838b946c668021628dc51bdb83e8357bf6ac

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 04:42:01 GMT
content-encoding
gzip
last-modified
Fri, 12 Apr 2024 15:18:14 GMT
server
AkamaiNetStorage
etag
"27c9a0eb7c83481db0a289712ef79269:1712935094.42559"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://8.43.80.38
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
9229
expires
Mon, 15 Apr 2024 05:42:01 GMT
amzn.js
c.amazon-adsystem.com/aat/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aat/amzn.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.32.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-32-75.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b68efccae861d874c91f6607e469061f716801e4b3849e0e2cde0dc1b60ee9a6

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
fGR5t.K8YuwuyRXgWCvjBPJCcP7L_UJH
content-encoding
gzip
via
1.1 c807be9a1ebef174d61ebd59fb655d20.cloudfront.net (CloudFront), 1.1 66a008dd3c1b49635fc036a68872758c.cloudfront.net (CloudFront)
date
Sun, 14 Apr 2024 20:47:33 GMT
last-modified
Wed, 10 Apr 2024 18:20:54 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2, MUC50-P2
x-amz-server-side-encryption
AES256
etag
W/"3d13ef41aa477d7e1ec276886b9e0ec5"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
x-amz-cf-id
ptaoTT5EZP4HASx_Q7pfj9F7CiKjKMxKyo4Zg0hvYVOyDihr54bghA==
js
www.googletagmanager.com/gtag/ 		209 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-12972499
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e9e5ef2d50873aa335885fb1cd6058749fbd4cc38d3ef95058d8d14e520d9134
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 04:42:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76840
x-xss-protection
0
last-modified
Mon, 15 Apr 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 15 Apr 2024 04:42:01 GMT
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 15 Apr 2024 04:42:01 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57850
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1326, tbw=2763, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
kV5eJSIkrEcjLSs78Fwekxv+RgzqrM4CHEWNMJkQT0/ysNd6vRvMNIGufBoW1D8QPn3LpvVm2fUvql6y8k9DkQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
insight.adsrvr.org/track/pxl/ 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/pxl/?adv=qbacbbc&ct=0:7o1dmrc&fmt=3
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 04:42:01 GMT
server
Kestrel
content-length
70
content-type
image/gif
404.html
www.westernunion.com/
Redirect Chain
  • https://8.43.80.38/ca/en/web/user/%3Cimg%20src=%22https://14167169.fls.doubleclick.net/activityi;src=14167169;type=invmedia;cat=weste000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa...
  • https://8.43.80.38/ca/en/web/user/%3Cimg%20src=%22https:/14167169.fls.doubleclick.net/activityi;src=14167169;type=invmedia;cat=weste000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=...
  • https://www.westernunion.com/404.html
0
0
RC3db289dff7614d45824fafcdcca551b4-source.min.js
assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/0d624f0551d2/ 		875 B
760 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/0d624f0551d2/RC3db289dff7614d45824fafcdcca551b4-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/launch-4547d5af58c0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d0989ea16866718f66395429e83f2227c717caa49058d28eed25d870d23936a3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 04:42:01 GMT
content-encoding
gzip
last-modified
Fri, 12 Apr 2024 15:18:14 GMT
server
AkamaiNetStorage
etag
"27c9a0eb7c83481db0a289712ef79269:1712935094.42559"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://8.43.80.38
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
508
expires
Mon, 15 Apr 2024 05:42:01 GMT
1131643220187654
connect.facebook.net/signals/config/ 		431 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1131643220187654?v=2.9.153&r=stable&domain=8.43.80.38&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3970c9e877104265aa71a09d0b58accadf9f97a47e9634c4cf68be52ad25cd4d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 15 Apr 2024 04:42:01 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=11, rtx=0, c=63, mss=1326, tbw=63137, tp=-1, tpl=-1, uplat=315, ullat=0
pragma
public
x-fb-debug
ctU2wO3lXQzOZ0jcAFV1vU+tXk0/j/Rq8CEI3sN9p6in8aiZL5E2oz/7nsax6CyXcXQM2yGW0Zgy6c+alhu/mg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		231 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1026534010&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-12972499
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bb00afb3a406c3166e5b64bc72477efe5c2e60363c26c6dc0ddbc4805c1c978a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 04:42:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83721
x-xss-protection
0
last-modified
Mon, 15 Apr 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 15 Apr 2024 04:42:01 GMT
activityi;dc_pre=CLvH1PCzw4UDFYtCHgIdAzoJ6w;src=12972499;type=brows0;cat=weste0;ord=9186263403066;npa=1;auiddc=2119935193.1713156122;u1=https%3A%2F%2F8.43.80.38%2Fca%2Fen%2Fweb%2Fuser%2Flogin;u2=;u...
12972499.fls.doubleclick.net/ Frame 440F
Redirect Chain
  • https://12972499.fls.doubleclick.net/activityi;src=12972499;type=brows0;cat=weste0;ord=9186263403066;npa=1;auiddc=2119935193.1713156122;u1=https%3A%2F%2F8.43.80.38%2Fca%2Fen%2Fweb%2Fuser%2Flogin;u2...
  • https://12972499.fls.doubleclick.net/activityi;dc_pre=CLvH1PCzw4UDFYtCHgIdAzoJ6w;src=12972499;type=brows0;cat=weste0;ord=9186263403066;npa=1;auiddc=2119935193.1713156122;u1=https%3A%2F%2F8.43.80.38...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://12972499.fls.doubleclick.net/activityi;dc_pre=CLvH1PCzw4UDFYtCHgIdAzoJ6w;src=12972499;type=brows0;cat=weste0;ord=9186263403066;npa=1;auiddc=2119935193.1713156122;u1=https%3A%2F%2F8.43.80.38%2Fca%2Fen%2Fweb%2Fuser%2Flogin;u2=;u3=;u4=;u6=;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44a0v9178321820za200;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2F8.43.80.38%2Fca%2Fen%2Fweb%2Fuser%2Flogin?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-12972499
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://8.43.80.38/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
407
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 15 Apr 2024 04:42:01 GMT
expires
Mon, 15 Apr 2024 04:42:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 15 Apr 2024 04:42:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12972499.fls.doubleclick.net/activityi;dc_pre=CLvH1PCzw4UDFYtCHgIdAzoJ6w;src=12972499;type=brows0;cat=weste0;ord=9186263403066;npa=1;auiddc=2119935193.1713156122;u1=https%3A%2F%2F8.43.80.38%2Fca%2Fen%2Fweb%2Fuser%2Flogin;u2=;u3=;u4=;u6=;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44a0v9178321820za200;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2F8.43.80.38%2Fca%2Fen%2Fweb%2Fuser%2Flogin?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
RC5a98169fb672441b893a5549dada3526-source.min.js
assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/0d624f0551d2/ 		844 B
689 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/0d624f0551d2/RC5a98169fb672441b893a5549dada3526-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/launch-4547d5af58c0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4ea304e6b4007048297160a154e41b3c023be1f3372918b1b011db1b336af3a7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 04:42:01 GMT
content-encoding
gzip
last-modified
Fri, 12 Apr 2024 15:18:14 GMT
server
AkamaiNetStorage
etag
"27c9a0eb7c83481db0a289712ef79269:1712935094.42559"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://8.43.80.38
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
437
expires
Mon, 15 Apr 2024 05:42:01 GMT
one-trust.js
8.43.80.38/exp-static-assets/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-static-assets/vendor/one-trust.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/main-77ec44a651c96025.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
72e7491e1dc8a44ffde82aa362db649a01ba6e4f6c5b83e7f0d34556b0d9747b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:02 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:23:49 GMT
X-Powered-By
Express
ETag
W/"1737-18ec487f808"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=0
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
loader_only.js
8.43.80.38/exp-static-assets/vendor/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-static-assets/vendor/loader_only.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/main-77ec44a651c96025.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
4d89a2b85a8c5dc1a459daccb792e8ec99dbf61bbaa3a0e85a96a10b83883308
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:02 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:23:49 GMT
X-Powered-By
Express
ETag
W/"11bf-18ec487f808"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=0
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
v3
openfpcdn.io/fingerprintjs/ 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://openfpcdn.io/fingerprintjs/v3
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-11.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
57281521094dd6fe0d1997e31eab51a203b0f338d39e730d260fdfecce621905
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Origin
https://8.43.80.38
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 15 Apr 2024 03:30:38 GMT
via
1.1 a7322dae74179db004d6fbdc1e7dc03e.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-C1
age
4285
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
server
CloudFront
etag
W/"hurxpFJ1hzJm8rhSSUCMgpelT2E"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=634553, s-maxage=10345
x-amz-cf-id
gFGEGsc33W5Ez8fm1wwlTiOZgFSAx_q1mRuriSR_qiykvARgDhu90A==
api.js
www.google.com/recaptcha/ 		1 KB
879 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/pages/_app-b77325822c078ba8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c2c5154bf991fa2731344da66f42e9fc8dabbd037c96839c4eb11f0ac0d4f0f0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 04:42:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 15 Apr 2024 04:42:02 GMT
webbeacon.js
8.43.80.38/exp-static-assets/vendor/ 		728 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-static-assets/vendor/webbeacon.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/pages/%5BcountryCode%5D/%5BlangCode%5D/%5BpartnerName%5D/user/login-8388b0722310edf7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
8798e1e2016ec9c6e5508729c81178fd8e0a1eeb18f5b7a457bf02512d8c6ce1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:02 GMT
cache-control-max-age
86400
Last-Modified
Tue, 09 Apr 2024 20:23:49 GMT
X-Powered-By
Express
ETag
W/"2d8-18ec487f808"
X-Frame-Options
SAMEORIGIN
access-control-max-age
86400
Content-Type
application/javascript; charset=UTF-8
Vary
Accept-Encoding
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
728
s54056234430729
smetrics.westernunion.com/b/ss/westernunionnewglobal/1/JS-2.23.0-LDQM/ 		43 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smetrics.westernunion.com/b/ss/westernunionnewglobal/1/JS-2.23.0-LDQM/s54056234430729?AQB=1&ndh=1&pf=1&t=15%2F3%2F2024%206%3A42%3A2%201%20-120&ts=1713156122&mid=04780168465883515242433631261351065873&aamlh=6&ce=UTF-8&pageName=ca%3Aen%3Awebsite%3Alogin&g=https%3A%2F%2F8.43.80.38%2Fca%2Fen%2Fweb%2Fuser%2Flogin&c.&getNewRepeat=3.0&.c&cc=USD&ch=login&server=8.43.80.38&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=ca&v1=ca&c2=en&v2=en&c3=website&v3=website&c4=americas&v4=americas&c5=nv&v5=nv&v6=main0.js&c7=notloggedin&v8=moneytransfer&c19=https%3A%2F%2F8.43.80.38%2Fca%2Fen%2Fweb%2Fuser%2Flogin&c20=ca%3Aen%3Awebsite%3Alogin&c22=New&c26=responsive&c31=unverified&v32=04780168465883515242433631261351065873&v33=https%3A%2F%2F8.43.80.38%2Fca%2Fen%2Fweb%2Fuser%2Flogin&v43=12%3A42%20AM%7CMonday&v45=ca%3Aen%3Awebsite%3Alogin&v54=New&v63=responsive&v64=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F123.0.0.0%20Safari%2F537.36&v70=unverified&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=AACD3BC75245B4940A490D4D%40AdobeOrg&lrt=21&AQE=1
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-62-222.data.adobedc.net
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 15 Apr 2024 04:42:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Tue, 16 Apr 2024 04:42:02 GMT
server
jag
etag
3678974758723846144-4618437408962448561
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 14 Apr 2024 04:42:02 GMT
RC662ee90af40e424090fd01ce6269474e-source.min.js
assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/0d624f0551d2/ 		298 B
437 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/0d624f0551d2/RC662ee90af40e424090fd01ce6269474e-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/launch-4547d5af58c0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b34c9f79ad56bfbe93d432f5207187ddebe9b539428607a3893404966a5aa995

