urlscan.io logo urlscan.io
SecurityTrails logo

exc.hr Open in urlscan Pro
178.218.163.202  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.westernunion.exchange.hr/
Effective URL: https://exc.hr/hr/western-union/
Submission: On April 09 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 43 HTTP transactions. The main IP is 178.218.163.202, located in Zagreb, Croatia and belongs to SEDMIODJEL-AS, HR. The main domain is exc.hr.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 6th 2020. Valid for: 3 months.
This is the only time exc.hr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

27    178.218.163.202 (Zagreb, Croatia)

ASN198785 (SEDMIODJEL-AS, HR)
PTR: vps-exchange.infonet.hr
www.westernunion.exchange.hr
www.exc.hr
exc.hr
1    2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2a03:2880:f22d:c4:face:b00c:0:43fe (Ireland)

ASN32934 (FACEBOOK, US)
scontent.cdninstagram.com
2    2a00:1450:4001:81e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
24 exc.hr exc.hr
8 scontent.cdninstagram.com exc.hr
2 www.facebook.com
2 connect.facebook.net exc.hr
connect.facebook.net
2 www.google-analytics.com exc.hr
2 www.google.com exc.hr
www.gstatic.com
2 www.exc.hr 2 redirects
1 www.gstatic.com www.google.com
1 fonts.gstatic.com exc.hr
1 fonts.googleapis.com exc.hr
1 www.westernunion.exchange.hr 1 redirects
43 11

This site contains links to these domains. Also see Links.

Domain
exc.rs
exc.ba
www.facebook.com
www.instagram.com
exclusive.hu
wordpress.org
Subject Issuer Validity Valid
exc.hr
cPanel, Inc. Certification Authority		 2020-02-06 -
2020-05-06		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh
*.instagram.com
DigiCert SHA2 High Assurance Server CA		 2020-03-22 -
2020-06-20		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-03-01 -
2020-05-30		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://exc.hr/hr/western-union/
Frame ID: 9A1F1F0086A5C2F173E6C7018C12A0BD
Requests: 42 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdFV5QUAAAAALmClJmgwNA9MQQ0ZW-WhnifLua6&co=aHR0cHM6Ly9leGMuaHI6NDQz&hl=en&v=NjSCg_IbX1Pdc6A9cf-rvw4e&size=invisible&cb=1ywl0td4joid
Frame ID: FC560F90C9F89922A92FBD36E16F64FC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.westernunion.exchange.hr/ HTTP 302
    http://www.exc.hr/hr/western-union HTTP 302
    https://www.exc.hr/hr/western-union HTTP 301
    https://exc.hr/hr/western-union/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

43
Requests

100 %
HTTPS

89 %
IPv6

9
Domains

11
Subdomains

9
IPs

3
Countries

1607 kB
Transfer

4881 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.westernunion.exchange.hr/ HTTP 302
    http://www.exc.hr/hr/western-union HTTP 302
    https://www.exc.hr/hr/western-union HTTP 301
    https://exc.hr/hr/western-union/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
exc.hr/hr/western-union/
Redirect Chain
  • https://www.westernunion.exchange.hr/
  • http://www.exc.hr/hr/western-union
  • https://www.exc.hr/hr/western-union
  • https://exc.hr/hr/western-union/
71 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://exc.hr/hr/western-union/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.218.163.202 Zagreb, Croatia, ASN198785 (SEDMIODJEL-AS, HR),
Reverse DNS
vps-exchange.infonet.hr
Software
Apache /
Resource Hash
65a6036fc4e1ded4f751baf582a7546cb9fce08a36b75d93ed18c87c6950f686

Request headers

Host
exc.hr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Date
Thu, 09 Apr 2020 22:17:16 GMT
Server
Apache
Vary
Accept-Encoding,Cookie
Cache-Control
max-age=3, must-revalidate
Content-Encoding
gzip
Content-Length
15163
Content-Type
text/html; charset=UTF-8
Set-Cookie
PH_HPXY_CHECK=s1; path=/
Cache-control
private

Redirect headers

Date
Thu, 09 Apr 2020 22:17:13 GMT
Server
Apache
Vary
Accept-Encoding,Cookie
Expires
Thu, 09 Apr 2020 23:17:15 GMT
Cache-Control
max-age=3600
X-Redirect-By
WordPress
Location
https://exc.hr/hr/western-union/
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
autoptimize_1d46d5741d2171f6c8bbbec2a7493059.css
exc.hr/wp-content/cache/autoptimize/css/ 		2 MB
213 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://exc.hr/wp-content/cache/autoptimize/css/autoptimize_1d46d5741d2171f6c8bbbec2a7493059.css
Requested by
Host: exc.hr
URL: https://exc.hr/hr/western-union/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.218.163.202 Zagreb, Croatia, ASN198785 (SEDMIODJEL-AS, HR),
Reverse DNS
vps-exchange.infonet.hr
Software
Apache /
Resource Hash
31fd424fd03165657a74669ce515e8d1b60ca2141e76b978cb0993a05dfc0e18

Request headers

Referer
https://exc.hr/hr/western-union/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Thu, 09 Apr 2020 22:17:16 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Mar 2020 08:54:52 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=30672000, public, immutable
Transfer-Encoding
chunked
Accept-Ranges
bytes
Expires
Tue, 30 Mar 2021 22:17:16 GMT
css
fonts.googleapis.com/ 		50 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMarck+Script%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRaleway%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMarck+Script%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=latin%2Clatin-ext&ver=1.0.0
Requested by
Host: exc.hr
URL: https://exc.hr/hr/western-union/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ac2dbb071e15a0fdf69d3b0dee994e8d5803185729b70fbe209613b4676c00fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://exc.hr/hr/western-union/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 09 Apr 2020 22:17:16 GMT
server
ESF
date
Thu, 09 Apr 2020 22:17:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 Apr 2020 22:17:16 GMT
jquery.js
exc.hr/wp-includes/js/jquery/ 		95 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exc.hr/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: exc.hr
URL: https://exc.hr/hr/western-union/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.218.163.202 Zagreb, Croatia, ASN198785 (SEDMIODJEL-AS, HR),
Reverse DNS
vps-exchange.infonet.hr
Software
Apache /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://exc.hr/hr/western-union/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 09 Apr 2020 22:17:16 GMT
Last-Modified
Tue, 21 May 2019 23:58:39 GMT
Server
Apache
Accept-Ranges
bytes
Content-Length
96873
Content-Type
application/javascript
Croatia.png
exc.hr/wp-content/uploads/flags/ 		439 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exc.hr/wp-content/uploads/flags/Croatia.png
Requested by
Host: exc.hr
URL: https://exc.hr/hr/western-union/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.218.163.202 Zagreb, Croatia, ASN198785 (SEDMIODJEL-AS, HR),
Reverse DNS
vps-exchange.infonet.hr
Software
Apache /
Resource Hash
4f386b580cbb7d2f2541fde02e54a7673a04f1705ca439bb08e8db4f6d99ba1d

