westernunion-campaign.com Open in urlscan Pro
3.0.73.54  Malicious Activity! Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response westernunion-campaign.com/inbound/	19 KB 4 KB	684ms 217ms	Document text/html	3.0.73.54 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://westernunion-campaign.com/inbound/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.0.73.54 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-0-73-54.ap-southeast-1.compute.amazonaws.com Software Apache / Resource Hash 30cda5e87543c236341ac18c2e7b46f456692c526c97a8c448581f5b02b7e458 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-length 3663 content-type text/html; charset=UTF-8 date Sat, 19 Nov 2022 20:46:24 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server Apache vary Accept-Encoding
GET H2	200	bootstrap.css westernunion-campaign.com/inbound/css/	201 KB 26 KB	427ms 422ms	Stylesheet text/css	3.0.73.54 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://westernunion-campaign.com/inbound/css/bootstrap.css Requested by Host: westernunion-campaign.com URL: https://westernunion-campaign.com/inbound/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.0.73.54 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-0-73-54.ap-southeast-1.compute.amazonaws.com Software Apache / Resource Hash a3e02c7c21e3ec0d4ce57826d6426666218422f31013342aad7cf6d3bd869248 Request headers accept-language de-DE,de;q=0.9 Referer https://westernunion-campaign.com/inbound/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 19 Nov 2022 20:46:24 GMT content-encoding gzip last-modified Thu, 03 Nov 2022 13:12:13 GMT server Apache etag "322ac-5ec90b49df01f-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 26411
GET H2	200	jquery-ui.css ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/	36 KB 36 KB	148ms 40ms	Stylesheet text/css	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/jquery-ui.css Requested by Host: westernunion-campaign.com URL: https://westernunion-campaign.com/inbound/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://westernunion-campaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 19 Nov 2022 18:28:58 GMT x-content-type-options nosniff age 8246 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36536 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sun, 19 Nov 2023 18:28:58 GMT
GET H2	200	style.css westernunion-campaign.com/inbound/css/	18 KB 4 KB	219ms 215ms	Stylesheet text/css	3.0.73.54 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://westernunion-campaign.com/inbound/css/style.css Requested by Host: westernunion-campaign.com URL: https://westernunion-campaign.com/inbound/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.0.73.54 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-0-73-54.ap-southeast-1.compute.amazonaws.com Software Apache / Resource Hash 52558eac67fbed3abfca0439a64e6edcd132591d5317fd699db763b71eeab25c Request headers accept-language de-DE,de;q=0.9 Referer https://westernunion-campaign.com/inbound/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 19 Nov 2022 20:46:24 GMT content-encoding gzip last-modified Wed, 16 Nov 2022 10:52:54 GMT server Apache etag "4810-5ed9446569f31-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 3703
GET H2	200	responsive.css westernunion-campaign.com/inbound/css/	10 KB 2 KB	220ms 216ms	Stylesheet text/css	3.0.73.54 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://westernunion-campaign.com/inbound/css/responsive.css Requested by Host: westernunion-campaign.com URL: https://westernunion-campaign.com/inbound/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.0.73.54 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-0-73-54.ap-southeast-1.compute.amazonaws.com Software Apache / Resource Hash beb9a854d926ab65fae194846bc930c6e1f546a2764dd777e47bec4db5b29dec Request headers accept-language de-DE,de;q=0.9 Referer https://westernunion-campaign.com/inbound/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 19 Nov 2022 20:46:24 GMT content-encoding gzip last-modified Wed, 16 Nov 2022 12:04:28 GMT server Apache etag "261c-5ed954649476d-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 1385