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 04:42:02 GMT
content-encoding
gzip
last-modified
Fri, 12 Apr 2024 15:18:14 GMT
server
AkamaiNetStorage
etag
"27c9a0eb7c83481db0a289712ef79269:1712935094.42559"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://8.43.80.38
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
185
expires
Mon, 15 Apr 2024 05:42:02 GMT
tv2track.php
collector-40051.us.tvsquared.com/ 		42 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector-40051.us.tvsquared.com/tv2track.php?action_name=Account%20Login%20%7C%20Western%20Union%20CA&idsite=TV-5490904581-1&rec=1&r=029264&h=6&m=42&s=2&url=https%3A%2F%2F8.43.80.38%2Fca%2Fen%2Fweb%2Fuser%2Flogin&_id=4a5eff978128c090&_idts=1713156122&_idvc=0&_idn=1&_viewts=&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=1951
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.218.8.61 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-218-8-61.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

P3p
CP='OTI DSP COR NID STP UNI OTPa OUR'
Date
Mon, 15 Apr 2024 04:42:02 GMT
Server
nginx
Connection
keep-alive
Request-Id
0f5558bc-c275-4677-b251-f9a3c0d3a5ce
Content-Length
42
Content-Type
image/gif
start-75937dfe4196520b.js
8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/pages/%5BcountryCode%5D/%5BlangCode%5D/%5BpartnerName%5D/send-money/ 		0
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/pages/%5BcountryCode%5D/%5BlangCode%5D/%5BpartnerName%5D/send-money/start-75937dfe4196520b.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/main-77ec44a651c96025.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:02 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:50:22 GMT
X-Powered-By
Express
ETag
W/"7290-18ec4a046b0"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=31536000, immutable
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
8239-4888e18bbdaee30f.js
8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/8239-4888e18bbdaee30f.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/main-77ec44a651c96025.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:02 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:50:23 GMT
X-Powered-By
Express
ETag
W/"2bac-18ec4a04a98"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=31536000, immutable
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
track-transfer-116b3dbb28aeecd4.js
8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/pages/%5BcountryCode%5D/%5BlangCode%5D/%5BpartnerName%5D/ 		0
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/pages/%5BcountryCode%5D/%5BlangCode%5D/%5BpartnerName%5D/track-transfer-116b3dbb28aeecd4.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/main-77ec44a651c96025.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:02 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:50:22 GMT
X-Powered-By
Express
ETag
W/"83b1-18ec4a046b0"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=31536000, immutable
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
2034-aa66c87d8c98990d.js
8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/ 		0
18 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/2034-aa66c87d8c98990d.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/main-77ec44a651c96025.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:02 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:50:23 GMT
X-Powered-By
Express
ETag
W/"128ee-18ec4a04a98"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=31536000, immutable
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
1911-4c6967806114ccc3.js
8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/ 		0
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/1911-4c6967806114ccc3.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/main-77ec44a651c96025.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:02 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:50:23 GMT
X-Powered-By
Express
ETag
W/"11e7a-18ec4a04a98"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=31536000, immutable
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
find-locations.html-0a821586dc5ae3ef.js
8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/pages/%5BcountryCode%5D/%5BlangCode%5D/%5BpartnerName%5D/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/pages/%5BcountryCode%5D/%5BlangCode%5D/%5BpartnerName%5D/find-locations.html-0a821586dc5ae3ef.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/main-77ec44a651c96025.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:02 GMT
cache-control-max-age
86400
Last-Modified
Tue, 09 Apr 2024 20:50:22 GMT
X-Powered-By
Express
ETag
W/"268-18ec4a046b0"
X-Frame-Options
SAMEORIGIN
access-control-max-age
86400
Content-Type
application/javascript; charset=UTF-8
Vary
Accept-Encoding
Cache-Control
public, max-age=31536000, immutable
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
616
help-3baae8d2d3be726a.js
8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/pages/%5BcountryCode%5D/%5BlangCode%5D/%5BpartnerName%5D/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/pages/%5BcountryCode%5D/%5BlangCode%5D/%5BpartnerName%5D/help-3baae8d2d3be726a.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/main-77ec44a651c96025.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:02 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:50:22 GMT
X-Powered-By
Express
ETag
W/"428-18ec4a046b0"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=31536000, immutable
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
8905-b35692bac7f5fc4a.js
8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/ 		0
11 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/8905-b35692bac7f5fc4a.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/main-77ec44a651c96025.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:02 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:50:23 GMT
X-Powered-By
Express
ETag
W/"a33c-18ec4a04a98"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=31536000, immutable
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
register-88d17ae0f0f21d83.js
8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/pages/%5BcountryCode%5D/%5BlangCode%5D/%5BpartnerName%5D/user/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/pages/%5BcountryCode%5D/%5BlangCode%5D/%5BpartnerName%5D/user/register-88d17ae0f0f21d83.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/main-77ec44a651c96025.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:02 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:50:22 GMT
X-Powered-By
Express
ETag
W/"3939-18ec4a046b0"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=31536000, immutable
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
/
www.facebook.com/tr/ Frame 1D1A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Content-Type
application/x-www-form-urlencoded
Origin
https://8.43.80.38
Referer
https://8.43.80.38/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://8.43.80.38
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 15 Apr 2024 04:42:02 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1326, tbw=2755, tp=-1, tpl=-1, uplat=0, ullat=0
recaptcha__de.js
www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/ 		501 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3958a93184f498eaa140c746fa8b3ce7e540d38898f2b1c1acf9c7e8f6c5f429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Origin
https://8.43.80.38
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 19:41:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32433
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205471
x-xss-protection
0
last-modified
Fri, 29 Mar 2024 04:30:36 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 14 Apr 2025 19:41:29 GMT
static_wdp.js
8.43.80.38/iojs/general5/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/exp-static-assets/vendor/loader_only.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:02 GMT
Content-Security-Policy
default-src 'none'
X-Content-Type-Options
nosniff
X-Powered-By
Express
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Connection
keep-alive
Content-Length
166
wdp.js
mpsnare.iesnare.com/general5/ 		42 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/exp-static-assets/vendor/loader_only.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.195.39.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-39-4.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b33352bbefc8deccbbe5bb20f3b656438dd3e4092cf41a636c9daa32e40aab49
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Mon, 15 Apr 2024 04:42:02 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Encoding
gzip
Server
nginx
Accept-CH
Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=utf-8
p3p
CP="NON DSP COR CURa"
Cache-Control
no-cache, private
Connection
keep-alive
Expires
0
dWdnY2Y6Ly84LjQzLjgwLjM4L3BuL3JhL2pyby9oZnJlL3lidHZh.gif
content-cdn.com/1323/ 		42 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content-cdn.com/1323/dWdnY2Y6Ly84LjQzLjgwLjM4L3BuL3JhL2pyby9oZnJlL3lidHZh.gif
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.21.2.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-2-28.compute-1.amazonaws.com
Software
envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 04:42:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time
1
server
envoy
content-length
42
vary
Origin
content-type
image/gif
tv2track.php
collector-40051.us.tvsquared.com/ 		42 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector-40051.us.tvsquared.com/tv2track.php?action_name=Account%20Login%20%7C%20Western%20Union%20CA&idsite=TV-5490904581-1&rec=1&r=974849&h=6&m=42&s=2&url=https%3A%2F%2F8.43.80.38%2Fca%2Fen%2Fweb%2Fuser%2Flogin&_id=4a5eff978128c090&_idts=1713156122&_idvc=0&_idn=0&_viewts=&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=1951
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.218.8.61 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-218-8-61.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

P3p
CP='OTI DSP COR NID STP UNI OTPa OUR'
Date
Mon, 15 Apr 2024 04:42:02 GMT
Server
nginx
Connection
keep-alive
Request-Id
fe72dd93-d217-4462-af3b-1fb6dcf2e29d
Content-Length
42
Content-Type
image/gif
activityi;dc_pre=CJXz_PCzw4UDFWFeHgIdaPMCvg;src=12972499;type=brows0;cat=weste0;ord=7775214381791;npa=1;auiddc=2119935193.1713156122;u1=https%3A%2F%2F8.43.80.38%2Fca%2Fen%2Fweb%2Fuser%2Flogin;u2=ca...
12972499.fls.doubleclick.net/ Frame 31F0
Redirect Chain
  • https://12972499.fls.doubleclick.net/activityi;src=12972499;type=brows0;cat=weste0;ord=7775214381791;npa=1;auiddc=2119935193.1713156122;u1=https%3A%2F%2F8.43.80.38%2Fca%2Fen%2Fweb%2Fuser%2Flogin;u2...
  • https://12972499.fls.doubleclick.net/activityi;dc_pre=CJXz_PCzw4UDFWFeHgIdaPMCvg;src=12972499;type=brows0;cat=weste0;ord=7775214381791;npa=1;auiddc=2119935193.1713156122;u1=https%3A%2F%2F8.43.80.38...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://12972499.fls.doubleclick.net/activityi;dc_pre=CJXz_PCzw4UDFWFeHgIdaPMCvg;src=12972499;type=brows0;cat=weste0;ord=7775214381791;npa=1;auiddc=2119935193.1713156122;u1=https%3A%2F%2F8.43.80.38%2Fca%2Fen%2Fweb%2Fuser%2Flogin;u2=ca;u3=en;u4=notloggedin;u6=;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44a0v9178321820za200;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2F8.43.80.38%2Fca%2Fen%2Fweb%2Fuser%2Flogin?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-12972499
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://8.43.80.38/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
418
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 15 Apr 2024 04:42:02 GMT
expires
Mon, 15 Apr 2024 04:42:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 15 Apr 2024 04:42:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12972499.fls.doubleclick.net/activityi;dc_pre=CJXz_PCzw4UDFWFeHgIdaPMCvg;src=12972499;type=brows0;cat=weste0;ord=7775214381791;npa=1;auiddc=2119935193.1713156122;u1=https%3A%2F%2F8.43.80.38%2Fca%2Fen%2Fweb%2Fuser%2Flogin;u2=ca;u3=en;u4=notloggedin;u6=;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44a0v9178321820za200;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2F8.43.80.38%2Fca%2Fen%2Fweb%2Fuser%2Flogin?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
404.html
www.westernunion.com/
Redirect Chain
  • https://8.43.80.38/ca/en/web/user/%3Cimg%20src=%22https://14167169.fls.doubleclick.net/activityi;src=14167169;type=invmedia;cat=weste000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa...
  • https://8.43.80.38/ca/en/web/user/%3Cimg%20src=%22https:/14167169.fls.doubleclick.net/activityi;src=14167169;type=invmedia;cat=weste000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=...