Request headers

Referer
https://exc.hr/hr/western-union/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 09 Apr 2020 22:17:16 GMT
Last-Modified
Tue, 12 Feb 2019 14:27:53 GMT
Server
Apache
Accept-Ranges
bytes
Content-Length
439
Content-Type
image/png
United-Kingdom.png
exc.hr/wp-content/uploads/flags/ 		628 B
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exc.hr/wp-content/uploads/flags/United-Kingdom.png
Requested by
Host: exc.hr
URL: https://exc.hr/hr/western-union/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.218.163.202 Zagreb, Croatia, ASN198785 (SEDMIODJEL-AS, HR),
Reverse DNS
vps-exchange.infonet.hr
Software
Apache /
Resource Hash
a174b87ddb5291ebb5c5872143dcfaf9d8d92de890f7b772d113a586e8f85077

Request headers

Referer
https://exc.hr/hr/western-union/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 09 Apr 2020 22:17:16 GMT
Last-Modified
Tue, 12 Feb 2019 14:27:53 GMT
Server
Apache
Accept-Ranges
bytes
Content-Length
628
Content-Type
image/png
logo-retina-dark-464646.png
exc.hr/wp-content/uploads/2018/08/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exc.hr/wp-content/uploads/2018/08/logo-retina-dark-464646.png
Requested by
Host: exc.hr
URL: https://exc.hr/hr/western-union/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.218.163.202 Zagreb, Croatia, ASN198785 (SEDMIODJEL-AS, HR),
Reverse DNS
vps-exchange.infonet.hr
Software
Apache /
Resource Hash
efa9d59fcd95562bb514e25234f0af5d523b6016b09527a79e75d34f13dd1395

Request headers

Referer
https://exc.hr/hr/western-union/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 09 Apr 2020 22:17:16 GMT
Last-Modified
Tue, 12 Feb 2019 14:57:27 GMT
Server
Apache
Accept-Ranges
bytes
Content-Length
25355
Content-Type
image/png
logo-retina-light.png
exc.hr/wp-content/uploads/2018/08/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exc.hr/wp-content/uploads/2018/08/logo-retina-light.png
Requested by
Host: exc.hr
URL: https://exc.hr/hr/western-union/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.218.163.202 Zagreb, Croatia, ASN198785 (SEDMIODJEL-AS, HR),
Reverse DNS
vps-exchange.infonet.hr
Software
Apache /
Resource Hash
219c420ab5756e4d61e3168e64f4454d4baac6825e66b7b6218092cedb769a94

Request headers

Referer
https://exc.hr/hr/western-union/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 09 Apr 2020 22:17:16 GMT
Last-Modified
Tue, 12 Feb 2019 14:57:29 GMT
Server
Apache
Accept-Ranges
bytes
Content-Length
25106
Content-Type
image/png
logo-retina-dark.png
exc.hr/wp-content/uploads/2018/08/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exc.hr/wp-content/uploads/2018/08/logo-retina-dark.png
Requested by
Host: exc.hr
URL: https://exc.hr/hr/western-union/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.218.163.202 Zagreb, Croatia, ASN198785 (SEDMIODJEL-AS, HR),
Reverse DNS
vps-exchange.infonet.hr
Software
Apache /
Resource Hash
75fbcbc0348541b960984e30f0a5e6f5439d87d7a699ad167f133ce92be051cf

Request headers

Referer
https://exc.hr/hr/western-union/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 09 Apr 2020 22:17:16 GMT
Last-Modified
Tue, 12 Feb 2019 14:57:28 GMT
Server
Apache
Accept-Ranges
bytes
Content-Length
24663
Content-Type
image/png
parallax-home-opt.jpg
exc.hr/wp-content/uploads/2019/05/ 		132 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exc.hr/wp-content/uploads/2019/05/parallax-home-opt.jpg
Requested by
Host: exc.hr
URL: https://exc.hr/hr/western-union/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.218.163.202 Zagreb, Croatia, ASN198785 (SEDMIODJEL-AS, HR),
Reverse DNS
vps-exchange.infonet.hr
Software
Apache /
Resource Hash
702156e18de0a55f24a7936616081ca80018f6f06065afa21b0e9f2d7d0713bb

Request headers

Referer
https://exc.hr/hr/western-union/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 09 Apr 2020 22:17:16 GMT
Last-Modified
Wed, 15 May 2019 10:32:56 GMT
Server
Apache
Accept-Ranges
bytes
Content-Length
135164
Content-Type
image/jpeg
wu_logo_mmfb_highres_0_copy-300x69.jpg
exc.hr/wp-content/uploads/2018/08/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exc.hr/wp-content/uploads/2018/08/wu_logo_mmfb_highres_0_copy-300x69.jpg
Requested by
Host: exc.hr
URL: https://exc.hr/hr/western-union/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.218.163.202 Zagreb, Croatia, ASN198785 (SEDMIODJEL-AS, HR),
Reverse DNS
vps-exchange.infonet.hr
Software
Apache /
Resource Hash
562d16e86e598cd9e86a470afa2787c30c417bf7c838a8aaddd404287d5a2ab0

Request headers

Referer
https://exc.hr/hr/western-union/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 09 Apr 2020 22:17:16 GMT
Last-Modified
Tue, 12 Feb 2019 14:58:09 GMT
Server
Apache
Accept-Ranges
bytes
Content-Length
7759
Content-Type
image/jpeg
356946909-Intra-pricing-Croatia-OOH-1080x1080px-1024x1024.jpg
exc.hr/wp-content/uploads/2019/07/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exc.hr/wp-content/uploads/2019/07/356946909-Intra-pricing-Croatia-OOH-1080x1080px-1024x1024.jpg
Requested by
Host: exc.hr
URL: https://exc.hr/hr/western-union/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.218.163.202 Zagreb, Croatia, ASN198785 (SEDMIODJEL-AS, HR),
Reverse DNS
vps-exchange.infonet.hr
Software
Apache /
Resource Hash
a841d944adba277ab7eddf81ee4ed2aa787f1f254c4749b72db67e191330ce5c

Request headers

Referer
https://exc.hr/hr/western-union/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 09 Apr 2020 22:17:16 GMT
Last-Modified
Fri, 19 Jul 2019 11:23:40 GMT
Server
Apache
Accept-Ranges
bytes
Content-Length
77676
Content-Type
image/jpeg
82339166_624667791667065_3406839517280823633_n.jpg
scontent.cdninstagram.com/v/t51.2885-15/e35/s150x150/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.cdninstagram.com/v/t51.2885-15/e35/s150x150/82339166_624667791667065_3406839517280823633_n.jpg?_nc_ht=scontent.cdninstagram.com&_nc_ohc=uVqzeXGyPEoAX9P0y3m&oh=dd075fbbec5eca37897c7a45a6df4cb7&oe=5EB987D4
Requested by
Host: exc.hr
URL: https://exc.hr/hr/western-union/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f22d:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ad3ef27e82b593d239f54b4db58a3d7ad4f9d288afcf3b3aa5f2a30ffd984a38

Request headers

Referer
https://exc.hr/hr/western-union/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-haystack-needlechecksum
1338099560
date
Thu, 09 Apr 2020 22:17:16 GMT, Thu, 09 Apr 2020 22:17:16 GMT
x-fb-trip-id
2050670934
last-modified
Mon, 20 Jan 2020 17:58:45 GMT
access-control-allow-origin
*
content-type
image/jpeg
status
200
cache-control
max-age=1209600, no-transform
x-needle-checksum
1612546172
x-fb-config-version-olb-prod
794
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=3600
content-length
6058
81251698_167768004576731_6168597049146749348_n.jpg
scontent.cdninstagram.com/v/t51.2885-15/e35/s150x150/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.cdninstagram.com/v/t51.2885-15/e35/s150x150/81251698_167768004576731_6168597049146749348_n.jpg?_nc_ht=scontent.cdninstagram.com&_nc_ohc=23HrpoG3vmYAX97msUA&oh=892773fef54a0742fe3d7f4fef96c6ee&oe=5EBA3625
Requested by
Host: exc.hr
URL: https://exc.hr/hr/western-union/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f22d:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6abbb375098aa54723ca7849e8f7e0467ff709be7c3dd3cc2b53f0b1223f2535

Request headers

Referer
https://exc.hr/hr/western-union/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-haystack-needlechecksum
1816926934
date
Thu, 09 Apr 2020 22:17:16 GMT, Thu, 09 Apr 2020 22:17:16 GMT
x-fb-trip-id
2050670934
last-modified
Sat, 11 Jan 2020 10:52:13 GMT
access-control-allow-origin
*
content-type
image/jpeg
status
200
cache-control
max-age=1209600, no-transform
x-needle-checksum
4070251193
x-fb-config-version-olb-prod
794
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=3600
content-length
9489
79523636_123311952153050_3395704152101386712_n.jpg
scontent.cdninstagram.com/v/t51.2885-15/e35/s150x150/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.cdninstagram.com/v/t51.2885-15/e35/s150x150/79523636_123311952153050_3395704152101386712_n.jpg?_nc_ht=scontent.cdninstagram.com&_nc_ohc=u-IxKZAeu-IAX_-9k0N&oh=35946c891c214883e2751c2937851c6d&oe=5EB815B0
Requested by
Host: exc.hr
URL: https://exc.hr/hr/western-union/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f22d:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
70e56bd7298099e764b3ad3d5d9fce89ca2f486206e880a6bf37a34683595668

Request headers

Referer
https://exc.hr/hr/western-union/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-haystack-needlechecksum
1543052554
date
Thu, 09 Apr 2020 22:17:16 GMT, Thu, 09 Apr 2020 22:17:16 GMT
x-fb-trip-id
2050670934
last-modified
Thu, 02 Jan 2020 12:43:48 GMT
access-control-allow-origin
*
content-type
image/jpeg
status
200
cache-control
max-age=1209600, no-transform
x-needle-checksum
3827997879
x-fb-config-version-olb-prod
794
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=3600
content-length
9192
80703289_519335525458500_1993160569738071881_n.jpg
scontent.cdninstagram.com/v/t51.2885-15/e35/s150x150/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.cdninstagram.com/v/t51.2885-15/e35/s150x150/80703289_519335525458500_1993160569738071881_n.jpg?_nc_ht=scontent.cdninstagram.com&_nc_ohc=gPOKZFYbEX0AX8IKiH5&oh=dd6b54186af76a78396a1939ea46b97f&oe=5EB7B63A
Requested by
Host: exc.hr
URL: https://exc.hr/hr/western-union/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f22d:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d841ca04aedf8bfabb00e6bdd3b7e9b5f4414dcf54a2234070864ec6b2a00824

Request headers

Referer
https://exc.hr/hr/western-union/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-haystack-needlechecksum
2289237289
date
Thu, 09 Apr 2020 22:17:16 GMT, Thu, 09 Apr 2020 22:17:16 GMT
x-fb-trip-id
2050670934
last-modified
Tue, 31 Dec 2019 20:27:26 GMT
access-control-allow-origin
*
content-type
image/jpeg
status
200
cache-control
max-age=1209600, no-transform
x-needle-checksum
629134764
x-fb-config-version-olb-prod
794
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=3600
content-length
8173
79369505_472602056732383_7420761815351997605_n.jpg
scontent.cdninstagram.com/v/t51.2885-15/e35/s150x150/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.cdninstagram.com/v/t51.2885-15/e35/s150x150/79369505_472602056732383_7420761815351997605_n.jpg?_nc_ht=scontent.cdninstagram.com&_nc_ohc=uj0tOBuaJtgAX-CP-go&oh=f3f32eb1d347ca4797e1a4764864e083&oe=5EBA3F50
Requested by
Host: exc.hr
URL: https://exc.hr/hr/western-union/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f22d:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0fa82384c41ad7f6999ffe9de2da49db3b457e82d66352e8ca8880038408e3c7

Request headers

Referer
https://exc.hr/hr/western-union/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-haystack-needlechecksum
3986998737
date
Thu, 09 Apr 2020 22:17:16 GMT, Thu, 09 Apr 2020 22:17:16 GMT
x-fb-trip-id
2050670934
last-modified
Tue, 24 Dec 2019 08:24:52 GMT
access-control-allow-origin
*
content-type
image/jpeg
status
200
cache-control
max-age=1209600, no-transform
x-needle-checksum
144377642
x-fb-config-version-olb-prod
794
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=3600
content-length
9556
76989826_2739106606203905_842067980178134701_n.jpg
scontent.cdninstagram.com/v/t51.2885-15/e35/s150x150/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.cdninstagram.com/v/t51.2885-15/e35/s150x150/76989826_2739106606203905_842067980178134701_n.jpg?_nc_ht=scontent.cdninstagram.com&_nc_ohc=WydabU2ik0IAX92pn-D&oh=e7c74ad155a6258eb14cc49567717e3b&oe=5EB836D8
Requested by
Host: exc.hr
URL: https://exc.hr/hr/western-union/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f22d:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8c436596190d7d1ff1b1374ede2e8229ebb2b0e2984408e77e7e40fbd9f1d7f7

Request headers

Referer
https://exc.hr/hr/western-union/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-haystack-needlechecksum
1905576499
date
Thu, 09 Apr 2020 22:17:16 GMT, Thu, 09 Apr 2020 22:17:16 GMT
x-fb-trip-id
2050670934
last-modified
Mon, 23 Dec 2019 08:57:56 GMT
access-control-allow-origin
*
content-type
image/jpeg
status
200
cache-control
max-age=1209600, no-transform
x-needle-checksum
1289274489
x-fb-config-version-olb-prod
794
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=3600
content-length
8268
72548033_830626354054257_5570066675277026996_n.jpg
scontent.cdninstagram.com/v/t51.2885-15/e15/s150x150/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.cdninstagram.com/v/t51.2885-15/e15/s150x150/72548033_830626354054257_5570066675277026996_n.jpg?_nc_ht=scontent.cdninstagram.com&_nc_ohc=jEhs4mBszLwAX90ixE7&oh=c4f40553beb736a63e843b5b04dd6953&oe=5EB7C060
Requested by
Host: exc.hr
URL: https://exc.hr/hr/western-union/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f22d:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
53bf96bf01f6f06d1aef8e30e1fad079952cf14ba57b4765c95534ead9024f9e

Request headers

Referer
https://exc.hr/hr/western-union/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-haystack-needlechecksum
2794245247
date
Thu, 09 Apr 2020 22:17:16 GMT, Thu, 09 Apr 2020 22:17:16 GMT
x-fb-trip-id
2050670934
last-modified
Mon, 16 Dec 2019 14:24:23 GMT
access-control-allow-origin
*
content-type
image/jpeg
status
200
cache-control
max-age=1209600, no-transform
x-needle-checksum
400646589
x-fb-config-version-olb-prod
794
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=3600
content-length
5936
75341388_576163913185685_4033076493525338492_n.jpg
scontent.cdninstagram.com/v/t51.2885-15/e15/s150x150/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.cdninstagram.com/v/t51.2885-15/e15/s150x150/75341388_576163913185685_4033076493525338492_n.jpg?_nc_ht=scontent.cdninstagram.com&_nc_ohc=Cfi7bLMOPtgAX9tjGwO&oh=205dd6ba1a24f55b43bb1be1ef85dbab&oe=5EB75993
Requested by
Host: exc.hr
URL: https://exc.hr/hr/western-union/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f22d:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
427c0a0597196ae2141840545a52f5ba9941aa09e6817b050f18627a5b06ab64

Request headers

Referer
https://exc.hr/hr/western-union/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-haystack-needlechecksum
2454085569
date
Thu, 09 Apr 2020 22:17:16 GMT, Thu, 09 Apr 2020 22:17:16 GMT
x-fb-trip-id
2050670934
last-modified
Wed, 11 Dec 2019 16:05:40 GMT
access-control-allow-origin
*
content-type
image/jpeg
status
200
cache-control
max-age=1209600, no-transform
x-needle-checksum
1063159968
x-fb-config-version-olb-prod
794
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=3600
content-length
6563
logo-retina-alt.png
exc.hr/wp-content/uploads/2018/08/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exc.hr/wp-content/uploads/2018/08/logo-retina-alt.png
Requested by
Host: exc.hr
URL: https://exc.hr/hr/western-union/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.218.163.202 Zagreb, Croatia, ASN198785 (SEDMIODJEL-AS, HR),
Reverse DNS
vps-exchange.infonet.hr
Software
Apache /
Resource Hash
e84a1ae51862afd0f4c18792f2fde9aff49f964bc2e3e1dfccfaad524d796965

Request headers

Referer
https://exc.hr/hr/western-union/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 09 Apr 2020 22:17:16 GMT
Last-Modified
Tue, 12 Feb 2019 14:57:26 GMT
Server
Apache
Accept-Ranges
bytes
Content-Length
27362
Content-Type
image/png
api.js
www.google.com/recaptcha/ 		708 B
572 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LdFV5QUAAAAALmClJmgwNA9MQQ0ZW-WhnifLua6&ver=3.0
Requested by
Host: exc.hr
URL: https://exc.hr/hr/western-union/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dff3db5db24ce619e9f25471fbf9277141bcc555c3f1b81fda23316f9940c3e1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://exc.hr/hr/western-union/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 09 Apr 2020 22:17:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
478
x-xss-protection
1; mode=block
expires
Thu, 09 Apr 2020 22:17:16 GMT
logo-retina-alt-dark.png
exc.hr/wp-content/uploads/2019/03/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exc.hr/wp-content/uploads/2019/03/logo-retina-alt-dark.png
Requested by
Host: exc.hr
URL: https://exc.hr/hr/western-union/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.218.163.202 Zagreb, Croatia, ASN198785 (SEDMIODJEL-AS, HR),
Reverse DNS
vps-exchange.infonet.hr
Software
Apache /
Resource Hash
d1daea22a967ec20687ea3de3b693f48ec8d9209309fa19cfd01d802816f5090

Request headers

Referer
https://exc.hr/hr/western-union/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 09 Apr 2020 22:17:16 GMT
Last-Modified
Fri, 01 Mar 2019 11:08:12 GMT
Server
Apache
Accept-Ranges
bytes
Content-Length
26867
Content-Type
image/png
autoptimize_07cc1f8e325a24ef16b243e24679af12.js
exc.hr/wp-content/cache/autoptimize/js/ 		1 MB
358 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exc.hr/wp-content/cache/autoptimize/js/autoptimize_07cc1f8e325a24ef16b243e24679af12.js
Requested by
Host: exc.hr
URL: https://exc.hr/hr/western-union/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.218.163.202 Zagreb, Croatia, ASN198785 (SEDMIODJEL-AS, HR),
Reverse DNS
vps-exchange.infonet.hr
Software
Apache /
Resource Hash
fbaeb94958b7f1455515b108e78b56348549b2623cb55fe3525beb9a3cc34ec4

Request headers

Referer
https://exc.hr/hr/western-union/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 09 Apr 2020 22:17:16 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Mar 2020 08:54:52 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=30672000, public, immutable
Transfer-Encoding
chunked
Accept-Ranges
bytes
Expires
Tue, 30 Mar 2021 22:17:16 GMT
style.css
exc.hr/wp-content/themes/moose/ 		507 B
692 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://exc.hr/wp-content/themes/moose/style.css
Requested by
Host: exc.hr
URL: https://exc.hr/hr/western-union/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.218.163.202 Zagreb, Croatia, ASN198785 (SEDMIODJEL-AS, HR),
Reverse DNS
vps-exchange.infonet.hr
Software
Apache /
Resource Hash
cdcfc5d9b66e377aede0d4778f8c08b589d7c663f7f8a81b18f6e24ae909111c

Request headers

Referer
https://exc.hr/hr/western-union/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Thu, 09 Apr 2020 22:17:16 GMT
Last-Modified
Wed, 13 Feb 2019 09:55:16 GMT
Server
Apache
Accept-Ranges
bytes
Content-Length
507
Content-Type
text/css
wp-emoji-release.min.js
exc.hr/wp-includes/js/ 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exc.hr/wp-includes/js/wp-emoji-release.min.js?ver=5.2.5
Requested by
Host: exc.hr
URL: https://exc.hr/hr/western-union/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.218.163.202 Zagreb, Croatia, ASN198785 (SEDMIODJEL-AS, HR),
Reverse DNS
vps-exchange.infonet.hr
Software
Apache /
Resource Hash
f4799ef2939b8377cf33f07b07b6d90a4a245adbf1c6eaf47ee3b0fcefcc07fe