GET H2	200	8645c4eef3.js Show response kit.fontawesome.com/	11 KB 4 KB	116ms 70ms	Script text/javascript	2606:4700::6812:1634 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kit.fontawesome.com/8645c4eef3.js Requested by Host: westernunion-campaign.com URL: https://westernunion-campaign.com/inbound/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7f394b357ec9954da8a5899842093ce4af378a6da1851ab5b7166efb4e5caf8 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers Referer https://westernunion-campaign.com/ Origin https://westernunion-campaign.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 19 Nov 2022 20:46:24 GMT strict-transport-security max-age=31536000; preload content-encoding gzip cf-cache-status MISS server cloudflare access-control-max-age 3000 access-control-allow-methods GET, OPTIONS content-type text/javascript access-control-allow-origin * cache-control max-age=60, public, must-revalidate vary origin, accept-encoding, access-control-request-headers, access-control-request-method cf-ray 76cbcb8a28429b4b-FRA access-control-allow-headers accept, accept-langauge, content-language, content-type, fa-kit-token x-request-id FykXU4R_h-bp3_tH6U9C
GET H2	200	city.js Show response westernunion-campaign.com/inbound/js/	20 KB 8 KB	627ms 625ms	Script application/javascript	3.0.73.54 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://westernunion-campaign.com/inbound/js/city.js Requested by Host: westernunion-campaign.com URL: https://westernunion-campaign.com/inbound/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.0.73.54 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-0-73-54.ap-southeast-1.compute.amazonaws.com Software Apache / Resource Hash 9409fb71a5ad10912c5f9fb57abccb349701b0be89edb99098cb1a9f360f7e58 Request headers accept-language de-DE,de;q=0.9 Referer https://westernunion-campaign.com/inbound/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 19 Nov 2022 20:46:24 GMT content-encoding gzip last-modified Tue, 08 Nov 2022 09:35:20 GMT server Apache etag "4ebe-5ecf2423459a0-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 8249
GET H2	200	logo.wu.big.svg westernunion-campaign.com/inbound/images/	4 KB 5 KB	215ms 211ms	Image image/svg+xml	3.0.73.54 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://westernunion-campaign.com/inbound/images/logo.wu.big.svg Requested by Host: westernunion-campaign.com URL: https://westernunion-campaign.com/inbound/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.0.73.54 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-0-73-54.ap-southeast-1.compute.amazonaws.com Software Apache / Resource Hash a429e88fb3c60ba945bd70230f4b38c857342b15a7f1934f868c5f830eca7255 Request headers accept-language de-DE,de;q=0.9 Referer https://westernunion-campaign.com/inbound/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 19 Nov 2022 20:46:25 GMT last-modified Thu, 03 Nov 2022 13:12:15 GMT server Apache accept-ranges bytes etag "1168-5ec90b4b9f3d5" content-length 4456 content-type image/svg+xml
GET H2	200	circle%20information.png westernunion-campaign.com/inbound/images/	2 KB 2 KB	210ms 206ms	Image image/png	3.0.73.54 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://westernunion-campaign.com/inbound/images/circle%20information.png Requested by Host: westernunion-campaign.com URL: https://westernunion-campaign.com/inbound/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.0.73.54 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-0-73-54.ap-southeast-1.compute.amazonaws.com Software Apache / Resource Hash 95dcd3a1be2b6b57ce380be7859ac738c306c039fc3aa5e07e96eaabf698aa6d Request headers accept-language de-DE,de;q=0.9 Referer https://westernunion-campaign.com/inbound/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 19 Nov 2022 20:46:25 GMT last-modified Thu, 03 Nov 2022 13:12:14 GMT server Apache accept-ranges bytes etag "80f-5ec90b4b223e1" content-length 2063 content-type image/png
