Report - confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/login.php?usaa/auth/dashboard

Report Overview

Submitted URL
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/login.php?usaa/auth/dashboard
IP
104.18.25.120
ASN
#13335 CLOUDFLARENET
Submitted
2022-10-06 02:17:03
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
54

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	54.230.111.65
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	65 kB	34.120.237.76
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.8 kB	142.250.74.3
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	409 B	1.2 kB	142.250.74.164
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.162.217.251
confirmation-state-usaa-information-team-online-info.preview-domain.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	16 kB	395 kB	104.18.25.120
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	54.230.111.14
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	539 B	160 kB	142.250.74.163
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	460 B	16 kB	216.58.207.195

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-06	medium	preview-domain.com	Sinkholed
2022-10-06	medium	preview-domain.com	Sinkholed
2022-10-06	medium	preview-domain.com	Sinkholed
2022-10-06	medium	preview-domain.com	Sinkholed
2022-10-06	medium	preview-domain.com	Sinkholed
2022-10-06	medium	preview-domain.com	Sinkholed
2022-10-06	medium	preview-domain.com	Sinkholed
2022-10-06	medium	preview-domain.com	Sinkholed
2022-10-06	medium	preview-domain.com	Sinkholed
2022-10-06	medium	preview-domain.com	Sinkholed
2022-10-06	medium	preview-domain.com	Sinkholed
2022-10-06	medium	preview-domain.com	Sinkholed
2022-10-06	medium	preview-domain.com	Sinkholed
2022-10-06	medium	preview-domain.com	Sinkholed
2022-10-06	medium	preview-domain.com	Sinkholed
2022-10-06	medium	preview-domain.com	Sinkholed
2022-10-06	medium	preview-domain.com	Sinkholed
2022-10-06	medium	preview-domain.com	Sinkholed
2022-10-06	medium	preview-domain.com	Sinkholed
2022-10-06	medium	preview-domain.com	Sinkholed
2022-10-06	medium	preview-domain.com	Sinkholed
2022-10-06	medium	preview-domain.com	Sinkholed
2022-10-06	medium	preview-domain.com	Sinkholed
2022-10-06	medium	preview-domain.com	Sinkholed
2022-10-06	medium	preview-domain.com	Sinkholed
2022-10-06	medium	preview-domain.com	Sinkholed
2022-10-06	medium	preview-domain.com	Sinkholed

JavaScript (14)

	URL	Size	First Seen	Last Seen
	www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js	399 kB	2023-03-08	2023-03-11
Pretty URL www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js IP 142.250.74.163 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:40:09 Last Seen2023-03-11 13:30:42 Times Seen1 Hash f35658481ed15bc5f9e381e5babb040b 6ac7505ec9c522b239aeefed9ff6c1ff4d7c98e5 bec7e5a49219ef10544321dbd44f27849644f20623c16f05baeeeaa73e3b9332 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LfPqZAhAAAAAGpcZH3FAABzRqetzI-NWd0Fo2vI&co=aHR0cDovL2NvbmZpcm1hdGlvbi1zdGF0ZS11c2FhLWluZm9ybWF0aW9uLXRlYW0tb25saW5lLWluZm8ucHJldmlldy1kb21haW4uY29tOjgw&hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=normal&cb=oq46201g0qyf	69 B	2023-03-07	2024-04-27
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LfPqZAhAAAAAGpcZH3FAABzRqetzI-NWd0Fo2vI&co=aHR0cDovL2NvbmZpcm1hdGlvbi1zdGF0ZS11c2FhLWluZm9ybWF0aW9uLXRlYW0tb25saW5lLWluZm8ucHJldmlldy1kb21haW4uY29tOjgw&hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=normal&cb=oq46201g0qyf IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-27 06:20:28 Times Seen99644 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LfPqZAhAAAAAGpcZH3FAABzRqetzI-NWd0Fo2vI&co=aHR0cDovL2NvbmZpcm1hdGlvbi1zdGF0ZS11c2FhLWluZm9ybWF0aW9uLXRlYW0tb25saW5lLWluZm8ucHJldmlldy1kb21haW4uY29tOjgw&hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=normal&cb=oq46201g0qyf	36 kB	2023-03-08	2023-03-08
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LfPqZAhAAAAAGpcZH3FAABzRqetzI-NWd0Fo2vI&co=aHR0cDovL2NvbmZpcm1hdGlvbi1zdGF0ZS11c2FhLWluZm9ybWF0aW9uLXRlYW0tb25saW5lLWluZm8ucHJldmlldy1kb21haW4uY29tOjgw&hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=normal&cb=oq46201g0qyf IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:49:46 Last Seen2023-03-08 06:49:46 Times Seen1 Hash 5b07a154a1f14fddca42e1bcc3c33d25 b62a2159ccc0aa1de59d63f23ecfb6cf33cb3787 16d6f908aa6f960ddead8e9983dae789402776e0db5cc85197d32e811fc223bd Loading...

	confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/captcha.php	824 B	2023-03-07	2023-03-17
Pretty URL confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/captcha.php IP 104.18.25.120 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:03 Last Seen2023-03-17 10:41:27 Times Seen1 Hash 194df296c70cd399dc890b42dbfa896f 27712435056f199a17eedfc137b057c658e5cfcc 8e865ccccb52a766139f5cf44ea76f023601cc5ed3d593f29cf8e4c1d206c991 Loading...

	confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/captcha.php	1.4 kB	2023-03-07	2023-03-17
Pretty URL confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/captcha.php IP 104.18.25.120 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:03 Last Seen2023-03-17 10:41:27 Times Seen1 Hash f76b8001fb37920d28005804e0c31ccb 2c80a8937a390b8b933cd54745bfec7d8835986f 6532b522121d998467b12fb8a5cd2fa7513577ecd115b36ca8703d7131e9af01 Loading...

	confirmation-state-usaa-information-team-online-info.preview-domain.com/cdn-cgi/apps/body/8YtVgnu1iVJ0fyJzUoJsd_gBizk.js	58 kB	2023-03-07	2023-06-28
Pretty URL confirmation-state-usaa-information-team-online-info.preview-domain.com/cdn-cgi/apps/body/8YtVgnu1iVJ0fyJzUoJsd_gBizk.js IP 104.18.25.120 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:27:03 Last Seen2023-06-28 06:05:47 Times Seen24 Hash 25753e400b1522e9c10ae6599c6a7028 d09eccb4ec25db414a483ace998424cf2ba16d58 b1999c7937a773fd4de85c3b9a4b1f7b8581a24ae405d0cc0e080f4fbefe50b9 Loading...

	www.google.com/recaptcha/api2/bframe?hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LfPqZAhAAAAAGpcZH3FAABzRqetzI-NWd0Fo2vI	178 B	2023-03-07	2023-03-26
Pretty URL www.google.com/recaptcha/api2/bframe?hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LfPqZAhAAAAAGpcZH3FAABzRqetzI-NWd0Fo2vI IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24:55 Last Seen2023-03-26 11:21:19 Times Seen6 Hash 5c12dc8c0b8d31f1a91b2fbafb7699f7 659a505d4e65ee56f742a4507014dda46b9258e2 779b7822624b86cc97b8385cf1b6e9ec2794ff6d0d9506e01fea86e35739f63a Loading...

	confirmation-state-usaa-information-team-online-info.preview-domain.com/cdn-cgi/apps/head/fHG6PlGkJkuh_9HPzJECz_j4pH8.js	5.6 kB	2023-03-07	2023-06-28
Pretty URL confirmation-state-usaa-information-team-online-info.preview-domain.com/cdn-cgi/apps/head/fHG6PlGkJkuh_9HPzJECz_j4pH8.js IP 104.18.25.120 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:09:50 Last Seen2023-06-28 06:05:47 Times Seen24 Hash ce69e878582c1f6640f586f74b137442 7fffa2ec70d5ac5dc6ebe147a020b6685dc43d67 70f5de2c2e368c4a9245d2eca89740da6c78cf447c16c27259cba45565b51bc2 Loading...

	www.google.com/recaptcha/api.js	850 B	2023-03-08	2023-03-11
Pretty URL www.google.com/recaptcha/api.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:40:09 Last Seen2023-03-11 13:30:42 Times Seen1 Hash 671d51c8f7b6f6920c23e7092f2e07f4 f9c0ccad26b1524c2f0438657c0ce4b82960cdd3 91b729f00e7b893e0b8158d9d786315ed01b763e6b1053d72e2d6abbb906f70e Loading...

		Size	First Seen	Last Seen
	#1 Eval - 099d1f77d71fa86e9d2cd6653e97512f	22 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 05:58:51 Last Seen2023-03-08 08:07:46 Times Seen1 Hash 099d1f77d71fa86e9d2cd6653e97512f 15e748ee5f5fd811858f2606f327f7f9b9cf136d 46803f53adbea35f28f34cfbbccddebf6ae29454b5d15cde348e4c577386337d Loading...

	#2 Eval - 6ea539112fab340050f89a5be90c37a3	22 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 05:58:51 Last Seen2023-03-08 08:07:46 Times Seen1 Hash 6ea539112fab340050f89a5be90c37a3 47ddc3e649203f8db623e258c84c08c9bb5e5bc7 973d9bb2938645d67a00f9ca20209eea3bbe8b556d0b25d5caf313f1644ad067 Loading...

	#3 Eval - 2e6914d77abb6e7840a5119421995ee0	16 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 05:58:51 Last Seen2023-03-08 08:07:46 Times Seen1 Hash 2e6914d77abb6e7840a5119421995ee0 6d354a298ac5298d63b472fbeb169c0f19cffc28 785368f80392fac2588fe98c4a61181ce777d15a35bd5572d7740f4124fe8f65 Loading...

	#4 Eval - d58110c5c45b1d1e7f0b788e6d92e853	17 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 06:49:46 Last Seen2023-03-08 06:49:46 Times Seen1 Hash d58110c5c45b1d1e7f0b788e6d92e853 227cf8da453e15ea94203ae8424e6259649a4a09 ea733a2bf23823a5d6abf1dffa91a0d78a8130a1a3a3ea824635f598e247eab9 Loading...