Request headers

Referer
https://exc.hr/hr/western-union/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 09 Apr 2020 22:17:16 GMT
Last-Modified
Tue, 21 May 2019 09:19:09 GMT
Server
Apache
Accept-Ranges
bytes
Content-Length
13840
Content-Type
application/javascript
ElegantIcons.woff
exc.hr/wp-content/themes/moose/css/elegant-icons/fonts/ 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://exc.hr/wp-content/themes/moose/css/elegant-icons/fonts/ElegantIcons.woff
Requested by
Host: exc.hr
URL: https://exc.hr/hr/western-union/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.218.163.202 Zagreb, Croatia, ASN198785 (SEDMIODJEL-AS, HR),
Reverse DNS
vps-exchange.infonet.hr
Software
Apache /
Resource Hash
be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae

Request headers

Referer
https://exc.hr/wp-content/cache/autoptimize/css/autoptimize_1d46d5741d2171f6c8bbbec2a7493059.css
Origin
https://exc.hr
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 09 Apr 2020 22:17:16 GMT
Last-Modified
Wed, 13 Feb 2019 09:55:16 GMT
Server
Apache
Accept-Ranges
bytes
Content-Length
63664
Content-Type
font/woff
Simple-Line-Icons.woff
exc.hr/wp-content/themes/moose/css/simple-line-icons/fonts/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://exc.hr/wp-content/themes/moose/css/simple-line-icons/fonts/Simple-Line-Icons.woff
Requested by
Host: exc.hr
URL: https://exc.hr/hr/western-union/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.218.163.202 Zagreb, Croatia, ASN198785 (SEDMIODJEL-AS, HR),
Reverse DNS
vps-exchange.infonet.hr
Software
Apache /
Resource Hash
357af00e9f4081d40ba58b92be04ca240a1ce6dee7f8b83461f0922a56e8c4b7

Request headers

Referer
https://exc.hr/wp-content/cache/autoptimize/css/autoptimize_1d46d5741d2171f6c8bbbec2a7493059.css
Origin
https://exc.hr
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 09 Apr 2020 22:17:16 GMT
Last-Modified
Wed, 13 Feb 2019 09:55:16 GMT
Server
Apache
Accept-Ranges
bytes
Content-Length
59324
Content-Type
font/woff
fontawesome-webfont.woff2
exc.hr/wp-content/themes/moose/css/font-awesome/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://exc.hr/wp-content/themes/moose/css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: exc.hr
URL: https://exc.hr/hr/western-union/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.218.163.202 Zagreb, Croatia, ASN198785 (SEDMIODJEL-AS, HR),
Reverse DNS
vps-exchange.infonet.hr
Software
Apache /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://exc.hr/wp-content/cache/autoptimize/css/autoptimize_1d46d5741d2171f6c8bbbec2a7493059.css
Origin
https://exc.hr
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 09 Apr 2020 22:17:16 GMT
Last-Modified
Wed, 13 Feb 2019 09:55:16 GMT
Server
Apache
Accept-Ranges
bytes
Content-Length
77160
Content-Type
font/woff2
preload_pattern.png
exc.hr/wp-content/uploads/2019/01/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exc.hr/wp-content/uploads/2019/01/preload_pattern.png
Requested by
Host: exc.hr
URL: https://exc.hr/hr/western-union/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.218.163.202 Zagreb, Croatia, ASN198785 (SEDMIODJEL-AS, HR),
Reverse DNS
vps-exchange.infonet.hr
Software
Apache /
Resource Hash
b24d3226d43a1589d671c5b81d358f9caf3e53387905ff15fd0575f8739cb15a

Request headers

Referer
https://exc.hr/wp-content/cache/autoptimize/css/autoptimize_1d46d5741d2171f6c8bbbec2a7493059.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 09 Apr 2020 22:17:16 GMT
Last-Modified
Tue, 12 Feb 2019 15:02:37 GMT
Server
Apache
Accept-Ranges
bytes
Content-Length
2609
Content-Type
image/png
1Ptrg8zYS_SKggPNwIouWqZPANqczVs.woff2
fonts.gstatic.com/s/raleway/v14/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwIouWqZPANqczVs.woff2
Requested by
Host: exc.hr
URL: https://exc.hr/hr/western-union/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d1a48d4eaa4b3accebbc72b3c7f2577bf662a409a79c8cc9cc9db6e13bb7b0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Raleway%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMarck+Script%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRaleway%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMarck+Script%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=latin%2Clatin-ext&ver=1.0.0
Origin
https://exc.hr
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 10 Mar 2020 20:24:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:47:41 GMT
server
sffe
age
2598790
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13132
x-xss-protection
0
expires
Wed, 10 Mar 2021 20:24:06 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/NjSCg_IbX1Pdc6A9cf-rvw4e/ 		259 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/NjSCg_IbX1Pdc6A9cf-rvw4e/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdFV5QUAAAAALmClJmgwNA9MQQ0ZW-WhnifLua6&ver=3.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9c35c6377a52093f4c4f766b5c528106835a654c31b3bba5015d79826633441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://exc.hr/hr/western-union/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 16:37:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 06 Apr 2020 04:05:21 GMT
server
sffe
age
279613
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
94421
x-xss-protection
0
expires
Tue, 06 Apr 2021 16:37:03 GMT
anchor
www.google.com/recaptcha/api2/ Frame FC56 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdFV5QUAAAAALmClJmgwNA9MQQ0ZW-WhnifLua6&co=aHR0cHM6Ly9leGMuaHI6NDQz&hl=en&v=NjSCg_IbX1Pdc6A9cf-rvw4e&size=invisible&cb=1ywl0td4joid
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NjSCg_IbX1Pdc6A9cf-rvw4e/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RMERbQbzUmgNWRXMR9o+jg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LdFV5QUAAAAALmClJmgwNA9MQQ0ZW-WhnifLua6&co=aHR0cHM6Ly9leGMuaHI6NDQz&hl=en&v=NjSCg_IbX1Pdc6A9cf-rvw4e&size=invisible&cb=1ywl0td4joid
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://exc.hr/hr/western-union/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://exc.hr/hr/western-union/

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 09 Apr 2020 22:17:16 GMT
content-security-policy
script-src 'report-sample' 'nonce-RMERbQbzUmgNWRXMR9o+jg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
9192
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
lity.js
exc.hr/wp-content/plugins/gdpr-cookie-compliance/dist/scripts/ 		23 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exc.hr/wp-content/plugins/gdpr-cookie-compliance/dist/scripts/lity.js
Requested by
Host: exc.hr
URL: https://exc.hr/wp-content/cache/autoptimize/js/autoptimize_07cc1f8e325a24ef16b243e24679af12.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.218.163.202 Zagreb, Croatia, ASN198785 (SEDMIODJEL-AS, HR),
Reverse DNS
vps-exchange.infonet.hr
Software
Apache /
Resource Hash
999769c8cf7feeb633fff023f41c93958ea00777054ea8ce262f13891205e532