GET H2	200	cash%20give.png westernunion-campaign.com/inbound/images/	2 KB 2 KB	416ms 413ms	Image image/png	3.0.73.54 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://westernunion-campaign.com/inbound/images/cash%20give.png Requested by Host: westernunion-campaign.com URL: https://westernunion-campaign.com/inbound/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.0.73.54 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-0-73-54.ap-southeast-1.compute.amazonaws.com Software Apache / Resource Hash 733a83f1b091ded20db56afd72fb04da8890e9e24daa0d3907c6acd4071e0102 Request headers accept-language de-DE,de;q=0.9 Referer https://westernunion-campaign.com/inbound/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 19 Nov 2022 20:46:25 GMT last-modified Thu, 03 Nov 2022 13:12:14 GMT server Apache accept-ranges bytes etag "8a8-5ec90b4af4585" content-length 2216 content-type image/png
GET H2	200	mydetails.png westernunion-campaign.com/inbound/images/	2 KB 2 KB	419ms 417ms	Image image/png	3.0.73.54 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://westernunion-campaign.com/inbound/images/mydetails.png Requested by Host: westernunion-campaign.com URL: https://westernunion-campaign.com/inbound/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.0.73.54 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-0-73-54.ap-southeast-1.compute.amazonaws.com Software Apache / Resource Hash b1fd791a1abfb52ee1040dec50dec831a090239042c8b09de5522f4bd50fa30b Request headers accept-language de-DE,de;q=0.9 Referer https://westernunion-campaign.com/inbound/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 19 Nov 2022 20:46:25 GMT last-modified Thu, 03 Nov 2022 13:12:15 GMT server Apache accept-ranges bytes etag "823-5ec90b4bf81ad" content-length 2083 content-type image/png
GET H2	200	online%20send.png westernunion-campaign.com/inbound/images/	2 KB 2 KB	424ms 421ms	Image image/png	3.0.73.54 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://westernunion-campaign.com/inbound/images/online%20send.png Requested by Host: westernunion-campaign.com URL: https://westernunion-campaign.com/inbound/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.0.73.54 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-0-73-54.ap-southeast-1.compute.amazonaws.com Software Apache / Resource Hash 99b601c3575f7f46d5278491e0fb1ef7f36733cb1ba237966d7105610b84211f Request headers accept-language de-DE,de;q=0.9 Referer https://westernunion-campaign.com/inbound/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 19 Nov 2022 20:46:25 GMT last-modified Thu, 03 Nov 2022 13:12:15 GMT server Apache accept-ranges bytes etag "870-5ec90b4bf81ad" content-length 2160 content-type image/png
GET H2	200	wu.png westernunion-campaign.com/inbound/images/	2 KB 2 KB	417ms 415ms	Image image/png	3.0.73.54 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://westernunion-campaign.com/inbound/images/wu.png Requested by Host: westernunion-campaign.com URL: https://westernunion-campaign.com/inbound/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.0.73.54 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-0-73-54.ap-southeast-1.compute.amazonaws.com Software Apache / Resource Hash af006b6442143ab8d5c55c3c4cc539b7d374e47c0e267bb38e917fadf4b21c34 Request headers accept-language de-DE,de;q=0.9 Referer https://westernunion-campaign.com/inbound/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 19 Nov 2022 20:46:25 GMT last-modified Thu, 03 Nov 2022 13:12:15 GMT server Apache accept-ranges bytes etag "919-5ec90b4c240c9" content-length 2329 content-type image/png
GET H2	200	bank%20to.png westernunion-campaign.com/inbound/images/	2 KB 2 KB	422ms 420ms	Image image/png	3.0.73.54 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://westernunion-campaign.com/inbound/images/bank%20to.png Requested by Host: westernunion-campaign.com URL: https://westernunion-campaign.com/inbound/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.0.73.54 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-0-73-54.ap-southeast-1.compute.amazonaws.com Software Apache / Resource Hash 8cccd7b76e6d427c6cd637a7735124842e2d9a1366b037e4a097e557dbcdf7c6 Request headers accept-language de-DE,de;q=0.9 Referer https://westernunion-campaign.com/inbound/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 19 Nov 2022 20:46:25 GMT last-modified Thu, 03 Nov 2022 13:12:13 GMT server Apache accept-ranges bytes etag "7dc-5ec90b4a8fc2e" content-length 2012 content-type image/png