  • https://www.westernunion.com/404.html
0
0
RCd592a3eaa6f147d0bcae61046921c8f0-source.min.js
assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/0d624f0551d2/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/0d624f0551d2/RCd592a3eaa6f147d0bcae61046921c8f0-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/launch-4547d5af58c0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9b1802b7a35571c0ef8c3d0ea62513b335d0aba58de66185f3b03edbcb79e991

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 04:42:02 GMT
content-encoding
gzip
last-modified
Fri, 12 Apr 2024 15:18:14 GMT
server
AkamaiNetStorage
etag
"27c9a0eb7c83481db0a289712ef79269:1712935094.42559"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://8.43.80.38
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
2074
expires
Mon, 15 Apr 2024 05:42:02 GMT
0
bat.bing.com/actionp/ 		0
236 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/actionp/0?ti=343048575&tm=al001&Ver=2&mid=fda56b3a-1cdd-4a74-9c59-f4f3577bd908&sid=8022e400fae211eea285b974ab9dc63d&vid=8022cf10fae211ee879e1baedc1b9247&vids=1&msclkid=N&evt=dedup
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 Apr 2024 04:42:01 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: ACA371B9A87944F9BD873CF32C423421 Ref B: FRAEDGE1111 Ref C: 2024-04-15T04:42:02Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
0093dfc35a2beb44.css
8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/css/ 		41 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/css/0093dfc35a2beb44.css
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-wutest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
eaa59773025b698c2a2b1d249e0d0824c1dc58f912475bec23d7a7ea70d372f8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:02 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:50:23 GMT
X-Powered-By
Express
ETag
W/"a4f7-18ec4a04a98"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
text/css; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=31536000, immutable
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
bb0b3381d0aebbe6.css
8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/css/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/css/bb0b3381d0aebbe6.css
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-wutest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
5f7f1559e7b5afa461d0362f3c4341efe0caed94b12db49ebc2765a9f18ed58b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:02 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:50:22 GMT
X-Powered-By
Express
ETag
W/"1086-18ec4a046b0"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
text/css; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=31536000, immutable
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
anchor
www.google.com/recaptcha/api2/ Frame C8CE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeIoFYnAAAAAHUjCFT2_gD5uDi1BmEnoBI1MvRi&co=aHR0cHM6Ly84LjQzLjgwLjM4OjQ0Mw..&hl=en&type=image&v=rz4DvU-cY2JYCwHSTck0_qm-&theme=light&size=invisible&badge=bottomright&cb=c35e9sjg3kp6
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/pages/_app-b77325822c078ba8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-amq9gZ_G15oUwievXzmdIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://8.43.80.38/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-amq9gZ_G15oUwievXzmdIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 15 Apr 2024 04:42:02 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
logo.js
mpsnare.iesnare.com/5.7.0/ 		505 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mpsnare.iesnare.com/5.7.0/logo.js
Requested by
Host: mpsnare.iesnare.com
URL: https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.195.39.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-39-4.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6fbc85b88b06d97a584204dcbb5aba1b876eba7c0c37f168856cbb51468cdc0d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:02 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Tue, 06 May 2014 00:01:40 GMT
Server
nginx
Accept-CH
Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=utf-8
p3p
CP="NON DSP COR CURa"
Cache-Control
private
Connection
keep-alive
Expires
Tue, 15 Apr 2025 04:42:02 GMT
tag.js
www.westernunion.com/proxydirectory/tags/673667380151/ 		45 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.westernunion.com/proxydirectory/tags/673667380151/tag.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.148.37 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-37.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5e789259874521b5b04abc0c6dc2bdbc0a5fb0ca8b4c7c136ce12dd9c9d0158a
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-edgeconnect-origin-mex-latency
3
date
Mon, 15 Apr 2024 04:42:02 GMT
content-encoding
gzip
strict-transport-security
max-age=86400 ; includeSubDomains
x-amz-cf-pop
ORD58-P3
x-edgeconnect-midmile-rtt
99
server-timing
cdn-cache; desc=MISS, edge; dur=112, origin; dur=3, ak_p; desc="1713156122549_388391928_349461192_11546_19270_11_0_146";dur=1
content-length
13706
x-request-id
cebc8910-fade-11ee-82e2-f1a7d4031875
server
nginx
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=2592000
access-control-allow-credentials
false
x-robots-tag
noindex, nofollow
access-control-allow-headers
*
x-amz-cf-id
rmLSmscAwIIPddBl9sgFQn_kJA2dr__9qH8j2-pqo_0UFPaekw48Jg==
expires
Wed, 15 May 2024 04:42:02 GMT
RC463f02f5959d4e128260f9ab0668cea2-source.min.js
assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/0d624f0551d2/ 		1 KB
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/0d624f0551d2/RC463f02f5959d4e128260f9ab0668cea2-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/launch-4547d5af58c0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4aa8d4422838cec81e3fa4d03ba87516d11594bfb21c49aeb37660f148ae3383

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 04:42:02 GMT
content-encoding
gzip
last-modified
Fri, 12 Apr 2024 15:18:14 GMT
server
AkamaiNetStorage
etag
"27c9a0eb7c83481db0a289712ef79269:1712935094.42559"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://8.43.80.38
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
540
expires
Mon, 15 Apr 2024 05:42:02 GMT
time.mp3
mpsnare.iesnare.com/ 		504 B
881 B 		Media
General
Check archive.org
Download Go to
Full URL
https://mpsnare.iesnare.com/time.mp3?nocache=0.4569582687224376
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.195.39.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-39-4.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
027300466ef20f41eeb2235cdcb3a7982882be0bf59434b3c07ea26cec11b145
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://8.43.80.38/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

Pragma
public
Date
Mon, 15 Apr 2024 04:42:02 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains
Server
nginx
Content-Type
audio/mpeg
Content-Range
bytes 0-503/504
Content-Disposition
inline; filename=time.mp3
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
504
Expires
Thu, 01 Jan 1970 00:00:00 GMT
start-75937dfe4196520b.js
8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/pages/%5BcountryCode%5D/%5BlangCode%5D/%5BpartnerName%5D/send-money/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/pages/%5BcountryCode%5D/%5BlangCode%5D/%5BpartnerName%5D/send-money/start-75937dfe4196520b.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/main-77ec44a651c96025.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
0657e79f457984c8e07cedb1dd180dfa37d6cb6f62eba2355f7f43b7dff1b886
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:02 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:50:22 GMT
X-Powered-By
Express
ETag
W/"7290-18ec4a046b0"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=31536000, immutable
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
b60657174c6f56f1.css
8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/css/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/css/b60657174c6f56f1.css
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-wutest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
87d42d270f9dcb7c030c0d531c3556b95fb4dac1a5c337cb796f356c95eac0b0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:02 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:50:22 GMT
X-Powered-By
Express
ETag
W/"1657-18ec4a046b0"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
text/css; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=31536000, immutable
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
8239-4888e18bbdaee30f.js
8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/8239-4888e18bbdaee30f.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/main-77ec44a651c96025.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
5cad0209e3e908f5114008b43deadd40996e41c1f952b99ade2454e0b28213f6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:02 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:50:23 GMT
X-Powered-By
Express
ETag
W/"2bac-18ec4a04a98"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=31536000, immutable
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
track-transfer-116b3dbb28aeecd4.js
8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/pages/%5BcountryCode%5D/%5BlangCode%5D/%5BpartnerName%5D/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/pages/%5BcountryCode%5D/%5BlangCode%5D/%5BpartnerName%5D/track-transfer-116b3dbb28aeecd4.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/main-77ec44a651c96025.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
782fc8ec0693482ad1a81298df36d9339158f68750b28850d52a86bd3475b6f0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:02 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:50:22 GMT
X-Powered-By
Express
ETag
W/"83b1-18ec4a046b0"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=31536000, immutable
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
a2caea6ccaa4339c.css
8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/css/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/css/a2caea6ccaa4339c.css
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-wutest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
9e8dffd9fac562039dea6f4e9e948cf1e93d03e3b4fafb0d88d2401966599698
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:02 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:50:22 GMT
X-Powered-By
Express
ETag
W/"d5b-18ec4a046b0"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
text/css; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=31536000, immutable
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
2034-aa66c87d8c98990d.js
8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/ 		74 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/2034-aa66c87d8c98990d.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/main-77ec44a651c96025.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
735edc9037456a256821718a84daf06470f00051642113aa7e68b0692e48f62e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:02 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:50:23 GMT
X-Powered-By
Express
ETag
W/"128ee-18ec4a04a98"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=31536000, immutable
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
1911-4c6967806114ccc3.js
8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/1911-4c6967806114ccc3.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/main-77ec44a651c96025.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
4c3e36b61242d57504d886dd5de0a033ed0964d1c668b791f6867c1124c68524
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:02 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:50:23 GMT
X-Powered-By
Express
ETag
W/"11e7a-18ec4a04a98"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=31536000, immutable
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
find-locations.html-0a821586dc5ae3ef.js
8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/pages/%5BcountryCode%5D/%5BlangCode%5D/%5BpartnerName%5D/ 		616 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/pages/%5BcountryCode%5D/%5BlangCode%5D/%5BpartnerName%5D/find-locations.html-0a821586dc5ae3ef.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/main-77ec44a651c96025.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
566d7c7de34c6bb823e14e0758476b4e45073d2117ea8b06e9e740dcbfb38076
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:02 GMT
cache-control-max-age
86400
Last-Modified
Tue, 09 Apr 2024 20:50:22 GMT
X-Powered-By
Express
ETag
W/"268-18ec4a046b0"
X-Frame-Options
SAMEORIGIN
access-control-max-age
86400
Content-Type
application/javascript; charset=UTF-8
Vary
Accept-Encoding
Cache-Control
public, max-age=31536000, immutable
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
616
20e187120913e97a.css
8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/css/ 		50 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/css/20e187120913e97a.css