Request headers

Referer
https://exc.hr/hr/western-union/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 09 Apr 2020 22:17:17 GMT
Last-Modified
Mon, 09 Sep 2019 13:42:43 GMT
Server
Apache
Accept-Ranges
bytes
Content-Length
24021
Content-Type
application/javascript
admin-ajax.php
exc.hr/wp-admin/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://exc.hr/wp-admin/admin-ajax.php
Requested by
Host: exc.hr
URL: https://exc.hr/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.218.163.202 Zagreb, Croatia, ASN198785 (SEDMIODJEL-AS, HR),
Reverse DNS
vps-exchange.infonet.hr
Software
Apache /
Resource Hash
a6cfbe1a1944a399c9bc004144d19c439f5ea27779d91442a902c2569abcd921
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://exc.hr/hr/western-union/
Origin
https://exc.hr
X-Requested-With
XMLHttpRequest
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Thu, 09 Apr 2020 22:17:17 GMT
Referrer-Policy
strict-origin-when-cross-origin
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://exc.hr
Cache-Control
no-cache, must-revalidate, max-age=0, no-store
Access-Control-Allow-Credentials
true
X-Robots-Tag
noindex
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
Expires
Wed, 11 Jan 1984 05:00:00 GMT
logo.png
exc.hr/wp-content/themes/moose/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exc.hr/wp-content/themes/moose/img/logo.png
Requested by
Host: exc.hr
URL: https://exc.hr/hr/western-union/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.218.163.202 Zagreb, Croatia, ASN198785 (SEDMIODJEL-AS, HR),
Reverse DNS
vps-exchange.infonet.hr
Software
Apache /
Resource Hash
0f09f19024765c0e7bd5fb0a577e8829d45f4326a4e78b08fdd575d20a3eac92

Request headers

Referer
https://exc.hr/hr/western-union/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 09 Apr 2020 22:17:17 GMT
Last-Modified
Wed, 13 Feb 2019 09:55:16 GMT
Server
Apache
Accept-Ranges
bytes
Content-Length
7396
Content-Type
image/png
lity.css
exc.hr/wp-content/plugins/gdpr-cookie-compliance/dist/styles/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://exc.hr/wp-content/plugins/gdpr-cookie-compliance/dist/styles/lity.css
Requested by
Host: exc.hr
URL: https://exc.hr/wp-content/cache/autoptimize/js/autoptimize_07cc1f8e325a24ef16b243e24679af12.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.218.163.202 Zagreb, Croatia, ASN198785 (SEDMIODJEL-AS, HR),
Reverse DNS
vps-exchange.infonet.hr
Software
Apache /
Resource Hash
f456d34374824f9868f46964b6bcecf8dc7918706880f5226e51f5d8b4e8ffd6

Request headers

Referer
https://exc.hr/hr/western-union/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Thu, 09 Apr 2020 22:17:17 GMT
Last-Modified
Mon, 09 Sep 2019 13:42:43 GMT
Server
Apache
Accept-Ranges
bytes
Content-Length
2304
Content-Type
text/css
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: exc.hr
URL: https://exc.hr/hr/western-union/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://exc.hr/hr/western-union/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
6228
date
Thu, 09 Apr 2020 20:33:30 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Thu, 09 Apr 2020 22:33:30 GMT
fbevents.js
connect.facebook.net/en_US/ 		126 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: exc.hr
URL: https://exc.hr/hr/western-union/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://exc.hr/hr/western-union/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
KZv/4PDtrlPlWMEa2rl76WB7kVjpebzYN2125BMyQUgdtL4IhBku1AxBQVAAWPRT/IDNPZU1zLtvgGoTFp3daQ==
x-fb-trip-id
1850256238
date
Thu, 09 Apr 2020 22:17:18 GMT, Thu, 09 Apr 2020 22:17:18 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=408689117&t=pageview&_s=1&dl=https%3A%2F%2Fexc.hr%2Fhr%2Fwestern-union%2F&ul=en-us&de=UTF-8&dt=Western%20Union%20%E2%80%93%20Exclusive%20Change&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=841729880&gjid=1524056545&cid=2117729082.1586470639&tid=UA-54241019-1&_gid=134319814.1586470639&_r=1&z=22610886
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://exc.hr/hr/western-union/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Thu, 09 Apr 2020 22:17:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
380199652784051
connect.facebook.net/signals/config/ 		447 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/380199652784051?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4b25f51a77a8b92b46fd80e61f9a8b8d4bcc384d38fdfb7263d4348a3ea58dfb
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://exc.hr/hr/western-union/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
nQJebZqHOv9WP0UTRnIavLKMVgCuzgPXpIG+ORfNV1nrqQ1sgYf1INYPdfKbk8Tyl0QsCAeeSwuvQnthU4UZdg==
x-fb-trip-id
1850256238
date
Thu, 09 Apr 2020 22:17:19 GMT, Thu, 09 Apr 2020 22:17:19 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=380199652784051&ev=PageView&dl=https%3A%2F%2Fexc.hr%2Fhr%2Fwestern-union%2F&rl=&if=false&ts=1586470639150&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1586470639149.1475470827&it=1586470639001&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://exc.hr/hr/western-union/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 09 Apr 2020 22:17:19 GMT, Thu, 09 Apr 2020 22:17:19 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Thu, 09 Apr 2020 22:17:19 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=380199652784051&ev=Microdata&dl=https%3A%2F%2Fexc.hr%2Fhr%2Fwestern-union%2F&rl=&if=false&ts=1586470639652&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Western%20Union%20%E2%80%93%20Exclusive%20Change%22%2C%22meta%3Adescription%22%3A%22Western%20Union%20prijenos%20novca%5CnKorisni%C4%8Dka%20podr%C5%A1ka%20za%20Western%20Union%20-%20besplatni%20info%20telefon%200800%20200%20902%5CnExclusive%20Change%20d.o.o.%20u%20svojim%20poslovnicama%20nudi%20uslugu%20brzog%20prijenosa%20novca%20putem%20Western%20Union-a.%5CnWestern%20Union%20je%20vode%C4%87a%20svjetska%20tvrtka%20za%20organizaciju%20prijenosa%20gotovog%20novca%20prisutna%20u...%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Exclusive%20Change%22%2C%22og%3Atitle%22%3A%22Western%20Union%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fexc.hr%2Fhr%2Fwestern-union%2F%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Adescription%22%3A%22Western%20Union%20prijenos%20novca%5CnKorisni%C4%8Dka%20podr%C5%A1ka%20za%20Western%20Union%20-%20besplatni%20info%20telefon%200800%20200%20902%5CnExclusive%20Change%20d.o.o.%20u%20svojim%20poslovnicama%20nudi%20uslugu%20brzog%20prijenosa%20novca%20putem%20Western%20Union-a.%5CnWestern%20Union%20je%20vode%C4%87a%20svjetska%20tvrtka%20za%20organizaciju%20prijenosa%20gotovog%20novca%20prisutna%20u...%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fexc.hr%2Fwp-content%2Fuploads%2F2018%2F09%2Fog-image.jpg%22%2C%22og%3Aimage%3Aurl%22%3A%22https%3A%2F%2Fexc.hr%2Fwp-content%2Fuploads%2F2018%2F09%2Fog-image.jpg%22%2C%22og%3Aimage%3Asecure_url%22%3A%22https%3A%2F%2Fexc.hr%2Fwp-content%2Fuploads%2F2018%2F09%2Fog-image.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1586470639149.1475470827&it=1586470639001&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://exc.hr/hr/western-union/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 09 Apr 2020 22:17:19 GMT, Thu, 09 Apr 2020 22:17:19 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Thu, 09 Apr 2020 22:17:19 GMT

Verdicts & Comments Add Verdict or Comment

384 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _wpemojiSettings object| LS_Meta undefined| $ function| jQuery undefined| page_scroll_amount_for_sticky object| wpcf7 object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| eltdLike object| moove_frontend_gdpr_scripts object| recaptcha object| closure_lm_30953 object| twemoji object| wp undefined| LS_oldGS undefined| LS_oldGSQueue undefined| LS_oldGSDefine undefined| LS_GSAP object| _gsScope object| WPMLLanguageSwitcherDropdown function| $j function| initElatedLike boolean| pp_alreadyInitialized object| mejs function| onYouTubePlayerAPIReady function| onYouTubePlayerReady number| header_height number| min_header_height_scroll number| min_header_height_sticky number| scroll_amount_for_sticky number| min_header_height_fixed_hidden number| header_bottom_border_weight number| scroll_amount_for_fixed_hiding number| menu_item_margin number| large_menu_item_border number| element_appear_amount number| paspartu_width_init string| directionNavArrows string| directionNavArrowsTestimonials boolean| enable_navigation_on_full_screen_section number| add_for_admin_bar number| logo_height number| logo_width string| loading_text string| finished_text string| piechartcolor object| no_ajax_pages string| eltd_root string| theme_root string| header_style_admin function| headerSize function| stickySidebar function| stickySidebarWidth function| removeStickySidebarClass function| logoWidth function| logoSizeOnSmallScreens function| searchLineHeightOnMobile function| contentMinHeight function| contentMinHeightWithPaspartu function| initElatedSlider function| checkSliderForHeaderStyle function| calculateHeights function| responsiveNumberSlidesCarousel function| initElatedCarousel function| initPortfolioSlider function| initSideMenu function| setDropDownMenuPosition function| initDropDownMenu function| initVerticalMenu function| initVerticalMobileMenu function| checkVerticalMenuTransparency function| initScrollForVerticalMenuWithIcons function| showHideVerticalMenu function| initToCounter function| initCounter function| initProgressBars function| initToCounterHorizontalProgressBar function| initListAnimation function| initPieChart function| initPieChartWithIcon function| initToCounterPieChart function| initPortfolio function| initPortfolioZIndex function| initPortfolioMasonry function| resizeMasonry function| setPortfolioMasZIndex function| getPortfolioXPos function| cleanPortfolioMasXArray function| initPortfolioMasonryFilter function| loadMore function| initPricingTableOddEvenSections function| initPricingTableButton function| prettyPhoto function| checkTitleToShowOrHide function| initTitleAreaAnimation function| initParallaxTitle function| titleGraphicsHeight function| initParallax function| initSideAreaScroll function| initVerticalAreaMenuScroll function| initMobileMenu function| initFlexSlider function| fitVideo function| initPortfolioSingleInfo function| initTabs function| initAccordion function| initAccordionContentLink function| initAccordionHoverStyle function| initTestimonials function| initTestimonialImageHolderWidth function| setTestimonialsEqualHeight function| initMessages function| initElementsAnimation function| initElementsHolderItemAnimation function| initProgressBarsIcon function| initMoreFacts function| placeholderReplace function| totop_button function| backButtonShowHide function| backToTop function| initMessageHeight function| initImageHover function| initProgressBarsVertical function| initToCounterVerticalProgressBar function| checkAnchorOnLoad function| changeActiveState function| checkAnchorOnScroll function| initHashClick function| countClientsPerRow function| anchorActiveState function| initVideoBackground function| initVideoBackgroundSize function| initIconWithTextAnimation function| initCheckSafariBrowser function| initCheckFirefoxMacBrowser function| initSearchButton function| updateShoppingCart function| setContentBottomMargin function| setFooterHeight function| showGoogleMap function| initializeGoogleMap function| initializeGoogleAddress function| initCoverBoxes function| createContentMenu function| createSelectContentMenu function| contentMenuPosition function| contentMenuOnScroll function| contentMenuCheckLastSection function| contentMenuScrollTo function| initCircleHover function| initButtonHover function| initReadMoreButtonHover function| initSocialIconHover function| initIconHover function| initIconTextHover function| initInteractiveBannersShader function| initInteractiveBannersBorderStyle function| preventDefaultValue function| keydown function| wheel function| disable_scroll function| enable_scroll function| initPopupMenu function| initImageGallerySliderNoSpace function| initFullScreenTemplate function| initFullScreenTemplateOnPaspartu function| checkActiveArrowsOnFullScrrenTemplate function| checkFullScreenSectionsForHeaderStyle function| initPortfolioBlurEffect function| initVerticalSplitSlider function| checkVerticalSplitSectionsForHeaderStyle function| initVerticalSplitSectionWidth function| checkHeaderStyleOnScroll function| checkHolderWidth function| setServiceTableStyles function| initProcessHeightWidth function| initCustomFontResize function| initVerticalTabsContentHeight function| initVerticalTabsWidth function| initTabsStyle function| preloadBackgrounds function| setVideoHeightAndWidth function| createTabIcons function| checkSVG function| drawSVG function| SVGEl function| initElatedElementAnimationSkrollr function| getIconClassesForNavigation function| initPageTitleAnimation function| initMasonryGallery function| resizeMasonryGallery function| setParallaxLayersHeight function| parallaxLayers function| alterWPMLSwitcherHeaderBottom function| initSeparatorWithTextAnimation function| initSeparatorWithIconAnimation function| eltdfAnimateOverlappingContent function| animateFormFields function| portfolioProjectPrint function| initNoImageCarousel function| responsiveNumberCardsInfoCardSlider function| initInfoCardSlider function| getPaginationLinks function| noTypeFont function| image_stack function| image_stack_resize number| $scroll number| $window_width number| $window_height boolean| menu_dropdown_height_set number| sticky_amount undefined| content_menu_position number| content_menu_top number| content_menu_top_add undefined| src undefined| next_image undefined| prev_image number| $top_header_height boolean| loadedPageFlag undefined| header_style number| min_w number| video_width_original number| video_height_original number| vid_ratio undefined| skrollr_slider undefined| widgetTopOffset undefined| widgetParentOffset undefined| stickySidebarHeight number| paspartu_width undefined| sticky_animate number| headerHeightOffset string| default_header_style undefined| current_scroll undefined| $scrollHeight object| timeOuts number| scrollPos object| keys object| docElem function| fitAudio function| initBlog function| initBlogMasonryGallery function| resizeBlogMasonryGallery function| initBlogMasonryFullWidth function| initBlogSlider function| responsiveNumberSlides function| initBlogSimpleSlider function| initLoadNextPostOnBottom function| setVerticalLoopAnimation function| setClapperHeight function| splitVerLoopClapper function| initBlogPostPrint object| $window number| scrollTime number| scrollDistance function| smoothScrollListener function| vc_js string| screen_size function| getSizeName function| loadScript function| vc_ttaActivation function| vc_accordionActivate function| initVideoBackgrounds function| vc_initVideoBackgrounds function| insertYoutubeVideoAsBackground function| vcResizeVideoBackground function| vcExtractYoutubeId function| vc_setHoverBoxPerspective function| vc_setHoverBoxHeight function| vc_prepareHoverBox function| vc_googleMapsPointer object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| TimelineLite function| TimelineMax function| BezierPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup function| SplitType object| _layerSlider object| _layerSliders object| layerSliderTransitions object| html5 object| Modernizr function| yepnope function| DP_jQuery_1586470637161 object| NiceScroll object| jQuery112404262066308699879 function| MediaElement function| MediaElementPlayer function| Waypoint object| skrollr function| Chart function| JQClass function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry number| header_top_height function| requestAnimFrame function| cancelAnimFrame boolean| mobile_ie object| addComment function| vc_plugin_flexslider function| vc_googleplus function| vc_pinterest function| vc_progress_bar function| vc_waypoints function| vc_toggleBehaviour function| vc_tabsBehaviour function| vc_accordionBehaviour function| vc_teaserGrid function| vc_carouselBehaviour function| vc_slidersBehaviour function| vc_prettyPhoto function| vc_google_fonts boolean| vcParallaxSkroll function| vc_rowBehaviour function| vc_gridBehaviour function| getColumnsCount function| wpb_prepare_tab_content function| postscribe boolean| doresize object| scroll_pos boolean| hashtag function| lity string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| google_tag_data object| gaplugins object| gaGlobal object| gaData

2 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 202=V6HjdZWtlmEPQViPZoX3CPDIAnxcjCSIZCeFl0c92QuWjAGv4o8pmTgse2tbok53vrdVjuBedrmLPdcTiX9CNrpDdYPRHcoriQ9OopPjrm984g6qqJsHQRcR6DEmp0Um9wyJKiVWnifdGJ-Om4OP8VL3I8G7r2G47jwhxI6ACnM
exc.hr/ Name: PH_HPXY_CHECK
Value: s1

1 Console Messages

Source Level URL
Text
console-api log URL: https://exc.hr/wp-content/cache/autoptimize/js/autoptimize_07cc1f8e325a24ef16b243e24679af12.js(Line 4)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
exc.hr
fonts.googleapis.com
fonts.gstatic.com
scontent.cdninstagram.com
www.exc.hr
www.facebook.com
www.google-analytics.com
www.google.com
www.gstatic.com
www.westernunion.exchange.hr
178.218.163.202
2a00:1450:4001:814::2003
2a00:1450:4001:817::200a
2a00:1450:4001:81c::200e
2a00:1450:4001:81e::2004
2a00:1450:4001:820::2003
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:2880:f22d:c4:face:b00c:0:43fe
0f09f19024765c0e7bd5fb0a577e8829d45f4326a4e78b08fdd575d20a3eac92
0fa82384c41ad7f6999ffe9de2da49db3b457e82d66352e8ca8880038408e3c7
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
219c420ab5756e4d61e3168e64f4454d4baac6825e66b7b6218092cedb769a94
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
31fd424fd03165657a74669ce515e8d1b60ca2141e76b978cb0993a05dfc0e18
357af00e9f4081d40ba58b92be04ca240a1ce6dee7f8b83461f0922a56e8c4b7
427c0a0597196ae2141840545a52f5ba9941aa09e6817b050f18627a5b06ab64
4b25f51a77a8b92b46fd80e61f9a8b8d4bcc384d38fdfb7263d4348a3ea58dfb
4f386b580cbb7d2f2541fde02e54a7673a04f1705ca439bb08e8db4f6d99ba1d
53bf96bf01f6f06d1aef8e30e1fad079952cf14ba57b4765c95534ead9024f9e
562d16e86e598cd9e86a470afa2787c30c417bf7c838a8aaddd404287d5a2ab0
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
65a6036fc4e1ded4f751baf582a7546cb9fce08a36b75d93ed18c87c6950f686
6abbb375098aa54723ca7849e8f7e0467ff709be7c3dd3cc2b53f0b1223f2535
702156e18de0a55f24a7936616081ca80018f6f06065afa21b0e9f2d7d0713bb
70e56bd7298099e764b3ad3d5d9fce89ca2f486206e880a6bf37a34683595668
75fbcbc0348541b960984e30f0a5e6f5439d87d7a699ad167f133ce92be051cf
7d1a48d4eaa4b3accebbc72b3c7f2577bf662a409a79c8cc9cc9db6e13bb7b0d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c436596190d7d1ff1b1374ede2e8229ebb2b0e2984408e77e7e40fbd9f1d7f7
999769c8cf7feeb633fff023f41c93958ea00777054ea8ce262f13891205e532
a174b87ddb5291ebb5c5872143dcfaf9d8d92de890f7b772d113a586e8f85077
a6cfbe1a1944a399c9bc004144d19c439f5ea27779d91442a902c2569abcd921
a841d944adba277ab7eddf81ee4ed2aa787f1f254c4749b72db67e191330ce5c
ac2dbb071e15a0fdf69d3b0dee994e8d5803185729b70fbe209613b4676c00fe
ad3ef27e82b593d239f54b4db58a3d7ad4f9d288afcf3b3aa5f2a30ffd984a38
b24d3226d43a1589d671c5b81d358f9caf3e53387905ff15fd0575f8739cb15a
be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae
c9c35c6377a52093f4c4f766b5c528106835a654c31b3bba5015d79826633441
cdcfc5d9b66e377aede0d4778f8c08b589d7c663f7f8a81b18f6e24ae909111c
d1daea22a967ec20687ea3de3b693f48ec8d9209309fa19cfd01d802816f5090
d841ca04aedf8bfabb00e6bdd3b7e9b5f4414dcf54a2234070864ec6b2a00824
dff3db5db24ce619e9f25471fbf9277141bcc555c3f1b81fda23316f9940c3e1
e84a1ae51862afd0f4c18792f2fde9aff49f964bc2e3e1dfccfaad524d796965
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
efa9d59fcd95562bb514e25234f0af5d523b6016b09527a79e75d34f13dd1395
f456d34374824f9868f46964b6bcecf8dc7918706880f5226e51f5d8b4e8ffd6
f4799ef2939b8377cf33f07b07b6d90a4a245adbf1c6eaf47ee3b0fcefcc07fe
fbaeb94958b7f1455515b108e78b56348549b2623cb55fe3525beb9a3cc34ec4