GET H2	200	app.png westernunion-campaign.com/inbound/images/	2 KB 2 KB	420ms 418ms	Image image/png	3.0.73.54 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://westernunion-campaign.com/inbound/images/app.png Requested by Host: westernunion-campaign.com URL: https://westernunion-campaign.com/inbound/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.0.73.54 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-0-73-54.ap-southeast-1.compute.amazonaws.com Software Apache / Resource Hash 256a41e030600bae77bc65f5769e54145488a7d2886f6d1572fadb67f52510ca Request headers accept-language de-DE,de;q=0.9 Referer https://westernunion-campaign.com/inbound/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 19 Nov 2022 20:46:25 GMT last-modified Thu, 03 Nov 2022 13:12:13 GMT server Apache accept-ranges bytes etag "6fb-5ec90b4a8fc2e" content-length 1787 content-type image/png
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.5.1/	87 KB 30 KB	42ms 40ms	Script text/javascript	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Requested by Host: westernunion-campaign.com URL: https://westernunion-campaign.com/inbound/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://westernunion-campaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 19 Nov 2022 20:40:39 GMT content-encoding gzip x-content-type-options nosniff age 345 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31021 x-xss-protection 0 last-modified Fri, 08 May 2020 07:05:03 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sun, 19 Nov 2023 20:40:39 GMT
GET H2	200	jquery-ui.min.js Show response ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/	248 KB 66 KB	41ms 41ms	Script text/javascript	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js Requested by Host: westernunion-campaign.com URL: https://westernunion-campaign.com/inbound/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://westernunion-campaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 19 Nov 2022 18:28:58 GMT content-encoding gzip x-content-type-options nosniff age 8246 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 67948 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sun, 19 Nov 2023 18:28:58 GMT
GET H2	200	jquery.easing.js Show response cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.4.1/	4 KB 2 KB	76ms 29ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.4.1/jquery.easing.js Requested by Host: westernunion-campaign.com URL: https://westernunion-campaign.com/inbound/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b70e7fc0877517ee0bc941766499e94681cd5c9eba8eb2b720685fab82e12e36 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://westernunion-campaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 19 Nov 2022 20:46:24 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 347719 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1040 last-modified Mon, 04 May 2020 16:11:45 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec1-fcf" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJafsA2MhVuPten3rVcYhQeORPWGuMSCPjlLjwoInBUw1fB2fDsrJsKX2dSccMDcqfBydSHjHy%2FTTF4Ude%2FP1xW6%2FROaQy0vb3h6BOuGkkSfgnpu%2F3zBQITuIbu0IYk5kP%2B8Ow5xAY2GN29xA4ZFU4DB"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 76cbcb8db9a89100-FRA expires Thu, 09 Nov 2023 20:46:24 GMT
GET H2	200	bootstrap.bundle.js Show response westernunion-campaign.com/inbound/js/	205 KB 43 KB	223ms 223ms	Script application/javascript	3.0.73.54 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://westernunion-campaign.com/inbound/js/bootstrap.bundle.js Requested by Host: westernunion-campaign.com URL: https://westernunion-campaign.com/inbound/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.0.73.54 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-0-73-54.ap-southeast-1.compute.amazonaws.com Software Apache / Resource Hash 86db0050e22037cc64a28b69414ce6bda09b428eb1d8f34c4c3ee42d623ac984 Request headers accept-language de-DE,de;q=0.9 Referer https://westernunion-campaign.com/inbound/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 19 Nov 2022 20:46:25 GMT content-encoding gzip last-modified Thu, 03 Nov 2022 13:12:17 GMT server Apache etag "33337-5ec90b4dbc3e3-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 43534
GET H2	200	jquery-1.12.4.js Show response code.jquery.com/	287 KB 85 KB	69ms 17ms	Script application/javascript	2001:4de0:ac18::1:a:1b STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-1.12.4.js Requested by Host: westernunion-campaign.com URL: https://westernunion-campaign.com/inbound/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 430f36f9b5f21aae8cc9dca6a81c4d3d84da5175eaedcf2fdc2c226302cb3575 Request headers accept-language de-DE,de;q=0.9 Referer https://westernunion-campaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 19 Nov 2022 20:46:24 GMT content-encoding gzip last-modified Wed, 16 Feb 2022 10:50:39 GMT server nginx etag W/"620cd6ff-47a36" vary Accept-Encoding x-hw 1668890784.dop205.am5.t,1668890784.cds209.am5.hn,1668890784.cds313.am5.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 87176
GET H2	200	jquery-ui.js Show response code.jquery.com/ui/1.12.1/	509 KB 122 KB	99ms 47ms	Script application/javascript	2001:4de0:ac18::1:a:1b STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/ui/1.12.1/jquery-ui.js Requested by Host: westernunion-campaign.com URL: https://westernunion-campaign.com/inbound/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d Request headers accept-language de-DE,de;q=0.9 Referer https://westernunion-campaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 19 Nov 2022 20:46:24 GMT content-encoding gzip last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx etag W/"28feccc0-7f20a" vary Accept-Encoding x-hw 1668890784.dop205.am5.t,1668890784.cds209.am5.hn,1668890784.cds222.am5.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 124434
GET H2	200	jquery.validate.min.js Show response ajax.aspnetcdn.com/ajax/jquery.validate/1.9/	21 KB 7 KB	62ms 7ms	Script application/javascript	152.199.19.160 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://ajax.aspnetcdn.com/ajax/jquery.validate/1.9/jquery.validate.min.js Requested by Host: westernunion-campaign.com URL: https://westernunion-campaign.com/inbound/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.19.160 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/4CBE) / Resource Hash a931d758e10b5f646f42e4b1100ee31b7ce4cdf5a86d59133424b65c8802788b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://westernunion-campaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 19 Nov 2022 20:46:24 GMT content-encoding gzip x-content-type-options nosniff age 5693574 x-cache HIT content-length 6501 x-xss-protection 1; mode=block last-modified Mon, 31 Oct 2016 23:42:34 GMT server ECAcc (frc/4CBE) etag "011774d033d21:0" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000 accept-ranges bytes timing-allow-origin *
GET H2	200	custom.js Show response westernunion-campaign.com/inbound/js/	6 KB 2 KB	211ms 207ms	Script application/javascript	3.0.73.54 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://westernunion-campaign.com/inbound/js/custom.js Requested by Host: westernunion-campaign.com URL: https://westernunion-campaign.com/inbound/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.0.73.54 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-0-73-54.ap-southeast-1.compute.amazonaws.com Software Apache / Resource Hash 5137d32696e1a69ce6b8f4156ec35eaccfb9c1a1ac689e6cf447bea3061a94ee Request headers accept-language de-DE,de;q=0.9 Referer https://westernunion-campaign.com/inbound/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 19 Nov 2022 20:46:25 GMT content-encoding gzip last-modified Fri, 18 Nov 2022 09:34:50 GMT server Apache etag "167b-5edbb6ad28364-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 1574
GET H2	200	free.min.css Show response ka-f.fontawesome.com/releases/v5.15.4/css/	59 KB 13 KB	148ms 121ms	Fetch text/css	2606:4700:e6::ac40:ca1c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=8645c4eef3 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/8645c4eef3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda Request headers accept-language de-DE,de;q=0.9 Referer https://westernunion-campaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 19 Nov 2022 20:46:24 GMT via 1.1 aba4314739e8021cd58808839bb3d4b8.cloudfront.net (CloudFront) content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop DUB56-P1 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xQneF%2F96eshliseDWzGncbcjqIuly1%2B0nVTbcYA1KnZMmjucAHYYMhOKxAmZZo%2FMliw%2B8oSYQKcTmBbgIJIz%2FKtEL%2BBen%2FE4KxMR%2B%2FbMio3JlDHs0YsBoSnNcEt73bxu1J7wkJ4AYFow16%2Biv9GGGldgSQ%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 76cbcb8cdae8921f-FRA access-control-allow-headers fa-kit-token x-amz-cf-id rk_cQ1gdcfpxLeedA-cuGU-SHXK4EJKAFZ6svuK1LDM1-jl1122nGA==
GET H2	200	free-v4-shims.min.css Show response ka-f.fontawesome.com/releases/v5.15.4/css/	26 KB 4 KB	127ms 102ms	Fetch text/css	2606:4700:e6::ac40:ca1c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=8645c4eef3 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/8645c4eef3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8 Request headers accept-language de-DE,de;q=0.9 Referer https://westernunion-campaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 19 Nov 2022 20:46:24 GMT via 1.1 e20527248be1eebaced63108ab7e73d6.cloudfront.net (CloudFront) content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop DUB56-P1 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag W/"76f34b71fc9fb641507ff6a822cc07f5" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8KleSEiZHX6GPJzZnouuRf5HH%2BjBuc5k2FS1wkDXoVnpkZ8J2QoQFSKGtPu64dcB7Fhy8Fa%2FExRfDhaR9f82%2BPMJC7cnQyy84QNbyMIVI6KO1b8A2McI%2B%2Bb8vtVTeIj1UJpiwJwt4Nel%2BsEq7OxjNrbRQQ%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 76cbcb8cdae9921f-FRA access-control-allow-headers fa-kit-token x-amz-cf-id dSYGKLLswfhF6ABiFkqGybLmtWcqHBR93hezfYMtxoL-yK221KFJYw==
GET H2	200	free-v4-font-face.min.css Show response ka-f.fontawesome.com/releases/v5.15.4/css/	3 KB 2 KB	122ms 97ms	Fetch text/css	2606:4700:e6::ac40:ca1c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=8645c4eef3 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/8645c4eef3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6 Request headers accept-language de-DE,de;q=0.9 Referer https://westernunion-campaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 19 Nov 2022 20:46:24 GMT via 1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront) content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop DUB56-P1 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag W/"f2e0b2680d9b0bcb6e0039c4424e5a59" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j3lGNbEQpfAgvPQNg38kY%2F9xDnCBIkWlF12bwLoQC2%2BT49f4JycJQk%2F7ezMe6akjLyKQwTes92RX7iRtB7l1W0IZRc23c03CPVUIBWZueMxlzrBMkYZOtoKn76DxiFeaXokqI0oZ9Bu1BAST9oMk7DDMbw%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 76cbcb8cdaea921f-FRA access-control-allow-headers fa-kit-token x-amz-cf-id eSZGqayEuuwDf_Yd0ghx8A5WZfLIgG2T0iCdQlf-yNOKTI6xdXHiAQ==
GET H2	200	bg1.jpg westernunion-campaign.com/inbound/images/	360 KB 360 KB	420ms 420ms	Image image/jpeg	3.0.73.54 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://westernunion-campaign.com/inbound/images/bg1.jpg Requested by Host: westernunion-campaign.com URL: https://westernunion-campaign.com/inbound/css/style.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.0.73.54 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-0-73-54.ap-southeast-1.compute.amazonaws.com Software Apache / Resource Hash 4067c01c56235b08f5a54c447bfcfe94c21751d90ed9f34148856672e37c49d0 Request headers accept-language de-DE,de;q=0.9 Referer https://westernunion-campaign.com/inbound/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 19 Nov 2022 20:46:25 GMT last-modified Thu, 03 Nov 2022 13:12:14 GMT server Apache accept-ranges bytes etag "59e6a-5ec90b4ace428" content-length 368234 content-type image/jpeg
GET DATA	200 OK	truncated /	231 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0c423574c169bcda1bac06d877eb1d94e018b4f2f54c637eb632cd00ebc5d6f5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	231 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 90473a1a619e183dde264afd0632ecbaa69a98ce8a4ed8be947417e47a666670 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	EuclidWU-Regular.woff2 westernunion-campaign.com/inbound/css/fonts/	65 KB 65 KB	418ms 417ms	Font font/woff2	3.0.73.54 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://westernunion-campaign.com/inbound/css/fonts/EuclidWU-Regular.woff2 Requested by Host: westernunion-campaign.com URL: https://westernunion-campaign.com/inbound/css/style.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.0.73.54 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-0-73-54.ap-southeast-1.compute.amazonaws.com Software Apache / Resource Hash bafea0bee76e41d9fc7f8d5d13dcb05fb2b30442edfefcbe780172a6ee98227a Request headers Referer https://westernunion-campaign.com/inbound/css/style.css Origin https://westernunion-campaign.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 19 Nov 2022 20:46:25 GMT last-modified Thu, 03 Nov 2022 13:12:21 GMT server Apache accept-ranges bytes etag "104c8-5ec90b51e2b81" content-length 66760 content-type font/woff2
GET H2	200	EuclidWU-Medium.woff2 westernunion-campaign.com/inbound/css/fonts/	66 KB 66 KB	622ms 622ms	Font font/woff2	3.0.73.54 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://westernunion-campaign.com/inbound/css/fonts/EuclidWU-Medium.woff2 Requested by Host: westernunion-campaign.com URL: https://westernunion-campaign.com/inbound/css/style.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.0.73.54 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-0-73-54.ap-southeast-1.compute.amazonaws.com Software Apache / Resource Hash dd8b38f19d76002f8ab2f9fdb3a9fe839112e04d871a3c94953c2786877e8c23 Request headers Referer https://westernunion-campaign.com/inbound/css/style.css Origin https://westernunion-campaign.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 19 Nov 2022 20:46:25 GMT last-modified Thu, 03 Nov 2022 13:12:21 GMT server Apache accept-ranges bytes etag "1076c-5ec90b516a9ac" content-length 67436 content-type font/woff2
GET H3	200	free.min.css Show response ka-f.fontawesome.com/releases/v5.15.4/css/	59 KB 13 KB	67ms 57ms	Fetch text/css	2606:4700:e6::ac40:ca1c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=8645c4eef3 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/8645c4eef3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda Request headers accept-language de-DE,de;q=0.9 Referer https://westernunion-campaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 19 Nov 2022 20:46:25 GMT via 1.1 aba4314739e8021cd58808839bb3d4b8.cloudfront.net (CloudFront) content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop DUB56-P1 age 1 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LwVbVb%2BJ9XdurSgFwYaxCntk5tqv7z2waPPw6JYInYFkQ6nfSKbMAtXT751W4cpDz9d%2BWJ7Ic6yDZqxtZ0IEE6gaMhiElM5g3dYqA9FOyiuqqYYTfoJn985FjWbdO9S5uq2ncfLpZ%2BzJDudLa%2FyvH4sBoA%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 76cbcb90ed72bb65-FRA access-control-allow-headers fa-kit-token x-amz-cf-id rk_cQ1gdcfpxLeedA-cuGU-SHXK4EJKAFZ6svuK1LDM1-jl1122nGA==
GET H3	200	free-v4-shims.min.css Show response ka-f.fontawesome.com/releases/v5.15.4/css/	26 KB 5 KB	82ms 72ms	Fetch text/css	2606:4700:e6::ac40:ca1c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=8645c4eef3 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/8645c4eef3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8 Request headers accept-language de-DE,de;q=0.9 Referer https://westernunion-campaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 19 Nov 2022 20:46:25 GMT via 1.1 e20527248be1eebaced63108ab7e73d6.cloudfront.net (CloudFront) content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop DUB56-P1 age 1 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag W/"76f34b71fc9fb641507ff6a822cc07f5" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2F41P2sEgvR3lPD5CmhyeOqjqZ165Dg3X98f9jc%2FJe7By%2BEKKJZW9t2ZfVvOIgBahPLF%2BeOW5CP450l%2BxwGrmo7df3LbwSgh65j7kNN692Fb%2BDcLCu9jw25JfmlL%2F7XfaVbg0i5xHqlg4v0AafSuR4xaFg%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 76cbcb90fd7bbb65-FRA access-control-allow-headers fa-kit-token x-amz-cf-id dSYGKLLswfhF6ABiFkqGybLmtWcqHBR93hezfYMtxoL-yK221KFJYw==
GET H3	200	free-v4-font-face.min.css Show response ka-f.fontawesome.com/releases/v5.15.4/css/	3 KB 1 KB	53ms 44ms	Fetch text/css	2606:4700:e6::ac40:ca1c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=8645c4eef3 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/8645c4eef3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6 Request headers accept-language de-DE,de;q=0.9 Referer https://westernunion-campaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 19 Nov 2022 20:46:25 GMT via 1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront) content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop DUB56-P1 age 1 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag W/"f2e0b2680d9b0bcb6e0039c4424e5a59" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wrhsmx9KXA392mDEtFAITxze%2Bdlv0w20RLXoPtjEZ3E7ZSdpiDd2VWXvh5YoCjAnRuUmMvltCjHZ1c93gIPSLCbV0mzcuIbCfPrgEst5BgVmQfCGb3luu4C82itkW%2BgVDeD3psb7sisoBnq%2B%2BCIBLh%2B%2FLw%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 76cbcb90fd76bb65-FRA access-control-allow-headers fa-kit-token x-amz-cf-id eSZGqayEuuwDf_Yd0ghx8A5WZfLIgG2T0iCdQlf-yNOKTI6xdXHiAQ==

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Western Union (Banking)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| FontAwesomeKitConfig object| cities function| City function| $ function| jQuery number| uidEvent object| bootstrap

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			westernunion-campaign.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: jkpg70cmbjil4m3ljkn0jimsao

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
ajax.googleapis.com
cdnjs.cloudflare.com
code.jquery.com
ka-f.fontawesome.com
kit.fontawesome.com
westernunion-campaign.com
152.199.19.160
2001:4de0:ac18::1:a:1b
2606:4700::6811:190e
2606:4700::6812:1634
2606:4700:e6::ac40:ca1c
2a00:1450:4001:803::200a
3.0.73.54
0c423574c169bcda1bac06d877eb1d94e018b4f2f54c637eb632cd00ebc5d6f5
256a41e030600bae77bc65f5769e54145488a7d2886f6d1572fadb67f52510ca
30cda5e87543c236341ac18c2e7b46f456692c526c97a8c448581f5b02b7e458
4067c01c56235b08f5a54c447bfcfe94c21751d90ed9f34148856672e37c49d0
430f36f9b5f21aae8cc9dca6a81c4d3d84da5175eaedcf2fdc2c226302cb3575
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d
5137d32696e1a69ce6b8f4156ec35eaccfb9c1a1ac689e6cf447bea3061a94ee
52558eac67fbed3abfca0439a64e6edcd132591d5317fd699db763b71eeab25c
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
733a83f1b091ded20db56afd72fb04da8890e9e24daa0d3907c6acd4071e0102
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
86db0050e22037cc64a28b69414ce6bda09b428eb1d8f34c4c3ee42d623ac984
8cccd7b76e6d427c6cd637a7735124842e2d9a1366b037e4a097e557dbcdf7c6
90473a1a619e183dde264afd0632ecbaa69a98ce8a4ed8be947417e47a666670
9409fb71a5ad10912c5f9fb57abccb349701b0be89edb99098cb1a9f360f7e58
95dcd3a1be2b6b57ce380be7859ac738c306c039fc3aa5e07e96eaabf698aa6d
99b601c3575f7f46d5278491e0fb1ef7f36733cb1ba237966d7105610b84211f
a3e02c7c21e3ec0d4ce57826d6426666218422f31013342aad7cf6d3bd869248
a429e88fb3c60ba945bd70230f4b38c857342b15a7f1934f868c5f830eca7255
a931d758e10b5f646f42e4b1100ee31b7ce4cdf5a86d59133424b65c8802788b
af006b6442143ab8d5c55c3c4cc539b7d374e47c0e267bb38e917fadf4b21c34
b1fd791a1abfb52ee1040dec50dec831a090239042c8b09de5522f4bd50fa30b
b70e7fc0877517ee0bc941766499e94681cd5c9eba8eb2b720685fab82e12e36
bafea0bee76e41d9fc7f8d5d13dcb05fb2b30442edfefcbe780172a6ee98227a
beb9a854d926ab65fae194846bc930c6e1f546a2764dd777e47bec4db5b29dec
dd8b38f19d76002f8ab2f9fdb3a9fe839112e04d871a3c94953c2786877e8c23
f7f394b357ec9954da8a5899842093ce4af378a6da1851ab5b7166efb4e5caf8
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda