ionian-seasoned-spring.glitch.me Open in urlscan Pro
18.232.230.162  Malicious Activity! Public Scan

URL: https://ionian-seasoned-spring.glitch.me//
Submission: On September 15 via manual from US — Scanned from DE

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 28 HTTP transactions. The main IP is 18.232.230.162, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is ionian-seasoned-spring.glitch.me.
TLS certificate: Issued by Amazon on February 1st 2022. Valid for: a year.
This is the only time ionian-seasoned-spring.glitch.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Western Union (Banking)

Domain & IP information

IP Address AS Autonomous System
21 18.232.230.162 14618 (AMAZON-AES)
5 104.103.94.75 16625 (AKAMAI-AS)
1 2a02:26f0:ea:... 20940 (AKAMAI-ASN1)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
28 4
Apex Domain
Subdomains
Transfer
21 glitch.me
ionian-seasoned-spring.glitch.me
474 KB
5 westernunion.com
www.westernunion.com — Cisco Umbrella Rank: 100982
222 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1280
c.go-mpulse.net — Cisco Umbrella Rank: 599
50 KB
28 3
Domain Requested by
21 ionian-seasoned-spring.glitch.me ionian-seasoned-spring.glitch.me
5 www.westernunion.com ionian-seasoned-spring.glitch.me
www.westernunion.com
1 c.go-mpulse.net s.go-mpulse.net
1 s.go-mpulse.net ionian-seasoned-spring.glitch.me
28 4
Subject Issuer Validity Valid
glitch.com
Amazon
2022-02-01 -
2023-03-02
a year crt.sh
www.westernunion.com
GeoTrust RSA CA 2018
2022-07-01 -
2023-07-01
a year crt.sh
akstat.io
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-04-15 -
2023-04-19
a year crt.sh

This page contains 1 frames:

Primary Page: https://ionian-seasoned-spring.glitch.me//
Frame ID: D01162AD8AE6C6279FFD53BB379498BC
Requests: 28 HTTP requests in this frame

Screenshot

Page Title

Log In with Western Union in the United States

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc/designs/
  • /etc/clientlibs/

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

745 kB
Transfer

1572 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ionian-seasoned-spring.glitch.me//
458 KB
459 KB
Document
General
Full URL
https://ionian-seasoned-spring.glitch.me//
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.230.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-230-162.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
f0a89d727d3b7e0e44cb7b84d320d0f6cf91b6154a19e70ef1b33e08fc9398f4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
469364
content-type
text/html; charset=utf-8
date
Thu, 15 Sep 2022 13:38:36 GMT
etag
"b5eabfb901736e9a327f0d96cef759c9"
last-modified
Fri, 22 Jul 2022 18:37:59 GMT
server
AmazonS3
x-amz-id-2
ix3NHP8Xkupz0h0QXikqcG1FV9yzPSlC6PrMeyoOZ/cW8VXH4jiIjwMmTpnb7ycjEuploZ1Wumo=
x-amz-request-id
PT28Q74W7MYM5HX7
x-amz-version-id
DPRK1sOjhjt4rRDOf0bkTh9IwsLm7AkZ
wu_common.js
ionian-seasoned-spring.glitch.me/etc/clientlibs/westernunion/
0
0
Script
General
Full URL
https://ionian-seasoned-spring.glitch.me/etc/clientlibs/westernunion/wu_common.js
Requested by
Host: ionian-seasoned-spring.glitch.me
URL: https://ionian-seasoned-spring.glitch.me//
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.230.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-230-162.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ionian-seasoned-spring.glitch.me//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:38:36 GMT
cache-control
max-age=0
content-length
3672
OpenSans-Light.woff2
ionian-seasoned-spring.glitch.me/etc/designs/westernunion/optimus/fonts/
0
0
Font
General
Full URL
https://ionian-seasoned-spring.glitch.me/etc/designs/westernunion/optimus/fonts/OpenSans-Light.woff2
Requested by
Host: ionian-seasoned-spring.glitch.me
URL: https://ionian-seasoned-spring.glitch.me//
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.230.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-230-162.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://ionian-seasoned-spring.glitch.me//
Origin
https://ionian-seasoned-spring.glitch.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:38:36 GMT
cache-control
max-age=0
content-length
3672
OpenSans-Semibold.woff2
ionian-seasoned-spring.glitch.me/etc/designs/westernunion/optimus/fonts/
0
0
Font
General
Full URL
https://ionian-seasoned-spring.glitch.me/etc/designs/westernunion/optimus/fonts/OpenSans-Semibold.woff2
Requested by
Host: ionian-seasoned-spring.glitch.me
URL: https://ionian-seasoned-spring.glitch.me//
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.230.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-230-162.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://ionian-seasoned-spring.glitch.me//
Origin
https://ionian-seasoned-spring.glitch.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:38:36 GMT
cache-control
max-age=0
content-length
3672
OpenSans-Regular.woff2
ionian-seasoned-spring.glitch.me/etc/designs/westernunion/optimus/fonts/
0
0
Font
General
Full URL
https://ionian-seasoned-spring.glitch.me/etc/designs/westernunion/optimus/fonts/OpenSans-Regular.woff2
Requested by
Host: ionian-seasoned-spring.glitch.me
URL: https://ionian-seasoned-spring.glitch.me//
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.230.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-230-162.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://ionian-seasoned-spring.glitch.me//
Origin
https://ionian-seasoned-spring.glitch.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:38:36 GMT
cache-control
max-age=0
content-length
3672
styles.81914088503d01a6205d.css
ionian-seasoned-spring.glitch.me/serverless/
0
0
Stylesheet
General
Full URL
https://ionian-seasoned-spring.glitch.me/serverless/styles.81914088503d01a6205d.css
Requested by
Host: ionian-seasoned-spring.glitch.me
URL: https://ionian-seasoned-spring.glitch.me//
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.230.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-230-162.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ionian-seasoned-spring.glitch.me//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:38:36 GMT
cache-control
max-age=0
content-length
3672
responsive_css.min.css
www.westernunion.com/content/wucom/dist/39.0.0.1cbcd6e7/css/
822 KB
150 KB
Stylesheet
General
Full URL
https://www.westernunion.com/content/wucom/dist/39.0.0.1cbcd6e7/css/responsive_css.min.css
Requested by
Host: ionian-seasoned-spring.glitch.me
URL: https://ionian-seasoned-spring.glitch.me//
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.94.75 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-94-75.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a46e06ddde8f2139aa65930cc14e9d55221d5e81a32a6b621dc3c7a11d38343a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ionian-seasoned-spring.glitch.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
114, 114
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
etag
"cd710-5e89d01cf3ee6-gzip"
x-edgeconnect-midmile-rtt
19, 36
server-timing
cdn-cache; desc=MISS, edge; dur=157, origin; dur=114, dtSInfo;desc="0", dtRpid;desc="69975200"
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Wed, 14 Sep 2022 06:12:01 GMT
server
Apache
x-frame-options
SAMEORIGIN
date
Thu, 15 Sep 2022 13:38:36 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Sat, 15 Oct 2022 13:38:36 GMT
ruxitagentjs_ICA27Vfghjqrux_10243220606153550.js
ionian-seasoned-spring.glitch.me/
0
0
Script
General
Full URL
https://ionian-seasoned-spring.glitch.me/ruxitagentjs_ICA27Vfghjqrux_10243220606153550.js
Requested by
Host: ionian-seasoned-spring.glitch.me
URL: https://ionian-seasoned-spring.glitch.me//
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.230.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-230-162.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ionian-seasoned-spring.glitch.me//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:38:36 GMT
cache-control
max-age=0
content-length
3672
27ad8d6d
www.westernunion.com/akam/13/
0
0
Script
General
Full URL
https://www.westernunion.com/akam/13/27ad8d6d
Requested by
Host: ionian-seasoned-spring.glitch.me
URL: https://ionian-seasoned-spring.glitch.me//
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.94.75 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-94-75.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ionian-seasoned-spring.glitch.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 13:38:37 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
server-timing
cdn-cache; desc=HIT, edge; dur=1
access-control-allow-headers
*
content-length
9
x-akam-sw-version
0.5.0
expires
Thu, 15 Sep 2022 13:38:37 GMT
logo.wu.big.svg
www.westernunion.com/content/dam/wu/logo/
4 KB
3 KB
Image
General
Full URL
https://www.westernunion.com/content/dam/wu/logo/logo.wu.big.svg
Requested by
Host: ionian-seasoned-spring.glitch.me
URL: https://ionian-seasoned-spring.glitch.me//
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.94.75 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-94-75.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a429e88fb3c60ba945bd70230f4b38c857342b15a7f1934f868c5f830eca7255
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ionian-seasoned-spring.glitch.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
etag
"b879b2ff8075ba5cb35cc88080311fdb-gzip"
x-amz-cf-pop
ORD58-P5
x-amz-server-side-encryption
AES256
access-control-max-age
86400
server-timing
cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="0", dtRpid;desc="-1750903985"
content-length
1962
x-xss-protection
1; mode=block
last-modified
Wed, 14 Sep 2022 04:09:11 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
date
Thu, 15 Sep 2022 13:38:37 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
RwQqWmFWhHAS6W4r5UFugAdc3XL9qy1hjFTZIJHqFu20JUwr_o_r6A==
expires
Fri, 15 Sep 2023 13:38:37 GMT
icon-sm-facebook.png
ionian-seasoned-spring.glitch.me/content/dam/wu/responsive/
4 KB
4 KB
Image
General
Full URL
https://ionian-seasoned-spring.glitch.me/content/dam/wu/responsive/icon-sm-facebook.png
Requested by
Host: ionian-seasoned-spring.glitch.me
URL: https://ionian-seasoned-spring.glitch.me//
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.230.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-230-162.compute-1.amazonaws.com
Software
/
Resource Hash
39636ae7f7de3deacfe55d573d85d1bb5c349440065b16e573e5e3c62a0e3fb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ionian-seasoned-spring.glitch.me//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:38:37 GMT
cache-control
max-age=0
content-length
3672
icon-sm-youtube.png
ionian-seasoned-spring.glitch.me/content/dam/wu/responsive/
4 KB
4 KB
Image
General
Full URL
https://ionian-seasoned-spring.glitch.me/content/dam/wu/responsive/icon-sm-youtube.png
Requested by
Host: ionian-seasoned-spring.glitch.me
URL: https://ionian-seasoned-spring.glitch.me//
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.230.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-230-162.compute-1.amazonaws.com
Software
/
Resource Hash
39636ae7f7de3deacfe55d573d85d1bb5c349440065b16e573e5e3c62a0e3fb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ionian-seasoned-spring.glitch.me//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:38:37 GMT
cache-control
max-age=0
content-length
3672
icon-sm-instagram.png
ionian-seasoned-spring.glitch.me/content/dam/wu/responsive/
4 KB
4 KB
Image
General
Full URL
https://ionian-seasoned-spring.glitch.me/content/dam/wu/responsive/icon-sm-instagram.png
Requested by
Host: ionian-seasoned-spring.glitch.me
URL: https://ionian-seasoned-spring.glitch.me//
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.230.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-230-162.compute-1.amazonaws.com
Software
/
Resource Hash
39636ae7f7de3deacfe55d573d85d1bb5c349440065b16e573e5e3c62a0e3fb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ionian-seasoned-spring.glitch.me//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:38:37 GMT
cache-control
max-age=0
content-length
3672
icon-sm-twitter.png
ionian-seasoned-spring.glitch.me/content/dam/wu/responsive/
4 KB
4 KB
Image
General
Full URL
https://ionian-seasoned-spring.glitch.me/content/dam/wu/responsive/icon-sm-twitter.png
Requested by
Host: ionian-seasoned-spring.glitch.me
URL: https://ionian-seasoned-spring.glitch.me//
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.230.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-230-162.compute-1.amazonaws.com
Software
/
Resource Hash
39636ae7f7de3deacfe55d573d85d1bb5c349440065b16e573e5e3c62a0e3fb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ionian-seasoned-spring.glitch.me//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:38:37 GMT
cache-control
max-age=0
content-length
3672
loader_only.js
ionian-seasoned-spring.glitch.me/serverless/assets/vendor/
0
0
Script
General
Full URL
https://ionian-seasoned-spring.glitch.me/serverless/assets/vendor/loader_only.js
Requested by
Host: ionian-seasoned-spring.glitch.me
URL: https://ionian-seasoned-spring.glitch.me//
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.230.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-230-162.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ionian-seasoned-spring.glitch.me//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:38:37 GMT
cache-control
max-age=0
content-length
3672
jquery-1.11.2.min.js
ionian-seasoned-spring.glitch.me/serverless/assets/vendor/
0
0
Script
General
Full URL
https://ionian-seasoned-spring.glitch.me/serverless/assets/vendor/jquery-1.11.2.min.js
Requested by
Host: ionian-seasoned-spring.glitch.me
URL: https://ionian-seasoned-spring.glitch.me//
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.230.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-230-162.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ionian-seasoned-spring.glitch.me//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:38:36 GMT
cache-control
max-age=0
content-length
3672
bootstrap-3.4.0.min.js
ionian-seasoned-spring.glitch.me/serverless/assets/vendor/
0
0
Script
General
Full URL
https://ionian-seasoned-spring.glitch.me/serverless/assets/vendor/bootstrap-3.4.0.min.js
Requested by
Host: ionian-seasoned-spring.glitch.me
URL: https://ionian-seasoned-spring.glitch.me//
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.230.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-230-162.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ionian-seasoned-spring.glitch.me//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:38:37 GMT
cache-control
max-age=0
content-length
3672
WUAnalyticEventCapture.js
ionian-seasoned-spring.glitch.me/serverless/assets/vendor/
0
0
Script
General
Full URL
https://ionian-seasoned-spring.glitch.me/serverless/assets/vendor/WUAnalyticEventCapture.js
Requested by
Host: ionian-seasoned-spring.glitch.me
URL: https://ionian-seasoned-spring.glitch.me//
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.230.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-230-162.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ionian-seasoned-spring.glitch.me//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:38:37 GMT
cache-control
max-age=0
content-length
3672
util.js
ionian-seasoned-spring.glitch.me/serverless/assets/vendor/
0
0
Script
General
Full URL
https://ionian-seasoned-spring.glitch.me/serverless/assets/vendor/util.js
Requested by
Host: ionian-seasoned-spring.glitch.me
URL: https://ionian-seasoned-spring.glitch.me//
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.230.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-230-162.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ionian-seasoned-spring.glitch.me//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:38:37 GMT
cache-control
max-age=0
content-length
3672
runtime.cc78cd61576d7c0ab7f7.js
ionian-seasoned-spring.glitch.me/serverless/
0
0
Script
General
Full URL
https://ionian-seasoned-spring.glitch.me/serverless/runtime.cc78cd61576d7c0ab7f7.js
Requested by
Host: ionian-seasoned-spring.glitch.me
URL: https://ionian-seasoned-spring.glitch.me//
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.230.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-230-162.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ionian-seasoned-spring.glitch.me//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:38:37 GMT
cache-control
max-age=0
content-length
3672
polyfills.f80b1d2500b8b49f5d26.js
ionian-seasoned-spring.glitch.me/serverless/
0
0
Script
General
Full URL
https://ionian-seasoned-spring.glitch.me/serverless/polyfills.f80b1d2500b8b49f5d26.js
Requested by
Host: ionian-seasoned-spring.glitch.me
URL: https://ionian-seasoned-spring.glitch.me//
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.230.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-230-162.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ionian-seasoned-spring.glitch.me//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:38:37 GMT
cache-control
max-age=0
content-length
3672
vendor.585816a00162df7a4c36.js
ionian-seasoned-spring.glitch.me/serverless/
0
0
Script
General
Full URL
https://ionian-seasoned-spring.glitch.me/serverless/vendor.585816a00162df7a4c36.js
Requested by
Host: ionian-seasoned-spring.glitch.me
URL: https://ionian-seasoned-spring.glitch.me//
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.230.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-230-162.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ionian-seasoned-spring.glitch.me//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:38:37 GMT
cache-control
max-age=0
content-length
3672
main.16babbe17d6a9112cddb.js
ionian-seasoned-spring.glitch.me/serverless/
0
0
Script
General
Full URL
https://ionian-seasoned-spring.glitch.me/serverless/main.16babbe17d6a9112cddb.js
Requested by
Host: ionian-seasoned-spring.glitch.me
URL: https://ionian-seasoned-spring.glitch.me//
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.230.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-230-162.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ionian-seasoned-spring.glitch.me//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:38:37 GMT
cache-control
max-age=0
content-length
3672
h0mBgY
ionian-seasoned-spring.glitch.me/xDpP0YVd6LcU-4YRJZOCj3Ah/DO7XJpiShiEu/KU9gNQMC/RBB0e/
0
0
Script
General
Full URL
https://ionian-seasoned-spring.glitch.me/xDpP0YVd6LcU-4YRJZOCj3Ah/DO7XJpiShiEu/KU9gNQMC/RBB0e/h0mBgY
Requested by
Host: ionian-seasoned-spring.glitch.me
URL: https://ionian-seasoned-spring.glitch.me//
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.230.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-230-162.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ionian-seasoned-spring.glitch.me//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:38:37 GMT
cache-control
max-age=0
content-length
3672
T8GD4-PXVWR-9MW97-GAT7V-FQG35
s.go-mpulse.net/boomerang/
205 KB
49 KB
Script
General
Full URL
https://s.go-mpulse.net/boomerang/T8GD4-PXVWR-9MW97-GAT7V-FQG35
Requested by
Host: ionian-seasoned-spring.glitch.me
URL: https://ionian-seasoned-spring.glitch.me//
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:ea:492::11a6 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ionian-seasoned-spring.glitch.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:38:37 GMT
content-encoding
br
last-modified
Wed, 03 Aug 2022 16:16:24 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
OpenSans-Light.woff2
www.westernunion.com/etc/designs/westernunion/optimus/fonts/
50 KB
51 KB
Font
General
Full URL
https://www.westernunion.com/etc/designs/westernunion/optimus/fonts/OpenSans-Light.woff2
Requested by
Host: www.westernunion.com
URL: https://www.westernunion.com/content/wucom/dist/39.0.0.1cbcd6e7/css/responsive_css.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.94.75 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-94-75.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bbbac54860d140091bdb87a4149d18962a2ce0de41f582fc28473a78c20858da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.westernunion.com/content/wucom/dist/39.0.0.1cbcd6e7/css/responsive_css.min.css
Origin
https://ionian-seasoned-spring.glitch.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
etag
"c864-5e8991e4229aa-gzip:dtagent10247220811100421WV+s"
server-timing
cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="0", dtRpid;desc="-584184654"
vary
Accept-Encoding
content-length
51223
x-xss-protection
1; mode=block
last-modified
Wed, 14 Sep 2022 01:33:37 GMT
server
Apache
x-frame-options
SAMEORIGIN
date
Thu, 15 Sep 2022 13:38:37 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Sat, 15 Oct 2022 13:38:37 GMT
glyphicons-halflings-regular.woff2
www.westernunion.com/etc/designs/westernunion/responsive_css/fonts/
18 KB
19 KB
Font
General
Full URL
https://www.westernunion.com/etc/designs/westernunion/responsive_css/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: www.westernunion.com
URL: https://www.westernunion.com/content/wucom/dist/39.0.0.1cbcd6e7/css/responsive_css.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.94.75 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-94-75.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.westernunion.com/content/wucom/dist/39.0.0.1cbcd6e7/css/responsive_css.min.css
Origin
https://ionian-seasoned-spring.glitch.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
etag
"466c-5e8999f9e5148-gzip:dtagent10247220811100421WV+s"
server-timing
cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="0", dtRpid;desc="1710237902", dtTao;desc="1"
vary
Accept-Encoding
content-length
18030
x-xss-protection
1; mode=block
last-modified
Wed, 14 Sep 2022 02:09:48 GMT
server
Apache
x-frame-options
SAMEORIGIN
date
Thu, 15 Sep 2022 13:38:37 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
expires
Sat, 15 Oct 2022 13:38:37 GMT
config.json
c.go-mpulse.net/api/
68 B
346 B
XHR
General
Full URL
https://c.go-mpulse.net/api/config.json?key=T8GD4-PXVWR-9MW97-GAT7V-FQG35&d=ionian-seasoned-spring.glitch.me&t=5544164&v=1.720.0&sl=0&si=4fac309c-6087-44dc-83af-c4888916dfeb-ri978c&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=188342
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/T8GD4-PXVWR-9MW97-GAT7V-FQG35
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:594::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3217a6955b600825965f424d1cf73bc156ade880bcb4e16760cfe1771e2da89e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ionian-seasoned-spring.glitch.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 15 Sep 2022 13:38:37 GMT
Cache-Control
public, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
68
Content-Type
application/json

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Western Union (Banking)

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation boolean| akamServiceWorkerInvoked function| aka3pmLog string| io_global_object_name object| IGLOO object| BOOMR_mq string| BOOMR_API_key object| BOOMR string| bazadebezolkohpepadr object| countryConfig function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression number| BOOMR_onload

0 Cookies

27 Console Messages

Source Level URL
Text
network error URL: https://ionian-seasoned-spring.glitch.me/etc/designs/westernunion/optimus/fonts/OpenSans-Light.woff2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ionian-seasoned-spring.glitch.me/etc/designs/westernunion/optimus/fonts/OpenSans-Regular.woff2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ionian-seasoned-spring.glitch.me/etc/clientlibs/westernunion/wu_common.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ionian-seasoned-spring.glitch.me/etc/designs/westernunion/optimus/fonts/OpenSans-Semibold.woff2
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://ionian-seasoned-spring.glitch.me//(Line 41)
Message:
<link rel=preload> must have a valid `as` value
network error URL: https://ionian-seasoned-spring.glitch.me/serverless/styles.81914088503d01a6205d.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ionian-seasoned-spring.glitch.me/ruxitagentjs_ICA27Vfghjqrux_10243220606153550.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ionian-seasoned-spring.glitch.me/serverless/assets/vendor/jquery-1.11.2.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ionian-seasoned-spring.glitch.me/serverless/assets/vendor/bootstrap-3.4.0.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ionian-seasoned-spring.glitch.me/xDpP0YVd6LcU-4YRJZOCj3Ah/DO7XJpiShiEu/KU9gNQMC/RBB0e/h0mBgY
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.westernunion.com/akam/13/27ad8d6d
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ionian-seasoned-spring.glitch.me/content/dam/wu/responsive/icon-sm-facebook.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ionian-seasoned-spring.glitch.me/content/dam/wu/responsive/icon-sm-instagram.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ionian-seasoned-spring.glitch.me/content/dam/wu/responsive/icon-sm-twitter.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ionian-seasoned-spring.glitch.me/serverless/assets/vendor/WUAnalyticEventCapture.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ionian-seasoned-spring.glitch.me/content/dam/wu/responsive/icon-sm-youtube.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ionian-seasoned-spring.glitch.me/serverless/polyfills.f80b1d2500b8b49f5d26.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ionian-seasoned-spring.glitch.me/serverless/assets/vendor/util.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ionian-seasoned-spring.glitch.me/serverless/vendor.585816a00162df7a4c36.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ionian-seasoned-spring.glitch.me/serverless/main.16babbe17d6a9112cddb.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ionian-seasoned-spring.glitch.me/serverless/assets/vendor/loader_only.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ionian-seasoned-spring.glitch.me/serverless/runtime.cc78cd61576d7c0ab7f7.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://c.go-mpulse.net/api/config.json?key=T8GD4-PXVWR-9MW97-GAT7V-FQG35&d=ionian-seasoned-spring.glitch.me&t=5544164&v=1.720.0&sl=0&si=4fac309c-6087-44dc-83af-c4888916dfeb-ri978c&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=188342
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error
Message:
A bad HTTP response code (404) was received when fetching the script.
javascript warning URL: https://ionian-seasoned-spring.glitch.me//
Message:
The resource https://ionian-seasoned-spring.glitch.me/etc/designs/westernunion/optimus/fonts/OpenSans-Regular.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://ionian-seasoned-spring.glitch.me//
Message:
The resource https://ionian-seasoned-spring.glitch.me/etc/designs/westernunion/optimus/fonts/OpenSans-Light.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://ionian-seasoned-spring.glitch.me//
Message:
The resource https://ionian-seasoned-spring.glitch.me/etc/designs/westernunion/optimus/fonts/OpenSans-Semibold.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.