	#5 Eval - 13123b36af5f12b94632552d5f944523	62 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 05:58:51 Last Seen2023-03-08 08:07:46 Times Seen1 Hash 13123b36af5f12b94632552d5f944523 2f37776f2dd55e31e83211c27f23ff66621508c0 ac0459c568af29bd816e7904e26a2f614a0d16ee451bbad2e29ef2f5a4eb566c Loading...

HTTP Transactions (51)

URL IP Response Size

confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/login.php?usaa/auth/dashboard

104.18.25.120

302 Found

27 kB

URL HTTP/1.1
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/login.php?usaa/auth/dashboard
IP
104.18.25.120:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2854), with CRLF line terminators
Size
27 kB (26944 bytes)
Hash
2c56de0eaf7e69950292955b9b15f2f9
3da12bd186e606e1c7b5009325f3e9d63084bb2b
c6447e38d21fe70d66836b9f569a3d66220e5e0ef8313dcecd5c1b77291fc718

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-admin/css/colors/ectoplasm/web/home/host/login.php?usaa/auth/dashboard HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Thu, 06 Oct 2022 02:16:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
location: captcha.php
cache-control: no-cache, no-store, must-revalidate, max-age=0
expires: Thu, 13 Oct 2022 02:16:52 GMT
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755ae5c14bd5b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

firefox.settings.services.mozilla.com/v1/

54.230.111.65

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
54.230.111.65:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: l2wfBnF4GkMYWUwT5wpEWMw6XnoPDT0gr0uo1W2dD_K9wfftnATLWA==
Age: 37774

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
eabb7d9ffae717f7305d63c057755470
3b7f0baccfdbb8d9ffefa4a2215d4d6094be454a
ab48f17e54075e1ecf034278e82bcacd2e3689773186cc84fba9b79aac907294

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB48F17E54075E1ECF034278E82BCACD2E3689773186CC84FBA9B79AAC907294"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6456
Expires: Thu, 06 Oct 2022 04:04:28 GMT
Date: Thu, 06 Oct 2022 02:16:52 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

54.230.111.14

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
54.230.111.14:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 05 Oct 2022 04:02:33 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DQr1JGUe7nBTxYAYQr0TKFtUHsYNA7AvkiOdVFpfIjkrFxt6iAj0kA==
age: 80060
X-Firefox-Spdy: h2

confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/captcha.php

104.18.25.120

200 OK

6.2 kB

URL HTTP/1.1
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/captcha.php
IP
104.18.25.120:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2869), with CRLF line terminators
Size
6.2 kB (6233 bytes)
Hash
0092087460d92cb51b9fc7a62865db71
036d6731c95dd26969c4899012e8dc48b6c70e47
81f597dc49f5eab7c1a9cafddadf0747bd72fd7eebd715c3c0139725422f39f6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-admin/css/colors/ectoplasm/web/home/host/captcha.php HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:16:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:53 GMT
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755ae5c32c8cb503-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:16:53 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
40a4de06678d96242b71d5318f2fd4ef
546a7d1d92df81916f14155943427b5453ae3924
aed9af25ae57c181702a137d48cb00f5b30297180161451de3b628359dc9ec6f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:16:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/api.js

142.250.74.164

200 OK

555 B

URL HTTP/2
www.google.com/recaptcha/api.js
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (850), with no line terminators
Size
555 B (555 bytes)
Hash
e75e7b4c9bf71c4a14d5e1d1946b161a
36148f31ea702a23a3f0dafd907a9069234021e7
e43b40968f165ec7b121020103aa40529d891aa2d03ead26ed47adefc4d6ab6d

HTTP Headers

GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Thu, 06 Oct 2022 02:16:53 GMT
date: Thu, 06 Oct 2022 02:16:53 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 555
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f9371f81e2eeeead7fe351a49f3b1c40
ae23d6c6c57dd7cf568c3a74594c377b7bb7df43
03c4ba0faa3199d061d1bb37df5d48ba6d81f77a83e243922075efc4d4acf456

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:16:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css

104.18.25.120

200 OK

22 kB

URL HTTP/1.1
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css
IP
104.18.25.120:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65501)
Size
22 kB (22406 bytes)
Hash
0040f6a4a670b3173201505c3a292527
84e83dc000cddc562a680c62b8fe5a7562dc8771
9ccedb5aae19ca4ad4e6b82830431936ba6e8515144296ff96f2b10f7b78c928

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/captcha.php

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:16:53 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: public, max-age=2592000
expires: Sat, 05 Nov 2022 02:16:53 GMT
last-modified: Mon, 03 Oct 2022 23:47:29 GMT
etag: W/"199d9-633b7491-ed6344284f51d4c3;;;"
platform: hostinger
x-turbo-charged-by: LiteSpeed
Content-Encoding: gzip
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755ae5c47c1d0b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

confirmation-state-usaa-information-team-online-info.preview-domain.com/cdn-cgi/apps/head/fHG6PlGkJkuh_9HPzJECz_j4pH8.js

