plportal.moneygram.com

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 6 HTTP transactions. The main IP is 63.91.129.246, located in United States and belongs to MONEYGRAM-INTERNATIONAL-INC, US. The main domain is plportal.moneygram.com. The Cisco Umbrella rank of the primary domain is 350863.
TLS certificate: Issued by Entrust Certification Authority - L1K on October 4th 2023. Valid for: a year.

This is the only time plportal.moneygram.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	165.212.65.140 165.212.65.140	14454 (SILVERSKY...) (SILVERSKY-INC)
1 7	63.91.129.246 63.91.129.246	29898 (MONEYGRAM...) (MONEYGRAM-INTERNATIONAL-INC)
6	1

1 165.212.65.140 (Trumbull, United States) 1 redirects

ASN14454 (SILVERSKY-INC, US)

clicktime.cloud.postoffice.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 63.91.129.246 (United States) 1 redirects

ASN29898 (MONEYGRAM-INTERNATIONAL-INC, US)
PTR: user246.temgdwdp.com

plportal.moneygram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	moneygram.com 1 redirects plportal.moneygram.com — Cisco Umbrella Rank: 350863	184 KB
1	postoffice.net 1 redirects clicktime.cloud.postoffice.net — Cisco Umbrella Rank: 366576	369 B
6	2

	Domain	Requested by
7	plportal.moneygram.com	1 redirects plportal.moneygram.com
1	clicktime.cloud.postoffice.net	1 redirects
6	2

This site contains links to these domains. Also see Links.

Domain
entry.moneygram.com

Subject Issuer	Validity	Valid
plportal.moneygram.com Entrust Certification Authority - L1K	`2023-10-04` - `2024-10-17`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://plportal.moneygram.com/faces/Login_LogoutCloseWindow.jsp
Frame ID: 98CFC7CA66CA669F5628E5C8F6ACBB57
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login

Page URL History Show full URLs

https://clicktime.cloud.postoffice.net/clicktime.php?U=http%3A%2F%2Fplportal.moneygram.com%2Ffaces%2FLogin_LogoutCl... HTTP 307
http://plportal.moneygram.com/faces/Login_LogoutCloseWindow.jsp HTTP 307
https://plportal.moneygram.com/faces/Login_LogoutCloseWindow.jsp Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

6
Requests

83 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

184 kB
Transfer

182 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://entry.moneygram.com/tex/login.asp
Title: here

Search URL Search Domain Scan URL

URL: https://entry.moneygram.com/GW/login.asp
Title: here

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://clicktime.cloud.postoffice.net/clicktime.php?U=http%3A%2F%2Fplportal.moneygram.com%2Ffaces%2FLogin_LogoutCloseWindow.jsp&E=adiaz%40fpcu.org&X=XID784CcbqEN1167Xd1&T=FINP&HV=U,E,X,T&H=a5ba13da679d8e3d951fffd430de1da24fff0ec3 HTTP 307
http://plportal.moneygram.com/faces/Login_LogoutCloseWindow.jsp HTTP 307
https://plportal.moneygram.com/faces/Login_LogoutCloseWindow.jsp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://plportal.moneygram.com/favicon.ico HTTP 302
https://plportal.moneygram.com/Login/

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request Login_LogoutCloseWindow.jsp Show response
plportal.moneygram.com/faces/
Redirect Chain

https://clicktime.cloud.postoffice.net/clicktime.php?U=http%3A%2F%2Fplportal.moneygram.com%2Ffaces%2FLogin_LogoutCloseWindow.jsp&E=adiaz%40fpcu.org&X=XID784CcbqEN1167Xd1&T=FINP&HV=U,E,X,T&H=a5ba13d...
http://plportal.moneygram.com/faces/Login_LogoutCloseWindow.jsp
https://plportal.moneygram.com/faces/Login_LogoutCloseWindow.jsp

14 KB
14 KB

1066ms
153ms

Document
text/html

63.91.129.246
MONEYGRAM-INTERNA...

General

Check archive.org

Show headers Download Go to

Full URL

https://plportal.moneygram.com/faces/Login_LogoutCloseWindow.jsp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.91.129.246 , United States, ASN29898 (MONEYGRAM-INTERNATIONAL-INC, US),

Reverse DNS

user246.temgdwdp.com

Software

Apache /

Resource Hash

afab2401240ba00ccd4ae7a1d9286c2aa9118192f9e9e57fa1ff9072c39951fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Connection: Keep-Alive
Content-Language: en-US
Content-Type: text/html;charset=ISO-8859-1
Date: Thu, 28 Mar 2024 22:53:40 GMT
Keep-Alive: timeout=15, max=100
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN

Redirect headers

Location: https://plportal.moneygram.com/faces/Login_LogoutCloseWindow.jsp
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK main-firefox.css
plportal.moneygram.com/theme/ 29 KB
30 KB 291ms
149ms Stylesheet
text/css 63.91.129.246
MONEYGRAM-INTERNA...

General

Check archive.org

Show headers Download Go to

Full URL

https://plportal.moneygram.com/theme/main-firefox.css

Requested by

Host: plportal.moneygram.com
URL: https://plportal.moneygram.com/faces/Login_LogoutCloseWindow.jsp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.91.129.246 , United States, ASN29898 (MONEYGRAM-INTERNATIONAL-INC, US),

Reverse DNS

user246.temgdwdp.com

Software

Apache /

Resource Hash

3984d7868997241c1332452fa9561a3d5fd8118b357b53c3f3c133df0fbefb66

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://plportal.moneygram.com/faces/Login_LogoutCloseWindow.jsp
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 28 Mar 2024 22:53:40 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Last-Modified: Tue, 28 Jun 2022 13:39:50 GMT
Server: Apache
ETag: W/"30136-1656423590000"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 30136

GET
H/1.1 200
OK jquery-1.12.4.min.js Show response
plportal.moneygram.com/js/ 95 KB
95 KB 449ms
153ms Script
application/javascript 63.91.129.246
MONEYGRAM-INTERNA...

General

Check archive.org

Show headers Download Go to

Full URL

https://plportal.moneygram.com/js/jquery-1.12.4.min.js

Requested by

Host: plportal.moneygram.com
URL: https://plportal.moneygram.com/faces/Login_LogoutCloseWindow.jsp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.91.129.246 , United States, ASN29898 (MONEYGRAM-INTERNATIONAL-INC, US),

Reverse DNS

user246.temgdwdp.com

Software

Apache /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://plportal.moneygram.com/faces/Login_LogoutCloseWindow.jsp
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 28 Mar 2024 22:53:40 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Last-Modified: Tue, 28 Jun 2022 13:39:46 GMT
Server: Apache
ETag: W/"97163-1656423586000"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 97163

GET
H/1.1 200
OK jquery.blockUI.js Show response
plportal.moneygram.com/js/ 19 KB
20 KB 447ms
152ms Script
application/javascript 63.91.129.246
MONEYGRAM-INTERNA...

General

Check archive.org

Show headers Download Go to

Full URL

https://plportal.moneygram.com/js/jquery.blockUI.js

Requested by

Host: plportal.moneygram.com
URL: https://plportal.moneygram.com/faces/Login_LogoutCloseWindow.jsp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.91.129.246 , United States, ASN29898 (MONEYGRAM-INTERNATIONAL-INC, US),

Reverse DNS

user246.temgdwdp.com

Software

Apache /

Resource Hash

ab866744f40607d863d7abd43c5986c0ea7825b5ba599e95b5d02556b6a68b63

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://plportal.moneygram.com/faces/Login_LogoutCloseWindow.jsp
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 28 Mar 2024 22:53:40 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Last-Modified: Tue, 28 Jun 2022 13:39:52 GMT
Server: Apache
ETag: W/"19910-1656423592000"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 19910

GET
H/1.1 200
OK mgiLogo.jpg
plportal.moneygram.com/images/ 10 KB
11 KB 150ms
150ms Image
image/jpeg 63.91.129.246
MONEYGRAM-INTERNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://plportal.moneygram.com/images/mgiLogo.jpg

Requested by

Host: plportal.moneygram.com
URL: https://plportal.moneygram.com/faces/Login_LogoutCloseWindow.jsp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.91.129.246 , United States, ASN29898 (MONEYGRAM-INTERNATIONAL-INC, US),

Reverse DNS

user246.temgdwdp.com

Software

Apache /

Resource Hash

daee72272d0c0b08f78c7b4dba003b64b817353081fa86d87301cfcecb36dc13

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://plportal.moneygram.com/faces/Login_LogoutCloseWindow.jsp
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 28 Mar 2024 22:53:41 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Last-Modified: Tue, 28 Jun 2022 13:39:54 GMT
Server: Apache
ETag: W/"10724-1656423594000"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 10724

GET
H/1.1

200
OK

/
plportal.moneygram.com/Login/
Redirect Chain

https://plportal.moneygram.com/favicon.ico
https://plportal.moneygram.com/Login/

14 KB
14 KB

153ms
153ms

Other
text/html

63.91.129.246
MONEYGRAM-INTERNA...

General

Check archive.org

Show headers Download Go to

Full URL

https://plportal.moneygram.com/Login/

Protocol

HTTP/1.1

Server

63.91.129.246 , United States, ASN29898 (MONEYGRAM-INTERNATIONAL-INC, US),

Reverse DNS

user246.temgdwdp.com

Software

Apache /

Resource Hash

7c9eedd8b9dc82845cc68d21c250c7606304df5c3b649e0fe39d8b59ec7bdfb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plportal.moneygram.com/faces/Login_LogoutCloseWindow.jsp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Thu, 28 Mar 2024 22:53:41 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: Apache
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/html;charset=ISO-8859-1
Content-Language: en-US
Connection: Keep-Alive
Keep-Alive: timeout=15, max=98

Redirect headers

Date: Thu, 28 Mar 2024 22:53:41 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Location: /Login/
Content-Type: text/html;charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=15, max=99
Content-Length: 0

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal function| $ function| jQuery

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			plportal.moneygram.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: BB71069DEC877B5AE3B7C1A82FBAB4B9.node1
			plportal.moneygram.com/	1969-12-31 23:59:59	Name: session Value: .node1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clicktime.cloud.postoffice.net
plportal.moneygram.com
165.212.65.140
63.91.129.246
3984d7868997241c1332452fa9561a3d5fd8118b357b53c3f3c133df0fbefb66
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
7c9eedd8b9dc82845cc68d21c250c7606304df5c3b649e0fe39d8b59ec7bdfb5
ab866744f40607d863d7abd43c5986c0ea7825b5ba599e95b5d02556b6a68b63
afab2401240ba00ccd4ae7a1d9286c2aa9118192f9e9e57fa1ff9072c39951fb
daee72272d0c0b08f78c7b4dba003b64b817353081fa86d87301cfcecb36dc13

plportal.moneygram.com Open in urlscan Pro 63.91.129.246 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

6 Requests

83 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

1 Countries

184 kBTransfer

182 kBSize

2 Cookies

2 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

plportal.moneygram.com Open in urlscan Pro
63.91.129.246 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

83 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

184 kB
Transfer

182 kB
Size

2
Cookies

6 HTTP transactions
0 data transactions