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-wutest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
8e36bf8d255a4005a48f8ac4195c59194ddc1b1d57d1258776c871aa8a3caefe
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:02 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:50:23 GMT
X-Powered-By
Express
ETag
W/"c7c9-18ec4a04a98"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
text/css; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=31536000, immutable
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
westernunion.jsp
www.upsellit.com/active/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upsellit.com/active/westernunion.jsp
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.39.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
58.39.117.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2bb7f4b985f5fee56c1dfe81d6db89895e3e02b486fdb804d6a232d5c75a1029
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 google
date
Sun, 14 Apr 2024 18:51:54 GMT
server
nginx
age
35408
vary
Accept-Encoding
content-type
application/x-javascript;charset=ISO-8859-1
cache-control
max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11442
expires
Mon, 15 Apr 2024 18:51:54 GMT
RCfa8a4c5903e745a480821da60ebd910b-source.min.js
assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/0d624f0551d2/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/0d624f0551d2/RCfa8a4c5903e745a480821da60ebd910b-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/launch-4547d5af58c0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
93b6de4f3187b80031b1e24fa8124a51c0fb17b5b16755b183cf757bc13084d9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 04:42:02 GMT
content-encoding
gzip
last-modified
Fri, 12 Apr 2024 15:18:14 GMT
server
AkamaiNetStorage
etag
"27c9a0eb7c83481db0a289712ef79269:1712935094.42559"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://8.43.80.38
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
1008
expires
Mon, 15 Apr 2024 05:42:02 GMT
help-3baae8d2d3be726a.js
8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/pages/%5BcountryCode%5D/%5BlangCode%5D/%5BpartnerName%5D/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/pages/%5BcountryCode%5D/%5BlangCode%5D/%5BpartnerName%5D/help-3baae8d2d3be726a.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/main-77ec44a651c96025.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
b0e09330bb1d551692f2c95ef979fec6a549bb80c2736ebb78ee994091898d94
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:02 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:50:22 GMT
X-Powered-By
Express
ETag
W/"428-18ec4a046b0"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=31536000, immutable
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
session_data.jsp
app.upsellit.com/utility/ 		524 B
710 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.upsellit.com/utility/session_data.jsp?extended=false&si=3e0czi_1713156123
Requested by
Host: www.upsellit.com
URL: https://www.upsellit.com/active/westernunion.jsp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.118.62.69 , United States, ASN7296 (DYNASCALE, US),
Reverse DNS
Software
nginx /
Resource Hash
195cc1f0bb63e98ba16ab7e41e0e65c6801813f6803ba941ea3e90d089ab0eba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
application/x-javascript;charset=ISO-8859-1
date
Mon, 15 Apr 2024 04:42:03 GMT
cache-control
max-age=86400
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
content-length
524
expires
Tue, 16 Apr 2024 04:42:03 GMT
711037.gif
idsync.rlcdn.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/711037.gif?partner_uid=f165fdc8-47e7-4a0b-a33d-71c68546646c
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 04:42:03 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
wutest-app.quantummetric.com/ Frame 76F4 		0
644 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wutest-app.quantummetric.com/?Q=4&rr=1713156122757
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-wutest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.197.114.177 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
177.114.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 Apr 2024 04:42:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
content-security-policy
default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server
nginx
content-type
application/json
access-control-allow-origin
https://8.43.80.38
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
0
pageInfo
www.westernunion.com/proxydirectory/673667380151/ 		0
0
/
8.43.80.38/router/ 		292 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/router/
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-wutest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/
Resource Hash
e56494297b827a1590d3f965ddd72511687e407120998b296beab3df600894d0
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000 ; includeSubDomains, max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
isrrenabled
true
x-wu-accesscode
RtYV3XDz9EA
x-wu-operationName
createSession
WUCountryCode
CA
Accept-Language
en-CA
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://8.43.80.38/ca/en/web/user/login
WULanguageCode
en
platform
nextgen
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:03 GMT
content-security-policy
default-src 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000 ; includeSubDomains, max-age=31536000 ; includeSubDomains
Connection
keep-alive
Content-Length
292
X-XSS-Protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
ETag
W/"124-n3CdUR90jc6LmgTqsmmipIY9eoY"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
Content-Type
application/json; charset=utf-8
access-control-allow-origin
https://8.43.80.38, *
access-control-max-age
360
access-control-allow-credentials
true
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-frame-options
DENY
access-control-allow-headers
x-requested-with, Origin, Content-Type, Accept, access-control-allow-headers, authToken, authorization, partnerId
expires
0
report
www.mczbf.com/673667380151/ 		0
417 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.mczbf.com/673667380151/report
Requested by
Host: www.westernunion.com
URL: https://www.westernunion.com/proxydirectory/tags/673667380151/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:ec00:16:4ed5:12c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 15 Apr 2024 04:42:03 GMT
Via
1.1 ba2af690a81a9d904af393a857344bf4.cloudfront.net (CloudFront)
Server
nginx
X-Amz-Cf-Pop
MUC50-P1
X-Cache
Miss from cloudfront
Access-Control-Allow-Origin
*
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
X-Amz-Cf-Id
9rhP5H_VAbuMEFoHqnrf7LxDTdcbKsmXBL2b5sl-BTfDR-RJ28TIkw==
X-Request-ID
81382fa7-fae2-11ee-a839-0739ddf9810e
pageInfo
www.westernunion.com/proxydirectory/673667380151/ 		0
0
8905-b35692bac7f5fc4a.js
8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/ 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/8905-b35692bac7f5fc4a.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/main-77ec44a651c96025.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
e074ce4c38e250c86103bb47ea5759e41e6d82bdac918a80212191501a06c839
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:03 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:50:23 GMT
X-Powered-By
Express
ETag
W/"a33c-18ec4a04a98"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=31536000, immutable
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
register-88d17ae0f0f21d83.js
8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/pages/%5BcountryCode%5D/%5BlangCode%5D/%5BpartnerName%5D/user/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/pages/%5BcountryCode%5D/%5BlangCode%5D/%5BpartnerName%5D/user/register-88d17ae0f0f21d83.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/chunks/main-77ec44a651c96025.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
d143921c554b3a5b83d01e92e87eecb5afe83c9f6126cabe1e144bc57e5480e0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:03 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:50:22 GMT
X-Powered-By
Express
ETag
W/"3939-18ec4a046b0"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=31536000, immutable
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
4a9d1402ee38c147.css
8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/css/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-web-assets/240409-070000-215d5c3879_24.03.5.1/_next/static/css/4a9d1402ee38c147.css
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-wutest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
5cd0f0a6fa650f230585cc2d16ef811832ddca7d0dc2763835916a068ec4ac1e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:03 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:50:22 GMT
X-Powered-By
Express
ETag
W/"f8c-18ec4a046b0"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
text/css; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=31536000, immutable
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
report
www.mczbf.com/673667380151/ 		0
417 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.mczbf.com/673667380151/report
Requested by
Host: www.westernunion.com
URL: https://www.westernunion.com/proxydirectory/tags/673667380151/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:ec00:16:4ed5:12c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 15 Apr 2024 04:42:03 GMT
Via
1.1 ba2af690a81a9d904af393a857344bf4.cloudfront.net (CloudFront)
Server
nginx
X-Amz-Cf-Pop
MUC50-P1
X-Cache
Miss from cloudfront
Access-Control-Allow-Origin
*
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
X-Amz-Cf-Id
njVEAFFRHK6kgI-PzP6ZblZSnYwjs_l0eyv1X8EcKgb7OiZNS4aBdw==
X-Request-ID
814a5814-fae2-11ee-a35a-cd25fe5c078f
s.js
cdn.sift.com/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sift.com/s.js
Requested by
Host: 8.43.80.38
URL: https://8.43.80.38/ca/en/web/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.67.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.67.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
10ec464febb7b92ed105d94da994f32989ff1d0795c0013460b5e2a7769934f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 18 Mar 2024 08:35:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2405216
x-guploader-uploadid
ABPtcPr8Ee_PPEnSxz3RQPS3SrqnBIsjX19HQQZrziEHnWqmYiHGGLLPDfmHXM2DIQdv7uA8yDrQMnX0Xw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20557
last-modified
Mon, 18 Mar 2024 08:23:03 GMT
server
UploadServer
etag
"489c51cfaaabb9e46cdcd9805f9cb5e7"
x-goog-generation
1710750183024543
x-goog-hash
crc32c=asYZeQ==, md5=SJxRz6qrueRs3NmAX5y15w==
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
no-transform
x-goog-stored-content-length
20557
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 18 Mar 2025 08:35:07 GMT
/
zn8v3mbh5ld4zg5w1-wuvoc.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zn8v3mbh5ld4zg5w1-wuvoc.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_8v3MBH5LD4Zg5w1
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a2f2368b1fb5/b3c9e57b2e56/launch-4547d5af58c0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40d2dfdccb07079db54f0ca47ad0af9f0aafba5f7458e532fb4412371d7d482f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 04:42:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
300600
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"26bb-mihZWeRutfjLdMLRUnftlxrezJk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
8749444ca97d35f1-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
/
wutest-app.quantummetric.com/ Frame 76F4 		0
643 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wutest-app.quantummetric.com/?Q=4&rr=1713156123451
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-wutest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.197.114.177 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
177.114.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 Apr 2024 04:42:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
content-security-policy
default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server
nginx
content-type
application/json
access-control-allow-origin
https://8.43.80.38
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
0
favicon.ico
8.43.80.38/exp-static-assets/ 		9 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://8.43.80.38/exp-static-assets/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.80.38 , United States, ASN36154 (WURESTON, US),
Reverse DNS
Software
/ Express
Resource Hash
c3647e98bde2af4876ab503a3840d7e7f6d9116b6bcb35a4eeec30086d600510
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/ca/en/web/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 15 Apr 2024 04:42:03 GMT
cache-control-max-age
86400
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2024 20:23:48 GMT
X-Powered-By
Express
ETag
W/"25be-18ec487f420"
access-control-max-age
86400
Transfer-Encoding
chunked
Content-Type
image/x-icon
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=0
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
12.00593e070a6f1562a8b4.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		73 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/12.00593e070a6f1562a8b4.chunk.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=8.43.80.38
Requested by
Host: zn8v3mbh5ld4zg5w1-wuvoc.siteintercept.qualtrics.com
URL: https://zn8v3mbh5ld4zg5w1-wuvoc.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_8v3MBH5LD4Zg5w1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
773476fc4041f913eb57d338efa749e0c2b63828f086c83da65c3d3aeb51fa73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 04:42:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
533714
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 01 Apr 2024 18:13:43 GMT
server
cloudflare
etag
W/"125c9-18e9addfbd8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-ray
8749444ce9a435f1-FRA
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_8v3MBH5LD4Zg5w1&Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=webAdobeLaunch
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-wutest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5567675f8f48424a0d6ef9011128e323909a51d905d3dfd3eed4e305bf94e149
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 15 Apr 2024 04:42:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
content-type
application/json
access-control-allow-origin
https://8.43.80.38
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
permissions-policy
camera=(), geolocation=(), microphone=()
trace-id
36b1cef0131bef7c
timing-allow-origin
*
cf-ray
8749444d29bd35f1-FRA
/
wutest-app.quantummetric.com/ Frame 76F4 		0
643 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wutest-app.quantummetric.com/?Q=4&rr=1713156123759
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-wutest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.197.114.177 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
177.114.197.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 Apr 2024 04:42:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
content-security-policy
default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server
nginx
content-type
application/json
access-control-allow-origin
https://8.43.80.38
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
0
pr
westernunion.evergage.com/ 		0
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://westernunion.evergage.com/pr?_r=847033&_ak=westernunion&_ds=ca_uat_web_responsive&.scv=2&.anonId=16ffe133617bb8fe&_anon=true&.top=3343&.dt=4176&.lt=5608&.tt=339
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-wutest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.124.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-124-59.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://8.43.80.38/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://8.43.80.38
date
Mon, 15 Apr 2024 04:42:03 GMT
x-content-type-options
nosniff
timing-allow-origin
*
hash-check
rl.quantummetric.com/wutest/ Frame 76F4 		2 B
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rl.quantummetric.com/wutest/hash-check
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-wutest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.66.3.160 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
160.3.66.34.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 15 Apr 2024 04:42:06 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin
access-control-allow-methods
*
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://8.43.80.38
access-control-allow-credentials
true
content-length
2
hash-check
rl.quantummetric.com/wutest/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rl.quantummetric.com/wutest/hash-check
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.66.3.160 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
160.3.66.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://8.43.80.38
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
https://8.43.80.38
content-length
0
date
Mon, 15 Apr 2024 04:42:05 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.westernunion.com
URL
https://www.westernunion.com/404.html
Domain
www.westernunion.com
URL
https://www.westernunion.com/404.html
Domain
www.westernunion.com
URL
https://www.westernunion.com/proxydirectory/673667380151/pageInfo
Domain
www.westernunion.com
URL
https://www.westernunion.com/proxydirectory/673667380151/pageInfo

Verdicts & Comments Add Verdict or Comment

216 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| Animation string| thirdPartyConfigContent string| _3DSConfig string| ENV string| CONTEXT string| COUNTRY_CODE string| LANG_CODE object| analyticsObject object| SDConf function| loadScript string| pageurl string| botalias string| domainURL object| loader object| chatbotUiConfig string| loadedFresh boolean| isProd object| urlParams string| countryIsoCode boolean| disableAnalytics string| cookieOptIn string| userConsent function| getUrlParams function| isC0002Accepted function| isC0003Accepted function| isC0004Accepted function| insertScripts function| getEfrUrl function| isEfrEnabled function| isKhipuEnabled function| loadAdaUtils function| isQAorLowerEnv function| isOneTrustEnabled function| getLaunchScript function| getEvgUrl function| getQuantumUrl function| getSongBirdUrl function| getEnv function| isAEEnabled function| loadScripts function| loadJS function| getCookie function| getAmpKey function| includeHtml function| runInnerHTMLScripts function| setupMicroappsCallback function| getUniqueId function| initMParticle function| loadMParticle function| fireTag object| _tags function| fireTags function| branchKey function| deeplink function| getGlobalBlackBoxData object| scriptsToLoad object| mParticle object| branch function| getFingerPrintJs function| khipuJs object| webpackChunk_N_E function| __next_set_public_path__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P undefined| _N_E boolean| __audioEyeInitialized function| readyCallback function| songbirdLoader object| Cardinal object| evergageLog function| ajq object| _aaq object| Evergage function| evergageBeforeSiteConfigExecution object| evergageSiteConfig string| evergageSiteWideStyles number| evergageBeaconParseTimeStart undefined| $ undefined| jQuery number| evergageReshowPersonalizedSectionsTimeout number| evergageBeaconParseTimeEnd object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor string| country object| s_c_il number| s_c_in function| alloy function| getNewRepeat function| manageVars function| apl function| s_loadVars function| countryLanguage function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq object| s function| Cookies number| s_objectID number| s_giq undefined| r undefined| links function| QuantumMetricInstrumentationStart object| QuantumMetricAPI function| cookieWrite function| cookieRead undefined| g object| s_i_westernunionnewglobal function| setImmediate function| clearImmediate object| _tvq object| uetq function| pintrk function| UET function| UET_init function| UET_push object| ueto_102755f888 function| amzn object| dataLayer function| fbq function| _fbq function| renewToken function| updateToken function| deleteToken object| google_tag_manager object| google_tag_data undefined| dataTrafficGuard function| readCookie function| _ function| Hammer function| saveAs object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST undefined| context object| WUAnalyticsService string| z object| JSON2 object| TV2Track object| countryConfig object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| OptanonWrapper string| io_global_object_name object| IGLOO object| recaptcha object| closure_lm_776343 function| findKeyByValue function| nca function| loadcj string| cjcountry number| enterpriseID string| registerSuccessID string| sendMoneySuccessID string| sendCountry string| payoutCountry undefined| cjEventQSP string| pagenametmp string| cjCurrencyCode undefined| cjCookieID boolean| dataShareFlag string| siteSection string| transactionID boolean| cjRegistrationSuccess undefined| source string| coupon string| cjPrinciple string| cjDiscount string| cjTransactionFee object| cj_pageTypeObject object| cj_affiliateSourceObject object| cj_eventIdObject string| hashedEmail string| email string| userID string| cj_pageType object| cj_referringChannel boolean| ncaFlag boolean| firstTransactionFlag string| txt object| cj number| usi_installed function| USI_installCode function| hasOwnProperty object| usi_commons string| usi_nocookies object| usi_cookies object| usi_dom object| usi_app object| CJApi object| cjApi boolean| flag boolean| third_party object| _scriptMap object| usi_session_data function| usi_set_session_data object| QSI object| _sift function| __siftFlashCB undefined| Sift object| PluginDetect object| WAFQualtricsWebpackJsonP-cloud-2.4.0 object| _qsie

35 Cookies

Domain/Path Name / Value
8.43.80.38/ca/en Name: wu_device_id
Value: 53f8f424-f2de-3bea-95ff-7b72a2ebf574
8.43.80.38/ca/en Name: clientApp
Value: Leap
8.43.80.38/ca/en Name: UserLocale
Value: en-CA
8.43.80.38/ca/en Name: EnablePinning
Value: false
8.43.80.38/ca/en Name: AutoLogginEnabled
Value: true
8.43.80.38/ca/en Name: sessionTimer
Value: 0
8.43.80.38/ Name: BIGipServerpool_origin-digital-stage.westernunion.com
Value: !A05ayLoqeBHvogW410g/cGAFko945Vu5UkwheX/GdBCA2c6l1HBXR+C/myUYOk+aX7uViyWhBH2H2Mc=
8.43.80.38/ Name: _evga_206e
Value: 16ffe133617bb8fe.
.app.link/ Name: _s
Value: sxmaA4ab02gDpYosd5SVBVqvTm58YN%2BFoaupiZlmiisYnHHWlNdwOh4VgDS23puH
.demdex.net/ Name: demdex
Value: 09705219477135892333030997209352037060
8.43.80.38/ Name: AMCVS_AACD3BC75245B4940A490D4D%40AdobeOrg
Value: 1
8.43.80.38/ Name: affiliate_src_code
Value:
8.43.80.38/ Name: s_cc
Value: true
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZhywGQAAAMmydwOJ
.dpm.demdex.net/ Name: dpm
Value: 09705219477135892333030997209352037060
8.43.80.38/ Name: AMCV_AACD3BC75245B4940A490D4D%40AdobeOrg
Value: 1430045084%7CMCIDTS%7C19829%7CMCMID%7C04780168465883515242433631261351065873%7CMCAAMLH-1713760921%7C6%7CMCAAMB-1713760921%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1713163321s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19836%7CvVersion%7C5.5.0
8.43.80.38/ Name: _uetsid
Value: 8022e400fae211eea285b974ab9dc63d
8.43.80.38/ Name: _uetvid
Value: 8022cf10fae211ee879e1baedc1b9247
.bing.com/ Name: MUID
Value: 2B2C0C961DDE6E9F343518F41CB56F83
8.43.80.38/ Name: user_txn_state
Value: 0:1713156121613
8.43.80.38/ Name: _gcl_au
Value: 1.1.2119935193.1713156122
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
8.43.80.38/ Name: CountryCode
Value: ca
8.43.80.38/ Name: LangCode
Value: en
8.43.80.38/ Name: s_nr30
Value: 1713156122264-New
8.43.80.38/ Name: s_nr730
Value: 1713156122264-New
8.43.80.38/ Name: channel_stack
Value: login
8.43.80.38/ Name: _tq_id.TV-5490904581-1.9604
Value: 4a5eff978128c090.1713156122.0.1713156122..
8.43.80.38/ Name: _fbp
Value: fb.3.1713156122360.238216913
.bing.com/ Name: MSPTC
Value: odqxrkfKhwLnuFBsu7KiVjbQkDQQvx9zWr7w3FjidIU
.doubleclick.net/ Name: IDE
Value: AHWqTUkmBH_1KOdiFM06C3GXixcVfriVjghTjJMDDfTlZiDt2P4b7S6Xa6sfJcbTVlE
mpsnare.iesnare.com/ Name: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef
Value: j+yae/dd+W6AFbM8gsF003XefET6fWZnI4JJe732acU=
.westernunion.com/ Name: cjUser
Value: f165fdc8-47e7-4a0b-a33d-71c68546646c
8.43.80.38/ Name: BIGipServerwudgtsrvs.prod.wudip.com
Value: 3574607114.29478.0000
www.westernunion.com/ Name: akavpau_en
Value: 1713156423~id=bdba7e28fe9503e1f811e6f8fc84a2d6

48 Console Messages

Source Level URL
Text
network error URL: https://8.43.80.38/content/wucom/outage-banner/outage-configuration.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security error URL: https://8.43.80.38/ca/en/web/user/login
Message:
Refused to execute script from 'https://8.43.80.38/content/wucom/outage-banner/outage-configuration.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network error URL: https://8.43.80.38/content/wucom/outage-banner/outage-banner-logic-r4.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security error URL: https://8.43.80.38/ca/en/web/user/login
Message:
Refused to execute script from 'https://8.43.80.38/content/wucom/outage-banner/outage-banner-logic-r4.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
other warning URL: https://8.43.80.38/ca/en/web/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://wsv3cdn.audioeye.com/bootstrap.js?d=8.43.80.38&cb=226608b
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://8.43.80.38/ca/en/web/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://8.43.80.38/ca/en/web/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://8.43.80.38/ca/en/web/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://8.43.80.38/ca/en/web/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://8.43.80.38/ca/en/web/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://8.43.80.38/ca/en/web/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://8.43.80.38/ca/en/web/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://8.43.80.38/ca/en/web/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://8.43.80.38/ca/en/web/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://8.43.80.38/ca/en/web/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://8.43.80.38/ca/en/web/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://8.43.80.38/ca/en/web/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://8.43.80.38/ca/en/web/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://8.43.80.38/ca/en/web/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/1131643220187654?v=2.9.153&r=stable&domain=8.43.80.38&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 87)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://8.43.80.38/ca/en/web/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://8.43.80.38/ca/en/web/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://8.43.80.38/ca/en/web/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://8.43.80.38/ca/en/web/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://8.43.80.38/ca/en/web/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://8.43.80.38/ca/en/web/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://8.43.80.38/ca/en/web/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://8.43.80.38/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security error URL: https://8.43.80.38/ca/en/web/user/login
Message:
Refused to execute script from 'https://8.43.80.38/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
other warning URL: https://8.43.80.38/ca/en/web/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://8.43.80.38/ca/en/web/user/login(Line 343)
Message:
Refused to execute inline event handler because it violates the following Content Security Policy directive: "script-src 'nonce-H13Gh0LSKI7AlPgeppGYCZoWs2VmdRfz+pIGKVkUF3g=' 'self' https://*.pubmatic.com https://tpc.googlesyndication.com https://3ds2-sandbox.ckotech.co https://api.sandbox.checkout.com https://pay.uae.uat.wu.com https://*.contentsquare.net https://*.contentsquare.com https://*.dapi.com https://*.contentsquare.net https://*.contentsquare.com https://pgt.cbuaepay.ae/ https://edge.adobedc.net https://secure.quantserve.com https://a.tribalfusion.com https://westernunion-gb.admo.tv https://adservice.google.com https://www.googletagservices.com https://*.googlesyndication.com https://securepubads.g.doubleclick.net https://bat.bing.com/ https://*.demdex.net https://dpm.demdex.net https://www.gstatic.com https://cdn.cookielaw.org http://jssdkcdn.mparticle.com http://jssdkcdns.mparticle.com https://cdn.evergage.com https://cdn.branch.io https://cdn.quantummetric.com http://cdn.quantummetric.com https://ws.audioeye.com/ae.js https://mpsnare.iesnare.com wss://mpsnare.iesnare.com https://wsv3cdn.audioeye.com https://assets.adobedtm.com https://cdn.amplitude.com https://maps.googleapis.com https://geolocation.onetrust.com http://*.westernunion.com/ https://*.westernunion.com/ https://*.qualtrics.com https://*.cardinalcommerce.com https://songbird.cardinalcommerce.com/edge/v1/songbird.js https://*.siteintercept.qualtrics.com https://*.arcot.com https://*.touch.tech https://*.rsa3dsauth.com https://*.mycardplace.com https://0eaf.cardinalcommerce.com https://1eaf.cardinalcommerce.com https://3d-secure.areeba.com https://3d-secure.olb.de https://3d-secure.pluscard.de https://3d-secure.six-group.com https://3d-secure1.sbanken.no https://3d-secure2.sbanken.no https://3debspay.boc.cn https://3ds-b.live.ext.prod.enfuce.com https://3ds-challenge.n26.com https://3ds-n2.nbg.gr https://3ds-n3.nbg.gr https://3ds-secure.cardcomplete.com https://3ds.abanca.com https://3ds.bancochile.cl:443 https://3ds.bov.com https://3ds.consorsfinanz.de https://3ds.egcp.com https://3ds.inteligo.pl https://3ds.kaspi.kz https://3ds.kombank.com:8447 https://3ds.kredobank.com.ua https://3ds.nexigroup.com https://3ds.oschadbank.ua https://3ds.pkobp.pl https://3ds.pl.ing.com https://3ds.qnb.com https://3ds.redsys.es https://3ds.rpc-raiffeisen.com https://3ds.seglan.com https://3ds.sia.eu https://3ds2-visasecure.acdcproc.com https://3dsec.cardcenter.ch https://3dsec.postfinance.ch https://3dsecure-2.wirecard.com https://3dsecure-prd2.monext.fr https://3dsecure-vrp.de https://3dsecure.bnpparibas.pl https://3dsecure.csas.cz https://3dsecure.ing.ro https://3dsecure.mbank.pl https://3dsecure.monext.fr https://3dsecure.nexi.it https://3dsecure.psa.at https://3dsecure.raiffeisen.al https://3dsecure.raiffeisenbank.rs https://3dsecure.rhb.com.my https://3dsecure.sgb.pl https://3dsecure.slsp.sk https://3dsecure.sumup.com https://3dsecure.tatrabanka.sk https://3dsecureA.sparda.de https://3dsecureB.sparda.de https://3dspayment.paylife.at https://6b0ad2e1-3ds.sibs.ro https://acs-trides2.asseco-see.hr https://acs.3ds-hanseaticbank.de https://acs.3dsecure.az https://acs.airplus.com https://acs.alfabank.kiev.ua https://acs.api.alignet.io https://acs.fssnet.co.in https://acs.gc.ge https://acs.kbcard.com https://acs.luminorgroup.com:443 https://acs.mashreq.com https://acs.mercurypaymentservices.it https://acs.netsgroup.com https://acs.paymaya.com https://acs.s2mgcc.com https://acs.sibs.pt https://acs.swisscard.ch https://acs.tbcbank.ge:443 https://acs.touch.tech https://acs.upc.ua https://acs1-3dsecure.cic.fr https://acs1-3dsecure.cm-cic.com https://acs1-3dsecure.creditmutuel.fr https://acs1-3dsecure.targobank.de https://acs1.3ds.modirum.com https://acs1.3dsecure.no https://acs1.edb.com https://acs1.luottokunta.fi https://acs1.mpts.modirum.com https://acs1.six-payment-services.com https://acs1.sparebank1.no https://acs1.swedbank.se https://acs1.viseca.ch https://acs2-3dsecure.cic.fr https://acs2-3dsecure.cm-cic.com https://acs2-3dsecure.creditmutuel.fr https://acs2-3dsecure.targobank.de https://acs2.3ds.modirum.com https://acs2.3dsecure.no https://acs2.a-bank.com.ua:443 https://acs2.arca.am https://acs2.bankofafrica.ma:443 https://acs2.edb.com https://acs2.estcard.ee https://acs2.kasikornbank.com https://acs2.luottokunta.fi https://acs2.mpts.modirum.com https://acs2.nedsecure.co.za https://acs2.rba.hr https://acs2.six-payment-services.com https://acs2.sparebank1.no https://acs2.swedbank.se https://acs2p.gpesecure.com https://acs3.3ds.modirum.com https://acs3.3dsecure.no https://acs3.edb.com https://acs3.sparebank1.no https://acs4.privatbank.ua https://acsabsa.bankserv.co.za https://acspa.petafuel.net https://acssbafrica.bankserv.co.za https://acssv.dskbank.bg https://acssv.otpbank.hu https://acsv2.centrum24.pl https://analytics.tiktok.com https://api.emv.acs.opentech.com https://aptopaysafe-vbv.mycardplace.com https://authentication-acs.marqeta.com https://authentication.cardinalcommerce.com https://authentication1.six-group.com https://authentication2.six-group.com https://bankieren.ideal.ing.nl https://belgium-3ds-bxl.wlp-acs.com https://belgium-3ds-vdm.wlp-acs.com https://betalen.rabobank.nl https://bezpecneplatby.rb.cz https://bfcoi-3ds-vdm.wlp-acs.com https://biztonsagikod.raiffeisen.hu https://bnpp-3ds-bxl.wlp-acs.com https://bnpp-3ds-vdm.wlp-acs.com https://boursorama-3ds-bxl.wlp-acs.com https://boursorama-3ds-vdm.wlp-acs.com https://bred-3ds-vdm.wlp-acs.com https://cacs-v2.icard.com https://cardsec.postfinance.ch https://cb2d09ce-3ds.sibs.ro https://checkout.trustly.com https://cimb-securee-pay.cimb.com https://clients.smartsecure.tsys.co.uk:443 https://credit-mutuel-3ds-vdm.wlp-acs.com https://crqsbiacs.sbi https://danskebank-3ds-bxl.wlp-acs.com https://danskebank-3ds-vdm.wlp-acs.com https://df0b7f32-3ds.sibs.ro https://diensten.asnbank.nl https://diensten.regiobank.nl https://diensten.snsbank.nl https://ecclients.btrl.ro https://emvacs.2c2p.com https://emvacs.bkm.com.tr https://esecure.sia.eu:443 https://family.ctbcbank.com https://forisau-vbv.mycardplace.com https://foriseu-vbv.mycardplace.com https://gateway2.tapngo.com.hk https://german-3ds-bxl.wlp-acs.com https://german-3ds-vdm.wlp-acs.com https://geschuetztkaufen1.commerzbank.de https://geschuetztkaufen2.commerzbank.de https://hsbc-3ds-bxl.wlp-acs.com https://hsbc-3ds-vdm.wlp-acs.com https://ideal.bunq.com https://ideal.ing.nl https://ideal.knab.nl https://ideal.triodos.nl https://ideal.vanlanschot.com https://ipay.bangkokbank.com https://labanquepostale-3ds-bxl.wlp-acs.com https://labanquepostale-3ds-vdm.wlp-acs.com https://luxembourg-3ds-bxl.wlp-acs.com https://luxembourg-3ds-vdm.wlp-acs.com https://lv-worldline-3ds-bxl.wlp-acs.com https://lv-worldline-3ds-vdm.wlp-acs.com https://mafrenchbank-3ds-vdm.wlp-acs.com https://mastercardidentitycheck.sparkassen-kreditkarten.de https://maybankcardsmsos.maybank.com.my https://mcconsumerv2.alahli.com https://mycardsecure.com https://natixispaymentsolutions-3ds-bxl.wlp-acs.com https://natixispaymentsolutions-3ds-vdm.wlp-acs.com https://neo-msc.mycardplace.com https://online.citadele.lv https://op-bxl.wlp-acs.com https://op-vdm.wlp-acs.com https://paas2.s2mgcc.com https://paiement1.secure.lcl.fr https://paiement2.secure.lcl.fr https://pay.eewosecure.com https://paymentauthenticationchallenge.apac.citibank.com https://paymentauthenticationchallenge2.apac.citibank.com https://paysecure2.bmci.ma https://pca3ds.gbp.ma:4443 https://postbank-3ds-bxl.wlp-acs.com https://postbank-3ds-vdm.wlp-acs.com https://ps4acs.netcetera-payment.ch https://secure-acs2ui-b1-indblr-blrtdc.wibmo.com https://secure-acs2ui-b1-indmum-mumrdc.wibmo.com https://secure.3ds.bonuscard.ch https://secure.3ds.cornercard.ch https://secure.dkb.de https://secure2.arcot.com https://secure4.arcot.com https://secure5.arcot.com https://secure7.arcot.com https://securepayment1.reisebank.de https://securepayment2.reisebank.de https://sg-3ds-bxl.wlp-acs.com https://sg-3ds-vdm.wlp-acs.com https://sgba-3ds-vdm.wlp-acs.com https://sicher-bezahlen.sparkasse.at https://ssl-prd-u7f-fo-acs-pa-casa-bxl.wlp-acs.com https://threedomainsecure.pekao24.pl https://tsys.arcot.com https://txn.apac.paywithpoli.com https://verify.monzo.com https://visa-secure-bxl.ing.de https://visa-secure-vdm.ing.de https://visasecure.sparkassen-kreditkarten.de https://visasecure1.comdirect.de https://visasecure1.consorsbank.de https://visasecure2.comdirect.de https://visasecure2.consorsbank.de https://wirexeu-msc.mycardplace.com https://www.abnamro.nl https://www.bankmillennium.pl https://www.centrum24.pl https://www.europabank.be https://www.ipko.pl https://www.mepsfpx.com.my https://www.rsa3dsauth.co.uk https://www.rsa3dsauth.com https://www.secure22gw.ro https://www.secure2gw.ro https://www.secure5gw.ro https://www.sofort.com https://www.zaba.hr https://*.jumio.ai https://westdemo.web.amer-1.jumio.ai https://uat.idmission.com https://kyc.idmission.com https://demo.idmission.com/apps/invokeApps https://demo.idmission.com https://api.myinfo.gov.sg https://test.api.myinfo.gov.sg https://app.referralsaasquatch.com https://fast.ssqt.io/* http://ssqt.co https://*.khipu.com https://js.khipu.com https://simpleui-au.vixverify.com https://simpleui-test-au.vixverify.com https://sydney.idscan.cloud https://au.vixverify.com https://test-au.vixverify.com https://prodoz.idscan.cloud https://hosted.mastersoftgroup.com/harmony/ https://auth.idmission.com https://websdk-cdn-dev.idmission.com https://cdn.jsdelivr.net https://storage.googleapis.com https://api.idmission.com https://portal-api.idmission.com 'strict-dynamic' 'unsafe-eval'". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present.
other warning URL: https://8.43.80.38/ca/en/web/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://8.43.80.38/ca/en/web/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript error URL: https://8.43.80.38/ca/en/web/user/login
Message:
Access to fetch at 'https://www.westernunion.com/proxydirectory/673667380151/pageInfo' from origin 'https://8.43.80.38' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'.
network error URL: https://www.westernunion.com/proxydirectory/673667380151/pageInfo
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://8.43.80.38/ca/en/web/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://8.43.80.38/ca/en/web/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://8.43.80.38/ca/en/web/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://8.43.80.38/ca/en/web/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://8.43.80.38/ca/en/web/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://idsync.rlcdn.com/711037.gif?partner_uid=f165fdc8-47e7-4a0b-a33d-71c68546646c
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript error URL: https://8.43.80.38/ca/en/web/user/login
Message:
Access to fetch at 'https://www.westernunion.com/proxydirectory/673667380151/pageInfo' from origin 'https://8.43.80.38' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'.
network error URL: https://www.westernunion.com/proxydirectory/673667380151/pageInfo
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://8.43.80.38/ca/en/web/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://8.43.80.38/ca/en/web/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://8.43.80.38/ca/en/web/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://8.43.80.38/ca/en/web/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self';script-src 'nonce-H13Gh0LSKI7AlPgeppGYCZoWs2VmdRfz+pIGKVkUF3g=' 'self' https://*.pubmatic.com https://tpc.googlesyndication.com https://3ds2-sandbox.ckotech.co https://api.sandbox.checkout.com https://pay.uae.uat.wu.com https://*.contentsquare.net https://*.contentsquare.com https://*.dapi.com https://*.contentsquare.net https://*.contentsquare.com https://pgt.cbuaepay.ae/ https://edge.adobedc.net https://secure.quantserve.com https://a.tribalfusion.com https://westernunion-gb.admo.tv https://adservice.google.com https://www.googletagservices.com https://*.googlesyndication.com https://securepubads.g.doubleclick.net https://bat.bing.com/ https://*.demdex.net https://dpm.demdex.net https://www.gstatic.com https://cdn.cookielaw.org http://jssdkcdn.mparticle.com http://jssdkcdns.mparticle.com https://cdn.evergage.com https://cdn.branch.io https://cdn.quantummetric.com http://cdn.quantummetric.com https://ws.audioeye.com/ae.js https://mpsnare.iesnare.com wss://mpsnare.iesnare.com https://wsv3cdn.audioeye.com https://assets.adobedtm.com https://cdn.amplitude.com https://maps.googleapis.com https://geolocation.onetrust.com http://*.westernunion.com/ https://*.westernunion.com/ https://*.qualtrics.com https://*.cardinalcommerce.com https://songbird.cardinalcommerce.com/edge/v1/songbird.js https://*.siteintercept.qualtrics.com https://*.arcot.com https://*.touch.tech https://*.rsa3dsauth.com https://*.mycardplace.com https://0eaf.cardinalcommerce.com https://1eaf.cardinalcommerce.com https://3d-secure.areeba.com https://3d-secure.olb.de https://3d-secure.pluscard.de https://3d-secure.six-group.com https://3d-secure1.sbanken.no https://3d-secure2.sbanken.no https://3debspay.boc.cn https://3ds-b.live.ext.prod.enfuce.com https://3ds-challenge.n26.com https://3ds-n2.nbg.gr https://3ds-n3.nbg.gr https://3ds-secure.cardcomplete.com https://3ds.abanca.com https://3ds.bancochile.cl:443 https://3ds.bov.com https://3ds.consorsfinanz.de https://3ds.egcp.com https://3ds.inteligo.pl https://3ds.kaspi.kz https://3ds.kombank.com:8447 https://3ds.kredobank.com.ua https://3ds.nexigroup.com https://3ds.oschadbank.ua https://3ds.pkobp.pl https://3ds.pl.ing.com https://3ds.qnb.com https://3ds.redsys.es https://3ds.rpc-raiffeisen.com https://3ds.seglan.com https://3ds.sia.eu https://3ds2-visasecure.acdcproc.com https://3dsec.cardcenter.ch https://3dsec.postfinance.ch https://3dsecure-2.wirecard.com https://3dsecure-prd2.monext.fr https://3dsecure-vrp.de https://3dsecure.bnpparibas.pl https://3dsecure.csas.cz https://3dsecure.ing.ro https://3dsecure.mbank.pl https://3dsecure.monext.fr https://3dsecure.nexi.it https://3dsecure.psa.at https://3dsecure.raiffeisen.al https://3dsecure.raiffeisenbank.rs https://3dsecure.rhb.com.my https://3dsecure.sgb.pl https://3dsecure.slsp.sk https://3dsecure.sumup.com https://3dsecure.tatrabanka.sk https://3dsecureA.sparda.de https://3dsecureB.sparda.de https://3dspayment.paylife.at https://6b0ad2e1-3ds.sibs.ro https://acs-trides2.asseco-see.hr https://acs.3ds-hanseaticbank.de https://acs.3dsecure.az https://acs.airplus.com https://acs.alfabank.kiev.ua https://acs.api.alignet.io https://acs.fssnet.co.in https://acs.gc.ge https://acs.kbcard.com https://acs.luminorgroup.com:443 https://acs.mashreq.com https://acs.mercurypaymentservices.it https://acs.netsgroup.com https://acs.paymaya.com https://acs.s2mgcc.com https://acs.sibs.pt https://acs.swisscard.ch https://acs.tbcbank.ge:443 https://acs.touch.tech https://acs.upc.ua https://acs1-3dsecure.cic.fr https://acs1-3dsecure.cm-cic.com https://acs1-3dsecure.creditmutuel.fr https://acs1-3dsecure.targobank.de https://acs1.3ds.modirum.com https://acs1.3dsecure.no https://acs1.edb.com https://acs1.luottokunta.fi https://acs1.mpts.modirum.com https://acs1.six-payment-services.com https://acs1.sparebank1.no https://acs1.swedbank.se https://acs1.viseca.ch https://acs2-3dsecure.cic.fr https://acs2-3dsecure.cm-cic.com https://acs2-3dsecure.creditmutuel.fr https://acs2-3dsecure.targobank.de https://acs2.3ds.modirum.com https://acs2.3dsecure.no https://acs2.a-bank.com.ua:443 https://acs2.arca.am https://acs2.bankofafrica.ma:443 https://acs2.edb.com https://acs2.estcard.ee https://acs2.kasikornbank.com https://acs2.luottokunta.fi https://acs2.mpts.modirum.com https://acs2.nedsecure.co.za https://acs2.rba.hr https://acs2.six-payment-services.com https://acs2.sparebank1.no https://acs2.swedbank.se https://acs2p.gpesecure.com https://acs3.3ds.modirum.com https://acs3.3dsecure.no https://acs3.edb.com https://acs3.sparebank1.no https://acs4.privatbank.ua https://acsabsa.bankserv.co.za https://acspa.petafuel.net https://acssbafrica.bankserv.co.za https://acssv.dskbank.bg https://acssv.otpbank.hu https://acsv2.centrum24.pl https://analytics.tiktok.com https://api.emv.acs.opentech.com https://aptopaysafe-vbv.mycardplace.com https://authentication-acs.marqeta.com https://authentication.cardinalcommerce.com https://authentication1.six-group.com https://authentication2.six-group.com https://bankieren.ideal.ing.nl https://belgium-3ds-bxl.wlp-acs.com https://belgium-3ds-vdm.wlp-acs.com https://betalen.rabobank.nl https://bezpecneplatby.rb.cz https://bfcoi-3ds-vdm.wlp-acs.com https://biztonsagikod.raiffeisen.hu https://bnpp-3ds-bxl.wlp-acs.com https://bnpp-3ds-vdm.wlp-acs.com https://boursorama-3ds-bxl.wlp-acs.com https://boursorama-3ds-vdm.wlp-acs.com https://bred-3ds-vdm.wlp-acs.com https://cacs-v2.icard.com https://cardsec.postfinance.ch https://cb2d09ce-3ds.sibs.ro https://checkout.trustly.com https://cimb-securee-pay.cimb.com https://clients.smartsecure.tsys.co.uk:443 https://credit-mutuel-3ds-vdm.wlp-acs.com https://crqsbiacs.sbi https://danskebank-3ds-bxl.wlp-acs.com https://danskebank-3ds-vdm.wlp-acs.com https://df0b7f32-3ds.sibs.ro https://diensten.asnbank.nl https://diensten.regiobank.nl https://diensten.snsbank.nl https://ecclients.btrl.ro https://emvacs.2c2p.com https://emvacs.bkm.com.tr https://esecure.sia.eu:443 https://family.ctbcbank.com https://forisau-vbv.mycardplace.com https://foriseu-vbv.mycardplace.com https://gateway2.tapngo.com.hk https://german-3ds-bxl.wlp-acs.com https://german-3ds-vdm.wlp-acs.com https://geschuetztkaufen1.commerzbank.de https://geschuetztkaufen2.commerzbank.de https://hsbc-3ds-bxl.wlp-acs.com https://hsbc-3ds-vdm.wlp-acs.com https://ideal.bunq.com https://ideal.ing.nl https://ideal.knab.nl https://ideal.triodos.nl https://ideal.vanlanschot.com https://ipay.bangkokbank.com https://labanquepostale-3ds-bxl.wlp-acs.com https://labanquepostale-3ds-vdm.wlp-acs.com https://luxembourg-3ds-bxl.wlp-acs.com https://luxembourg-3ds-vdm.wlp-acs.com https://lv-worldline-3ds-bxl.wlp-acs.com https://lv-worldline-3ds-vdm.wlp-acs.com https://mafrenchbank-3ds-vdm.wlp-acs.com https://mastercardidentitycheck.sparkassen-kreditkarten.de https://maybankcardsmsos.maybank.com.my https://mcconsumerv2.alahli.com https://mycardsecure.com https://natixispaymentsolutions-3ds-bxl.wlp-acs.com https://natixispaymentsolutions-3ds-vdm.wlp-acs.com https://neo-msc.mycardplace.com https://online.citadele.lv https://op-bxl.wlp-acs.com https://op-vdm.wlp-acs.com https://paas2.s2mgcc.com https://paiement1.secure.lcl.fr https://paiement2.secure.lcl.fr https://pay.eewosecure.com https://paymentauthenticationchallenge.apac.citibank.com https://paymentauthenticationchallenge2.apac.citibank.com https://paysecure2.bmci.ma https://pca3ds.gbp.ma:4443 https://postbank-3ds-bxl.wlp-acs.com https://postbank-3ds-vdm.wlp-acs.com https://ps4acs.netcetera-payment.ch https://secure-acs2ui-b1-indblr-blrtdc.wibmo.com https://secure-acs2ui-b1-indmum-mumrdc.wibmo.com https://secure.3ds.bonuscard.ch https://secure.3ds.cornercard.ch https://secure.dkb.de https://secure2.arcot.com https://secure4.arcot.com https://secure5.arcot.com https://secure7.arcot.com https://securepayment1.reisebank.de https://securepayment2.reisebank.de https://sg-3ds-bxl.wlp-acs.com https://sg-3ds-vdm.wlp-acs.com https://sgba-3ds-vdm.wlp-acs.com https://sicher-bezahlen.sparkasse.at https://ssl-prd-u7f-fo-acs-pa-casa-bxl.wlp-acs.com https://threedomainsecure.pekao24.pl https://tsys.arcot.com https://txn.apac.paywithpoli.com https://verify.monzo.com https://visa-secure-bxl.ing.de https://visa-secure-vdm.ing.de https://visasecure.sparkassen-kreditkarten.de https://visasecure1.comdirect.de https://visasecure1.consorsbank.de https://visasecure2.comdirect.de https://visasecure2.consorsbank.de https://wirexeu-msc.mycardplace.com https://www.abnamro.nl https://www.bankmillennium.pl https://www.centrum24.pl https://www.europabank.be https://www.ipko.pl https://www.mepsfpx.com.my https://www.rsa3dsauth.co.uk https://www.rsa3dsauth.com https://www.secure22gw.ro https://www.secure2gw.ro https://www.secure5gw.ro https://www.sofort.com https://www.zaba.hr https://*.jumio.ai https://westdemo.web.amer-1.jumio.ai https://uat.idmission.com https://kyc.idmission.com https://demo.idmission.com/apps/invokeApps https://demo.idmission.com https://api.myinfo.gov.sg https://test.api.myinfo.gov.sg https://app.referralsaasquatch.com https://fast.ssqt.io/* http://ssqt.co https://*.khipu.com https://js.khipu.com https://simpleui-au.vixverify.com https://simpleui-test-au.vixverify.com https://sydney.idscan.cloud https://au.vixverify.com https://test-au.vixverify.com https://prodoz.idscan.cloud https://hosted.mastersoftgroup.com/harmony/ https://auth.idmission.com https://websdk-cdn-dev.idmission.com https://cdn.jsdelivr.net https://storage.googleapis.com https://api.idmission.com https://portal-api.idmission.com 'strict-dynamic' 'unsafe-eval';
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12972499.fls.doubleclick.net
api2.branch.io
app.link
app.upsellit.com
assets.adobedtm.com
bat.bing.com
c.amazon-adsystem.com
cdn.branch.io
cdn.evergage.com
cdn.quantummetric.com
cdn.sift.com
cm.everesttech.net
collector-40051.us.tvsquared.com
connect.facebook.net
content-cdn.com
dpm.demdex.net
identity.mparticle.com
idsync.rlcdn.com
insight.adsrvr.org
jssdkcdns.mparticle.com
jssdks.mparticle.com
mpsnare.iesnare.com
openfpcdn.io
rl.quantummetric.com
s.pinimg.com
siteintercept.qualtrics.com
smetrics.westernunion.com
songbirdstag.cardinalcommerce.com
westernunion.demdex.net
westernunion.evergage.com
ws.audioeye.com
wsv3cdn.audioeye.com
wutest-app.quantummetric.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.mczbf.com
www.upsellit.com
www.westernunion.com
zn8v3mbh5ld4zg5w1-wuvoc.siteintercept.qualtrics.com
www.westernunion.com
104.17.208.240
104.197.114.177
108.138.32.75
142.250.184.198
15.197.193.217
151.101.64.114
176.34.167.98
18.173.187.59
18.218.8.61
208.118.62.69
2600:9000:225b:ec00:16:4ed5:12c0:93a1
2600:9000:237d:c00:19:9934:6a80:93a1
2600:9000:26da:8600:11:f728:3040:93a1
2606:4700:10::6816:34fc
2606:4700:4400::6812:277d
2606:4700:4400::ac40:9483
2606:4700::c6d9:fbfb
2620:1ec:c11::237
2a00:1450:4001:812::2004
2a00:1450:4001:81c::2003
2a00:1450:4001:81d::2008
2a02:26f0:3500:587::1e80
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:200::645
2a04:4e42:400::645
2a04:4e42:600::645
2a04:4e42:8e::84
3.226.124.59
34.117.39.58
34.66.3.160
34.96.67.224
35.244.174.68
52.17.26.1
52.21.2.28
54.170.203.21
54.195.39.4
63.140.62.222
8.43.80.38
95.101.148.37
99.84.88.11
027300466ef20f41eeb2235cdcb3a7982882be0bf59434b3c07ea26cec11b145
04869dd0aed2afc622054d94a65c3c5b49bbf44f71bb30609964166d4d679c49
0657e79f457984c8e07cedb1dd180dfa37d6cb6f62eba2355f7f43b7dff1b886
0924703dedc11aba06b50618755d819568eda6df281858c56f999921f0398032
0a05b5453afedc2aa67051cbefb9994a6043231220a82e505dc1b5867f6f101c
0a187915d115d0a02f7805de98394a704d92f73ce761fd72c7fc2c5e1f940379
0c2b9d4d0fbccc0ba65b71f3f5c958dc6e6486afb7a45fe4fe1ff1f09efd34fa
10ec464febb7b92ed105d94da994f32989ff1d0795c0013460b5e2a7769934f2
195cc1f0bb63e98ba16ab7e41e0e65c6801813f6803ba941ea3e90d089ab0eba
19899ddabb8f22569bfaebded111382a4f889f56339fb8b04d0c68416f4bb197
1b8ad518b32b5554c4186df68d94a8abcf4e42b0d373894111adbbf0f3f0166f
1e17c0ec575a63de5f47ba8830a3862f3349bb604d1f4b583ae5a5f213bf09b6
219946bdbe838453a6f415bbf286192b04d3221fa66e5abf2600176766b56b50
257b06b3cf071ced8eb3407213054b7bc7844dca7662ecfed636f344f2ca1bcf
2bb7f4b985f5fee56c1dfe81d6db89895e3e02b486fdb804d6a232d5c75a1029
32e60ce6e85f31bed4df39d1df1081fa463c360e643aeec9b1cedd42b06afd74
339c311696518bbb0d044e9dd105fc4d9a256828c66880dd1397a8f59ce67d2c
3958a93184f498eaa140c746fa8b3ce7e540d38898f2b1c1acf9c7e8f6c5f429
3970c9e877104265aa71a09d0b58accadf9f97a47e9634c4cf68be52ad25cd4d
40d2dfdccb07079db54f0ca47ad0af9f0aafba5f7458e532fb4412371d7d482f
4aa8d4422838cec81e3fa4d03ba87516d11594bfb21c49aeb37660f148ae3383
4c3e36b61242d57504d886dd5de0a033ed0964d1c668b791f6867c1124c68524
4d89a2b85a8c5dc1a459daccb792e8ec99dbf61bbaa3a0e85a96a10b83883308
4ea304e6b4007048297160a154e41b3c023be1f3372918b1b011db1b336af3a7
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fdf28314853fd8d26f3f47630675627065b33d3ae41ab4c648bb81f71142eee
53673ab8f2befd49e330fc50edcee2903c2d85a7669c4ef94aebf1e1434a38a0
5567675f8f48424a0d6ef9011128e323909a51d905d3dfd3eed4e305bf94e149
566d7c7de34c6bb823e14e0758476b4e45073d2117ea8b06e9e740dcbfb38076
56ddebf765baaa81a520ac900a5d62c1261bbbe55ec697354f68c989f1564f70
57281521094dd6fe0d1997e31eab51a203b0f338d39e730d260fdfecce621905
5cad0209e3e908f5114008b43deadd40996e41c1f952b99ade2454e0b28213f6
5cd0f0a6fa650f230585cc2d16ef811832ddca7d0dc2763835916a068ec4ac1e
5d7837cb1aacfaea50def1ea0d6c004564b79286cd0972bd0ffd0765d5de7b6e
5e789259874521b5b04abc0c6dc2bdbc0a5fb0ca8b4c7c136ce12dd9c9d0158a
5f7f1559e7b5afa461d0362f3c4341efe0caed94b12db49ebc2765a9f18ed58b
64c0d1f4124db3585579dd821c985412711c55aa6b5a8fc203b9b8ced9c9325d
673705a57a02153606a907a7b7fa0f180bfec9375eb52b787be6b0a60ec13c65
6e580e81fe25b4b2220f909df05ec7cd342cb5dbed8082dc0ae25c25ba3a4068
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
6fbc85b88b06d97a584204dcbb5aba1b876eba7c0c37f168856cbb51468cdc0d
72e7491e1dc8a44ffde82aa362db649a01ba6e4f6c5b83e7f0d34556b0d9747b
735edc9037456a256821718a84daf06470f00051642113aa7e68b0692e48f62e
773476fc4041f913eb57d338efa749e0c2b63828f086c83da65c3d3aeb51fa73
782fc8ec0693482ad1a81298df36d9339158f68750b28850d52a86bd3475b6f0
79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8798e1e2016ec9c6e5508729c81178fd8e0a1eeb18f5b7a457bf02512d8c6ce1
87d42d270f9dcb7c030c0d531c3556b95fb4dac1a5c337cb796f356c95eac0b0
89697b385e354cf8f4549262f639838b946c668021628dc51bdb83e8357bf6ac
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e36bf8d255a4005a48f8ac4195c59194ddc1b1d57d1258776c871aa8a3caefe
8fbe342adbdff73a5b3ce23bc7cf241b9d68c05ce72979cd086f0dba5a817f26
910c61ad5012c15c0c0158c4cf4469cfd65c338f7032b7dc8d8ca33d7e60b29a
93b6de4f3187b80031b1e24fa8124a51c0fb17b5b16755b183cf757bc13084d9
98bc8d2ab3fcba4ad61c8394c02055d5b69c12eaf380c263b3f7f4ed08597360
9b1802b7a35571c0ef8c3d0ea62513b335d0aba58de66185f3b03edbcb79e991
9e817ad5553c9b855980839e95d34a98b0d04c0b9da9b8aac18f10b1a3c10cd1
9e8dffd9fac562039dea6f4e9e948cf1e93d03e3b4fafb0d88d2401966599698
a0aba9da52b8e369fa01078c3b7066538ac7e29648c6f90d593b44806acb27aa
a1a71fe53a8e24bc11d300d9bbff86b60c6ce34c4f667b9cf9cde2febbd34f4c
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4
a61c5e23197b23151b277fb52588e7c5dc2d9ece10e9b721e3acd01d2f7570a4
ab67beed7e00d9138cbcf786f2e4efffeacc584e3763101827f67ee589d0567e
ad86fb1e7c6f08f6366eeb2f2a973673b0433a1cd66fee4923eaa29fee3d729f
b0e09330bb1d551692f2c95ef979fec6a549bb80c2736ebb78ee994091898d94
b33352bbefc8deccbbe5bb20f3b656438dd3e4092cf41a636c9daa32e40aab49
b34c9f79ad56bfbe93d432f5207187ddebe9b539428607a3893404966a5aa995
b68efccae861d874c91f6607e469061f716801e4b3849e0e2cde0dc1b60ee9a6
bb00afb3a406c3166e5b64bc72477efe5c2e60363c26c6dc0ddbc4805c1c978a
bb749d5e339e1e7bdfc6c56f956dffba83ba99d6825d6bf7816c622238ecab9d
bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f
c296b44d3a18bbc7103ac9eb06250d36356dc016b0bad4a2cc97d006eb40e83c
c2c5154bf991fa2731344da66f42e9fc8dabbd037c96839c4eb11f0ac0d4f0f0
c3515e31c3fd9db9136263199a6277079be29d1f9fe1f0ada17dc74e861c8362
c3647e98bde2af4876ab503a3840d7e7f6d9116b6bcb35a4eeec30086d600510
c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa
c4eba59ed4342c130bb5d6ebf9d415716996f9da8f0848fe32a51656170ccfcd
d0989ea16866718f66395429e83f2227c717caa49058d28eed25d870d23936a3
d143921c554b3a5b83d01e92e87eecb5afe83c9f6126cabe1e144bc57e5480e0
d5f803c89020a9e7ab3091e2ba6cdfbc21532a0fdedc0c2bc896bf57e6e19f6f
d8c436394846ea20127a8db032f848015d4d239789429b7e0202609089b5525a
e074ce4c38e250c86103bb47ea5759e41e6d82bdac918a80212191501a06c839
e2d9c8180f77127bccc0ea42fe06e0d880414ca38ff2204a5b64e5a4bb5cbbe8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56494297b827a1590d3f965ddd72511687e407120998b296beab3df600894d0
e9e5ef2d50873aa335885fb1cd6058749fbd4cc38d3ef95058d8d14e520d9134
ea13a2f47c99087dec4d5183513c3081f3d22b9f2f5547f17aab997f532893b8
eaa59773025b698c2a2b1d249e0d0824c1dc58f912475bec23d7a7ea70d372f8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef39442ab0343e9634a309c3869644e17bca185dfcd6a7cb949b0e862541de12
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
fc90e6ed9b1462aadfe1a9d3150d3c07921930ea8276f4fa1a484913df002d44
fe8ccb3fd712e6a9594fab7b1de692bb0dfa7857e4b330bb7a67faea755b2f8c
fec64419d338779fb8f45a0c2a925e2e644109e75059e128d98301d14ea9864b
ff5a774c9a9a5b8f1d287a578f136cc35f2f4ea256842908e42692ff0b11311f
ff8e9663d74c9eb3e27f9aad666b360449fa6fde945c9bdf5a3510d4e15a846e