104.18.25.120

200 OK

2.0 kB

URL HTTP/1.1
confirmation-state-usaa-information-team-online-info.preview-domain.com/cdn-cgi/apps/head/fHG6PlGkJkuh_9HPzJECz_j4pH8.js
IP
104.18.25.120:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1452)
Size
2.0 kB (2010 bytes)
Hash
6f5315e6fda6cac5272dddda7eec7d3c
7c71ba3e51a4264ba1ffd1cfcc9102cff8f8a47f
850d9a89b54ce0bd8df704e064ea9f27e84738d2fe233d17a483607a63754b11

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cdn-cgi/apps/head/fHG6PlGkJkuh_9HPzJECz_j4pH8.js HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/captcha.php

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:16:53 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 2010
Connection: keep-alive
x-amz-id-2: LXmP5KbRRd74lL7TVOHvFFFpJyDntIO8Re+zVQ76WLCdTbJuTf6aqREsiGEf8pnEhR+vi+VSGEk=
x-amz-request-id: NB4C7DNR6G676MT7
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 09:56:30 GMT
x-amz-version-id: gFwP9zvZFBbIOCuWDl43k62jDa40ddyw
ETag: "6f5315e6fda6cac5272dddda7eec7d3c"
CF-Cache-Status: MISS
Expires: Fri, 06 Oct 2023 02:16:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755ae5c47d0fb503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

54.230.111.65

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
54.230.111.65:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 06 Oct 2022 01:29:33 GMT
Expires: Thu, 06 Oct 2022 01:42:47 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1zi8VY1sfQjezO2i7FX238ZUWP3xvsXOufe-pvcG0D1WR9uZ_TbYNg==
Age: 2840

confirmation-state-usaa-information-team-online-info.preview-domain.com/cdn-cgi/apps/body/8YtVgnu1iVJ0fyJzUoJsd_gBizk.js

104.18.25.120

200 OK

12 kB

URL HTTP/1.1
confirmation-state-usaa-information-team-online-info.preview-domain.com/cdn-cgi/apps/body/8YtVgnu1iVJ0fyJzUoJsd_gBizk.js
IP
104.18.25.120:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (4239)
Size
12 kB (11654 bytes)
Hash
cf58f616c04a6cdb2ef6796a865ea479
f18b55827bb58952747f227352826c77f8018b39
986db8792f7551383040a69b42d74349ffca3172a86feac7c108041f818d65ef

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cdn-cgi/apps/body/8YtVgnu1iVJ0fyJzUoJsd_gBizk.js HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/captcha.php

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:16:53 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 11654
Connection: keep-alive
x-amz-id-2: hwKXn75uoNLcEnhXdflm8f23LEzrJtXiPRGEFuPCpJOqkcLd9HgfF3c/MOzvloTrTv1BtMoIsS4=
x-amz-request-id: WG1MXYCQ4DGQY9HZ
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 09:56:30 GMT
x-amz-version-id: Jh2_77l9okiEW9Z4naYXi3ToSznL5t5t
ETag: "cf58f616c04a6cdb2ef6796a865ea479"
CF-Cache-Status: HIT
Age: 69449
Expires: Fri, 06 Oct 2023 02:16:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755ae5c7bd050b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1561c6be7c89d1357a80d12de47b6e74
9a705277922ecca583c867af58b3efce099f83bd
e33dc034dbf4b3b627cd3c1af2d942e2ca5704ec9a4aad5c46ad39eb070e82ab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2275
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:16:53 GMT
Last-Modified: Thu, 06 Oct 2022 01:38:59 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/E83D71A074DF776F4.woff2

104.18.25.120

301 Moved Permanently

0 B

URL HTTP/1.1
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/E83D71A074DF776F4.woff2
IP
104.18.25.120:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/E83D71A074DF776F4.woff2 HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css

HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 02:16:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
x-redirect-by: WordPress
location: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/E83D71A074DF776F4.woff2/
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:53 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755ae5c7dd080b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9C7F15704715916A9.woff2

104.18.25.120

301 Moved Permanently

0 B

URL HTTP/1.1
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9C7F15704715916A9.woff2
IP
104.18.25.120:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9C7F15704715916A9.woff2 HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css

HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 02:16:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
x-redirect-by: WordPress
location: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9C7F15704715916A9.woff2/
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:53 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755ae5c7ce70b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/F68DD4439278D0467.woff2

104.18.25.120

301 Moved Permanently

0 B

URL HTTP/1.1
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/F68DD4439278D0467.woff2
IP
104.18.25.120:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/F68DD4439278D0467.woff2 HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css

HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 02:16:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
x-redirect-by: WordPress
location: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/F68DD4439278D0467.woff2/
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:53 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755ae5c7dba1b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/C1B705B7AD8D5B4C6.woff2

104.18.25.120

301 Moved Permanently

0 B

URL HTTP/1.1
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/C1B705B7AD8D5B4C6.woff2
IP
104.18.25.120:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/C1B705B7AD8D5B4C6.woff2 HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css

HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 02:16:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
x-redirect-by: WordPress
location: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/C1B705B7AD8D5B4C6.woff2/
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:53 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755ae5c7dc40b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9ECBC8FFB535D0532.woff2

104.18.25.120

301 Moved Permanently

0 B

URL HTTP/1.1
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9ECBC8FFB535D0532.woff2
IP
104.18.25.120:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9ECBC8FFB535D0532.woff2 HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css

HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 02:16:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
x-redirect-by: WordPress
location: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9ECBC8FFB535D0532.woff2/
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:53 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755ae5c7dd090b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

push.services.mozilla.com/

35.162.217.251

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.162.217.251:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NQAk0/if8MjxwLHOfTc8rg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: G8YWaA51Z+cY2MaUA6j0LTkKALI=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:16:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js

142.250.74.163

200 OK

159 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (711)
Size
159 kB (158844 bytes)
Hash
b4ed95d4318e3b78b936c9c0f1ffa96e
b53c9376b1459afb07fb4b5c2e8d8dad776d3a02
3c21880cb7be6bec40f9d40c23ad39c9758999cf950cec07b86c83b21fde175f

HTTP Headers

GET /recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://confirmation-state-usaa-information-team-online-info.preview-domain.com
Connection: keep-alive
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158844
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 21:02:07 GMT
expires: Thu, 05 Oct 2023 21:02:07 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
content-type: text/javascript
age: 18887
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:16:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/C1B705B7AD8D5B4C6.woff2/

104.18.25.120

200 OK

27 kB

URL HTTP/1.1
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/C1B705B7AD8D5B4C6.woff2/
IP
104.18.25.120:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (56416), with CRLF, LF line terminators
Size
27 kB (27240 bytes)
Hash
e876175e4649aa1cbc43ef747a2cc3bc
2e12b07e754191a723efbd471595ee4b5d7bcd50
ae248002c22fd310bed6f38cabf571d915c029c2c054f9a91e41ac667b7eec35

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/C1B705B7AD8D5B4C6.woff2/ HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css
Connection: keep-alive

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:16:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
link: <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/>; rel="https://api.w.org/", <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/wp/v2/pages/574>; rel="alternate"; type="application/json", <http://confirmation-state-usaa-information-team-online.info/>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: 169_HTTP.200,169_front,169_URL.3ed9541600336a2bc33e9332636b4ad7,169_F,169_Po.574,169_PGS,169_
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:54 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755ae5c91ed3b503-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/favicon.ico

104.18.25.120

301 Moved Permanently

0 B

URL HTTP/1.1
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/favicon.ico
IP
104.18.25.120:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-admin/css/colors/ectoplasm/web/home/host/favicon.ico HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/captcha.php

HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 02:16:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
x-redirect-by: WordPress
location: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/favicon.ico/
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:54 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755ae5cc3c5cb50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9ECBC8FFB535D0532.woff2/

104.18.25.120

200 OK

27 kB

URL HTTP/1.1
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9ECBC8FFB535D0532.woff2/
IP
104.18.25.120:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (56416), with CRLF, LF line terminators
Size
27 kB (26902 bytes)
Hash
b47255a452b487042f201d3327e68541
120c5f33a564c4dc29bee0183846a861d9a1b065
e35b93096169c884d7bf11ed3c868ac670884b01eb6b15e0e4eafe417316c8b7

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9ECBC8FFB535D0532.woff2/ HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css
Connection: keep-alive

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:16:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
link: <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/>; rel="https://api.w.org/", <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/wp/v2/pages/574>; rel="alternate"; type="application/json", <http://confirmation-state-usaa-information-team-online.info/>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: 169_HTTP.200,169_front,169_URL.85976ef6405dcdc4f5f93e562b5c3c15,169_F,169_Po.574,169_PGS,169_
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:54 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755ae5c91d470b51-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/E83D71A074DF776F4.woff2/

104.18.25.120

200 OK

27 kB

URL HTTP/1.1
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/E83D71A074DF776F4.woff2/
IP
104.18.25.120:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (56416), with CRLF, LF line terminators
Size
27 kB (27174 bytes)
Hash
36bbf6fcf71f4818181bf448e07e6227
3468eb3bcdedab9d10eae45f66237438e9824c97
59b6f2d44e001ee6c55d6ff45f6ec6c431c38ab060cb7ed4aba765677bc0295a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/E83D71A074DF776F4.woff2/ HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css
Connection: keep-alive

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:16:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
link: <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/>; rel="https://api.w.org/", <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/wp/v2/pages/574>; rel="alternate"; type="application/json", <http://confirmation-state-usaa-information-team-online.info/>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: 169_HTTP.200,169_front,169_URL.7764e6acc8c9fc2a1f75ff52c39c947f,169_F,169_Po.574,169_PGS,169_
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:54 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755ae5c91bfbb505-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/C1B705B7AD8D5B4C6.woff

104.18.25.120

301 Moved Permanently

0 B

URL HTTP/1.1
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/C1B705B7AD8D5B4C6.woff
IP
104.18.25.120:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/C1B705B7AD8D5B4C6.woff HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css

HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 02:16:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
x-redirect-by: WordPress
location: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/C1B705B7AD8D5B4C6.woff/
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:54 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755ae5cd68dfb503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/F68DD4439278D0467.woff2/

104.18.25.120

200 OK

27 kB

URL HTTP/1.1
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/F68DD4439278D0467.woff2/
IP
104.18.25.120:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (56416), with CRLF, LF line terminators
Size
27 kB (27096 bytes)
Hash
99190558af2c7dcb047fbf655ddcb5d1
fb17e1b2ab5a1e205e81a0f0aa2659274b8eaa2a
e380577c6fb1f06753d4db36b7e1cebc0b56fef2912dcc0f57cff5f9206e1831

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/F68DD4439278D0467.woff2/ HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css
Connection: keep-alive

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:16:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
link: <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/>; rel="https://api.w.org/", <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/wp/v2/pages/574>; rel="alternate"; type="application/json", <http://confirmation-state-usaa-information-team-online.info/>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: 169_HTTP.200,169_front,169_URL.d91cf6b9501814d32cb344bc62b845e1,169_F,169_Po.574,169_PGS,169_
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:54 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755ae5c91c87b4f4-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9C7F15704715916A9.woff2/

104.18.25.120

200 OK

27 kB

URL HTTP/1.1
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9C7F15704715916A9.woff2/
IP
104.18.25.120:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (56416), with CRLF, LF line terminators
Size
27 kB (26852 bytes)
Hash
ce6f857136779730a1a9af704f2ae12a
b6c6f2973f51205d29b063ff94b91453cd74a07c
663e62d9b53c117ab9321c2f656b0b6cb9e3b71faec15ec3e8e9bd00b52caa4e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9C7F15704715916A9.woff2/ HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css
Connection: keep-alive

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:16:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
link: <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/>; rel="https://api.w.org/", <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/wp/v2/pages/574>; rel="alternate"; type="application/json", <http://confirmation-state-usaa-information-team-online.info/>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: 169_HTTP.200,169_front,169_URL.26ed341e12cf9cf43680b4ca35f21fc3,169_F,169_Po.574,169_PGS,169_
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:54 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755ae5c90d450b51-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9ECBC8FFB535D0532.woff

104.18.25.120

301 Moved Permanently

0 B

URL HTTP/1.1
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9ECBC8FFB535D0532.woff
IP
104.18.25.120:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9ECBC8FFB535D0532.woff HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css

HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 02:16:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
x-redirect-by: WordPress
location: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9ECBC8FFB535D0532.woff/
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:54 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755ae5ce1ec90b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/E83D71A074DF776F4.woff

104.18.25.120

301 Moved Permanently

0 B

URL HTTP/1.1
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/E83D71A074DF776F4.woff
IP
104.18.25.120:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/E83D71A074DF776F4.woff HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css

HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 02:16:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
x-redirect-by: WordPress
location: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/E83D71A074DF776F4.woff/
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:54 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755ae5ce3e07b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/F68DD4439278D0467.woff

104.18.25.120

301 Moved Permanently

0 B

URL HTTP/1.1
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/F68DD4439278D0467.woff
IP
104.18.25.120:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/F68DD4439278D0467.woff HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css

HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 02:16:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
x-redirect-by: WordPress
location: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/F68DD4439278D0467.woff/
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:54 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755ae5ceae67b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.195

200 OK

15 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 12:31:58 GMT
expires: Sun, 01 Oct 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 395096
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9C7F15704715916A9.woff

104.18.25.120

301 Moved Permanently

0 B

URL HTTP/1.1
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9C7F15704715916A9.woff
IP
104.18.25.120:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9C7F15704715916A9.woff HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css

HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 02:16:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
x-redirect-by: WordPress
location: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9C7F15704715916A9.woff/
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:55 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755ae5ceaef40b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/C1B705B7AD8D5B4C6.woff/

104.18.25.120

200 OK

28 kB

URL HTTP/1.1
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/C1B705B7AD8D5B4C6.woff/
IP
104.18.25.120:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (56416), with CRLF, LF line terminators
Size
28 kB (27574 bytes)
Hash
63cf24e35d97b930ed5b2128a620da00
33689675c55c736362b859eac08a82b4296155b6
58644be51b3a8cd5bd544a5a9951f6f4efb589df6c9f9507d878e1146845294d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/C1B705B7AD8D5B4C6.woff/ HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css
Connection: keep-alive

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:16:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
link: <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/>; rel="https://api.w.org/", <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/wp/v2/pages/574>; rel="alternate"; type="application/json", <http://confirmation-state-usaa-information-team-online.info/>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: 169_HTTP.200,169_front,169_URL.51f1817cab16a5cd8530bc99901ab1c5,169_F,169_Po.574,169_PGS,169_
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:55 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755ae5ce7d08b50f-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5845
Expires: Thu, 06 Oct 2022 03:54:20 GMT
Date: Thu, 06 Oct 2022 02:16:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5845
Expires: Thu, 06 Oct 2022 03:54:20 GMT
Date: Thu, 06 Oct 2022 02:16:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5845
Expires: Thu, 06 Oct 2022 03:54:20 GMT
Date: Thu, 06 Oct 2022 02:16:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5845
Expires: Thu, 06 Oct 2022 03:54:20 GMT
Date: Thu, 06 Oct 2022 02:16:55 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf3cf74b-e020-403d-b52e-28fa9422685f.jpeg

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf3cf74b-e020-403d-b52e-28fa9422685f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7380 bytes)
Hash
3222f99612aade6e826abd0777d174ab
87a07ee9edaede64877f4fb54343aacd5aa01fcf
18f2f9a9fa80180dda5cab4593580eff2345829c3a90304437987ce603b8f4c1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf3cf74b-e020-403d-b52e-28fa9422685f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7380
x-amzn-requestid: 7debdc13-fb3c-491b-bda0-c1626ab713f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPZNESDoAMFzNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df907-4502eff80aef2cd33080075e;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:37:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: 8BU057ZZmvAbEwso8F8QPIGXQeRjGB8nO3QJYQekMorUj-8AFO5Z6Q==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 57bd3a2d9e0e4cbf89d9eb3d7dfb916e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:47:36 GMT
etag: "87a07ee9edaede64877f4fb54343aacd5aa01fcf"
content-type: image/jpeg
age: 16159
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F523563fe-7c63-4bf8-82a9-5a22c254cf4c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10390 bytes)
Hash
00e43396123462b87cf3d3592dd71f02
8c895a5716462c161f98637053cac4469eaaea33
2fc70d34c11b2fc338714930bdf6efa14a1c3d4d7560a43061aea41c83ec4d2e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F523563fe-7c63-4bf8-82a9-5a22c254cf4c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 10390
x-amzn-requestid: 3a01001b-3f8a-4118-9cce-af68e92b78bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjP2EEV4oAMFcqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df9c0-254f65637b3d98f8268fe321;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:40:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 7PsyVPG6o3G08CoNRuiY3iS-JL658WfKzUZQQTy4coWbKlYIQn5-Eg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 7f06047c304d80ea094816a27c933914.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:45:34 GMT
age: 16281
etag: "8c895a5716462c161f98637053cac4469eaaea33"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0916782d-815c-4b19-b89a-acc67a745ebc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11478 bytes)
Hash
a2e00e7f6054a915275111712ae68feb
016d84f56f97f1ab12c4046177e3e809aa861729
d042df692c87770504eaa80dae07601163a3b330061b5b9ec7b66a2bec759150

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0916782d-815c-4b19-b89a-acc67a745ebc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11478
x-amzn-requestid: d058c900-2b03-4373-aa5b-0d91128de0e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQiMGXDIAMFbVg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfada-743a7dda1804ecb76ae96592;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:44:58 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: Geyupd7DZO0XRtj6uKJM-il3wOu82I2N26-vLgJCxYlid1Csm-fYxQ==
via: 1.1 58f9a50682bb94842197f3e957919c60.cloudfront.net (CloudFront), 1.1 76dcc62b68091cc715d50b5017be77fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 22:01:17 GMT
age: 15338
etag: "016d84f56f97f1ab12c4046177e3e809aa861729"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73af78d1-5736-4820-b1cd-2746dc2b907b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6933 bytes)
Hash
746e3c38e01d58e6fa0728798221a830
b19dd1d42995ea4242505b152e77835442341581
c524a2e7e29690030b7402077f711e643674c8f42de071214f3909b447fb1e3b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73af78d1-5736-4820-b1cd-2746dc2b907b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6933
x-amzn-requestid: aa50b0cd-e931-49a9-bce3-00366738aea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPtNGKPoAMF6UA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df987-77a4f8306103dcdf3de7d1fd;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:39:19 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: J6TTFpH3OGVu4hTFbLlatmlwGGOiEshSdr4xUCdCKog4kUAA5TyBSQ==
via: 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 22:10:54 GMT
age: 14761
etag: "b19dd1d42995ea4242505b152e77835442341581"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9ECBC8FFB535D0532.woff/

104.18.25.120

200 OK

28 kB

URL HTTP/1.1
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9ECBC8FFB535D0532.woff/
IP
104.18.25.120:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (56416), with CRLF, LF line terminators
Size
28 kB (27778 bytes)
Hash
62f484de981c122203b1a7a433b6822d
b4aa72276dee2be4e55ff14b14f160a8402d6ec3
84dd98d0cc98b50002f386a259cbad304dbcc50f5b47bb3b85485b02f1c0d5cb

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9ECBC8FFB535D0532.woff/ HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css
Connection: keep-alive

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:16:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
link: <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/>; rel="https://api.w.org/", <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/wp/v2/pages/574>; rel="alternate"; type="application/json", <http://confirmation-state-usaa-information-team-online.info/>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: 169_HTTP.200,169_front,169_URL.86953cd2df4ca879b048a709405fd6d4,169_F,169_Po.574,169_PGS,169_
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:55 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755ae5cf2f190b51-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10158 bytes)
Hash
4fc2ddd86450d64d3fb659ab4e78be58
bbe71936b78a8c34d03ab87948dc840b35c6948f
84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: szhtD9f4RuQaDKXe7LElSR0yOKo9cYa1i2YMeG3eSpBXP8ePcdzQig==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 07:29:32 GMT
age: 67643
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb35f200a-4b30-4eca-b738-7597a7594fb0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12156 bytes)
Hash
af17f003b33d854fd024dcd3980fea27
1282572af57f7d04cae3f736a9b9fcb378efdf70
5e0112558b9196f1025a354f4b69fb02321d9a345c2d302e523001a56b51cc31

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb35f200a-4b30-4eca-b738-7597a7594fb0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12156
x-amzn-requestid: 0640ef42-f082-43cb-9fbb-ba509f7ec1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZXYcIFhmIAMFeVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63393ab3-2fbc1cf648993ee1346ec9b2;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 07:16:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LZZWZlT3DnlbEyrOaNR-emsGas3uCB6VaQYdTQ76-W0XL7_Yq3BAJw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 09:27:45 GMT
age: 60550
etag: "1282572af57f7d04cae3f736a9b9fcb378efdf70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/E83D71A074DF776F4.woff/

104.18.25.120

200 OK

28 kB

URL HTTP/1.1
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/E83D71A074DF776F4.woff/
IP
104.18.25.120:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (56416), with CRLF, LF line terminators
Size
28 kB (27940 bytes)
Hash
470333a6ba005078502d7dd7a7d9f4d3
5917ed9572a0f737d04eeb2f07cbe594dc85bf87
a9e935c621335649be99684be9c88bc8ce9cb234b32be99072dd57c9300b9b26

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/E83D71A074DF776F4.woff/ HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css
Connection: keep-alive

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:16:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
link: <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/>; rel="https://api.w.org/", <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/wp/v2/pages/574>; rel="alternate"; type="application/json", <http://confirmation-state-usaa-information-team-online.info/>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: 169_HTTP.200,169_front,169_URL.f4bce783d8275935dcd992dba0221487,169_F,169_Po.574,169_PGS,169_
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:55 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755ae5cfae6bb505-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/F68DD4439278D0467.woff/

104.18.25.120

200 OK

28 kB

URL HTTP/1.1
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/F68DD4439278D0467.woff/
IP
104.18.25.120:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (56416), with CRLF, LF line terminators
Size
28 kB (27953 bytes)
Hash
389f385b7805342154e2cf82a6f489bd
626af6cdc887814a5ed2853c046b975ac873b53e
68b91deee1ad64b04c6227e76b66408b28cda7de876b997ff52fd0b214ef33ed

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/F68DD4439278D0467.woff/ HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css
Connection: keep-alive

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:16:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
link: <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/>; rel="https://api.w.org/", <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/wp/v2/pages/574>; rel="alternate"; type="application/json", <http://confirmation-state-usaa-information-team-online.info/>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: 169_HTTP.200,169_front,169_URL.f9ebe98bbf26e37cfba8edeb12a355e1,169_F,169_Po.574,169_PGS,169_
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:55 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755ae5cfdec1b4f4-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9C7F15704715916A9.woff/

104.18.25.120

200 OK

28 kB

URL HTTP/1.1
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9C7F15704715916A9.woff/
IP
104.18.25.120:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (56416), with CRLF, LF line terminators
Size
28 kB (27741 bytes)
Hash
ff6be4911ff84b1e875e04ec0e3c368a
11a724f0c6a961905ee3dee1a445faec2b4679b3
ae317a5aa401a547c472f5ddeb995b67f4f1a1e53651412a972ea95aef2ccaa0

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9C7F15704715916A9.woff/ HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css
Connection: keep-alive

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:16:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
link: <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/>; rel="https://api.w.org/", <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/wp/v2/pages/574>; rel="alternate"; type="application/json", <http://confirmation-state-usaa-information-team-online.info/>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: 169_HTTP.200,169_front,169_URL.9c20635c330eb7977cf670840c0789ab,169_F,169_Po.574,169_PGS,169_
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:55 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755ae5cfdf4f0b51-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/favicon.ico/

104.18.25.120

200 OK

28 kB

URL HTTP/1.1
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/favicon.ico/
IP
104.18.25.120:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (56416), with CRLF, LF line terminators
Size
28 kB (28129 bytes)
Hash
88f53082711259ae086e56260f720d1b
bfcb72d028455bf33e753158b979dceeb65c5532
3e7d209d2bb30e8a9b4465762b4ad323efbd25122c1c21cf2117fd08d2b3d748

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-admin/css/colors/ectoplasm/web/home/host/favicon.ico/ HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/captcha.php
Connection: keep-alive

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:16:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
link: <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/>; rel="https://api.w.org/", <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/wp/v2/pages/574>; rel="alternate"; type="application/json", <http://confirmation-state-usaa-information-team-online.info/>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: 169_HTTP.200,169_front,169_URL.3337bd948f63b0ce0a65edc358599b89,169_F,169_Po.574,169_PGS,169_
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:56 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755ae5d45834b4f4-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations