confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/login.php?usaa/auth/dashboard
104.18.25.120302 Found 27 kB URL HTTP/1.1 confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/login.php?usaa/auth/dashboard
IP 104.18.25.120:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2854), with CRLF line terminators
Hash 2c56de0eaf7e69950292955b9b15f2f9
3da12bd186e606e1c7b5009325f3e9d63084bb2b
c6447e38d21fe70d66836b9f569a3d66220e5e0ef8313dcecd5c1b77291fc718
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-admin/css/colors/ectoplasm/web/home/host/login.php?usaa/auth/dashboard HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Thu, 06 Oct 2022 02:16:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
location: captcha.php
cache-control: no-cache, no-store, must-revalidate, max-age=0
expires: Thu, 13 Oct 2022 02:16:52 GMT
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755ae5c14bd5b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
firefox.settings.services.mozilla.com/v1/
54.230.111.65200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.65:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: l2wfBnF4GkMYWUwT5wpEWMw6XnoPDT0gr0uo1W2dD_K9wfftnATLWA==
Age: 37774
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash eabb7d9ffae717f7305d63c057755470
3b7f0baccfdbb8d9ffefa4a2215d4d6094be454a
ab48f17e54075e1ecf034278e82bcacd2e3689773186cc84fba9b79aac907294
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB48F17E54075E1ECF034278E82BCACD2E3689773186CC84FBA9B79AAC907294"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6456
Expires: Thu, 06 Oct 2022 04:04:28 GMT
Date: Thu, 06 Oct 2022 02:16:52 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
54.230.111.14200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 54.230.111.14:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 05 Oct 2022 04:02:33 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DQr1JGUe7nBTxYAYQr0TKFtUHsYNA7AvkiOdVFpfIjkrFxt6iAj0kA==
age: 80060
X-Firefox-Spdy: h2
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/captcha.php
104.18.25.120200 OK 6.2 kB URL HTTP/1.1 confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/captcha.php
IP 104.18.25.120:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2869), with CRLF line terminators
Hash 0092087460d92cb51b9fc7a62865db71
036d6731c95dd26969c4899012e8dc48b6c70e47
81f597dc49f5eab7c1a9cafddadf0747bd72fd7eebd715c3c0139725422f39f6
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-admin/css/colors/ectoplasm/web/home/host/captcha.php HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:16:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:53 GMT
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755ae5c32c8cb503-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:16:53 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 40a4de06678d96242b71d5318f2fd4ef
546a7d1d92df81916f14155943427b5453ae3924
aed9af25ae57c181702a137d48cb00f5b30297180161451de3b628359dc9ec6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:16:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js
142.250.74.164200 OK 555 B URL HTTP/2 www.google.com/recaptcha/api.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (850), with no line terminators
Hash e75e7b4c9bf71c4a14d5e1d1946b161a
36148f31ea702a23a3f0dafd907a9069234021e7
e43b40968f165ec7b121020103aa40529d891aa2d03ead26ed47adefc4d6ab6d
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 06 Oct 2022 02:16:53 GMT
date: Thu, 06 Oct 2022 02:16:53 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 555
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f9371f81e2eeeead7fe351a49f3b1c40
ae23d6c6c57dd7cf568c3a74594c377b7bb7df43
03c4ba0faa3199d061d1bb37df5d48ba6d81f77a83e243922075efc4d4acf456
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:16:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css
104.18.25.120200 OK 22 kB URL HTTP/1.1 confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css
IP 104.18.25.120:0
File type ASCII text, with very long lines (65501)
Hash 0040f6a4a670b3173201505c3a292527
84e83dc000cddc562a680c62b8fe5a7562dc8771
9ccedb5aae19ca4ad4e6b82830431936ba6e8515144296ff96f2b10f7b78c928
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/captcha.php
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:16:53 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: public, max-age=2592000
expires: Sat, 05 Nov 2022 02:16:53 GMT
last-modified: Mon, 03 Oct 2022 23:47:29 GMT
etag: W/"199d9-633b7491-ed6344284f51d4c3;;;"
platform: hostinger
x-turbo-charged-by: LiteSpeed
Content-Encoding: gzip
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755ae5c47c1d0b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
confirmation-state-usaa-information-team-online-info.preview-domain.com/cdn-cgi/apps/head/fHG6PlGkJkuh_9HPzJECz_j4pH8.js
104.18.25.120200 OK 2.0 kB URL HTTP/1.1 confirmation-state-usaa-information-team-online-info.preview-domain.com/cdn-cgi/apps/head/fHG6PlGkJkuh_9HPzJECz_j4pH8.js
IP 104.18.25.120:0
File type ASCII text, with very long lines (1452)
Hash 6f5315e6fda6cac5272dddda7eec7d3c
7c71ba3e51a4264ba1ffd1cfcc9102cff8f8a47f
850d9a89b54ce0bd8df704e064ea9f27e84738d2fe233d17a483607a63754b11
Analyzer Verdict Alert quad9 Sinkholed
GET /cdn-cgi/apps/head/fHG6PlGkJkuh_9HPzJECz_j4pH8.js HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/captcha.php
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:16:53 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 2010
Connection: keep-alive
x-amz-id-2: LXmP5KbRRd74lL7TVOHvFFFpJyDntIO8Re+zVQ76WLCdTbJuTf6aqREsiGEf8pnEhR+vi+VSGEk=
x-amz-request-id: NB4C7DNR6G676MT7
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 09:56:30 GMT
x-amz-version-id: gFwP9zvZFBbIOCuWDl43k62jDa40ddyw
ETag: "6f5315e6fda6cac5272dddda7eec7d3c"
CF-Cache-Status: MISS
Expires: Fri, 06 Oct 2023 02:16:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755ae5c47d0fb503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.65200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.65:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 06 Oct 2022 01:29:33 GMT
Expires: Thu, 06 Oct 2022 01:42:47 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1zi8VY1sfQjezO2i7FX238ZUWP3xvsXOufe-pvcG0D1WR9uZ_TbYNg==
Age: 2840
confirmation-state-usaa-information-team-online-info.preview-domain.com/cdn-cgi/apps/body/8YtVgnu1iVJ0fyJzUoJsd_gBizk.js
104.18.25.120200 OK 12 kB URL HTTP/1.1 confirmation-state-usaa-information-team-online-info.preview-domain.com/cdn-cgi/apps/body/8YtVgnu1iVJ0fyJzUoJsd_gBizk.js
IP 104.18.25.120:0
File type ASCII text, with very long lines (4239)
Hash cf58f616c04a6cdb2ef6796a865ea479
f18b55827bb58952747f227352826c77f8018b39
986db8792f7551383040a69b42d74349ffca3172a86feac7c108041f818d65ef
Analyzer Verdict Alert quad9 Sinkholed
GET /cdn-cgi/apps/body/8YtVgnu1iVJ0fyJzUoJsd_gBizk.js HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/captcha.php
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:16:53 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 11654
Connection: keep-alive
x-amz-id-2: hwKXn75uoNLcEnhXdflm8f23LEzrJtXiPRGEFuPCpJOqkcLd9HgfF3c/MOzvloTrTv1BtMoIsS4=
x-amz-request-id: WG1MXYCQ4DGQY9HZ
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 09:56:30 GMT
x-amz-version-id: Jh2_77l9okiEW9Z4naYXi3ToSznL5t5t
ETag: "cf58f616c04a6cdb2ef6796a865ea479"
CF-Cache-Status: HIT
Age: 69449
Expires: Fri, 06 Oct 2023 02:16:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755ae5c7bd050b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1561c6be7c89d1357a80d12de47b6e74
9a705277922ecca583c867af58b3efce099f83bd
e33dc034dbf4b3b627cd3c1af2d942e2ca5704ec9a4aad5c46ad39eb070e82ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2275
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:16:53 GMT
Last-Modified: Thu, 06 Oct 2022 01:38:59 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/E83D71A074DF776F4.woff2
104.18.25.120301 Moved Permanently 0 B URL HTTP/1.1 confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/E83D71A074DF776F4.woff2
IP 104.18.25.120:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/E83D71A074DF776F4.woff2 HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css
HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 02:16:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
x-redirect-by: WordPress
location: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/E83D71A074DF776F4.woff2/
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:53 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755ae5c7dd080b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9C7F15704715916A9.woff2
104.18.25.120301 Moved Permanently 0 B URL HTTP/1.1 confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9C7F15704715916A9.woff2
IP 104.18.25.120:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9C7F15704715916A9.woff2 HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css
HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 02:16:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
x-redirect-by: WordPress
location: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9C7F15704715916A9.woff2/
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:53 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755ae5c7ce70b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/F68DD4439278D0467.woff2
104.18.25.120301 Moved Permanently 0 B URL HTTP/1.1 confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/F68DD4439278D0467.woff2
IP 104.18.25.120:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/F68DD4439278D0467.woff2 HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css
HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 02:16:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
x-redirect-by: WordPress
location: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/F68DD4439278D0467.woff2/
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:53 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755ae5c7dba1b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/C1B705B7AD8D5B4C6.woff2
104.18.25.120301 Moved Permanently 0 B URL HTTP/1.1 confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/C1B705B7AD8D5B4C6.woff2
IP 104.18.25.120:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/C1B705B7AD8D5B4C6.woff2 HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css
HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 02:16:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
x-redirect-by: WordPress
location: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/C1B705B7AD8D5B4C6.woff2/
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:53 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755ae5c7dc40b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9ECBC8FFB535D0532.woff2
104.18.25.120301 Moved Permanently 0 B URL HTTP/1.1 confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9ECBC8FFB535D0532.woff2
IP 104.18.25.120:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9ECBC8FFB535D0532.woff2 HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css
HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 02:16:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
x-redirect-by: WordPress
location: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9ECBC8FFB535D0532.woff2/
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:53 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755ae5c7dd090b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
push.services.mozilla.com/
35.162.217.251101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.217.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NQAk0/if8MjxwLHOfTc8rg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: G8YWaA51Z+cY2MaUA6j0LTkKALI=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:16:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js
142.250.74.163200 OK 159 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (711)
Size 159 kB (158844 bytes)
Hash b4ed95d4318e3b78b936c9c0f1ffa96e
b53c9376b1459afb07fb4b5c2e8d8dad776d3a02
3c21880cb7be6bec40f9d40c23ad39c9758999cf950cec07b86c83b21fde175f
GET /recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://confirmation-state-usaa-information-team-online-info.preview-domain.com
Connection: keep-alive
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158844
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 21:02:07 GMT
expires: Thu, 05 Oct 2023 21:02:07 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
content-type: text/javascript
age: 18887
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:16:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/C1B705B7AD8D5B4C6.woff2/
104.18.25.120200 OK 27 kB URL HTTP/1.1 confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/C1B705B7AD8D5B4C6.woff2/
IP 104.18.25.120:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (56416), with CRLF, LF line terminators
Hash e876175e4649aa1cbc43ef747a2cc3bc
2e12b07e754191a723efbd471595ee4b5d7bcd50
ae248002c22fd310bed6f38cabf571d915c029c2c054f9a91e41ac667b7eec35
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/C1B705B7AD8D5B4C6.woff2/ HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:16:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
link: <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/>; rel="https://api.w.org/", <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/wp/v2/pages/574>; rel="alternate"; type="application/json", <http://confirmation-state-usaa-information-team-online.info/>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: 169_HTTP.200,169_front,169_URL.3ed9541600336a2bc33e9332636b4ad7,169_F,169_Po.574,169_PGS,169_
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:54 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755ae5c91ed3b503-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/favicon.ico
104.18.25.120301 Moved Permanently 0 B URL HTTP/1.1 confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/favicon.ico
IP 104.18.25.120:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-admin/css/colors/ectoplasm/web/home/host/favicon.ico HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/captcha.php
HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 02:16:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
x-redirect-by: WordPress
location: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/favicon.ico/
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:54 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755ae5cc3c5cb50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9ECBC8FFB535D0532.woff2/
104.18.25.120200 OK 27 kB URL HTTP/1.1 confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9ECBC8FFB535D0532.woff2/
IP 104.18.25.120:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (56416), with CRLF, LF line terminators
Hash b47255a452b487042f201d3327e68541
120c5f33a564c4dc29bee0183846a861d9a1b065
e35b93096169c884d7bf11ed3c868ac670884b01eb6b15e0e4eafe417316c8b7
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9ECBC8FFB535D0532.woff2/ HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:16:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
link: <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/>; rel="https://api.w.org/", <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/wp/v2/pages/574>; rel="alternate"; type="application/json", <http://confirmation-state-usaa-information-team-online.info/>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: 169_HTTP.200,169_front,169_URL.85976ef6405dcdc4f5f93e562b5c3c15,169_F,169_Po.574,169_PGS,169_
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:54 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755ae5c91d470b51-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/E83D71A074DF776F4.woff2/
104.18.25.120200 OK 27 kB URL HTTP/1.1 confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/E83D71A074DF776F4.woff2/
IP 104.18.25.120:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (56416), with CRLF, LF line terminators
Hash 36bbf6fcf71f4818181bf448e07e6227
3468eb3bcdedab9d10eae45f66237438e9824c97
59b6f2d44e001ee6c55d6ff45f6ec6c431c38ab060cb7ed4aba765677bc0295a
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/E83D71A074DF776F4.woff2/ HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:16:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
link: <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/>; rel="https://api.w.org/", <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/wp/v2/pages/574>; rel="alternate"; type="application/json", <http://confirmation-state-usaa-information-team-online.info/>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: 169_HTTP.200,169_front,169_URL.7764e6acc8c9fc2a1f75ff52c39c947f,169_F,169_Po.574,169_PGS,169_
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:54 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755ae5c91bfbb505-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/C1B705B7AD8D5B4C6.woff
104.18.25.120301 Moved Permanently 0 B URL HTTP/1.1 confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/C1B705B7AD8D5B4C6.woff
IP 104.18.25.120:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/C1B705B7AD8D5B4C6.woff HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css
HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 02:16:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
x-redirect-by: WordPress
location: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/C1B705B7AD8D5B4C6.woff/
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:54 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755ae5cd68dfb503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/F68DD4439278D0467.woff2/
104.18.25.120200 OK 27 kB URL HTTP/1.1 confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/F68DD4439278D0467.woff2/
IP 104.18.25.120:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (56416), with CRLF, LF line terminators
Hash 99190558af2c7dcb047fbf655ddcb5d1
fb17e1b2ab5a1e205e81a0f0aa2659274b8eaa2a
e380577c6fb1f06753d4db36b7e1cebc0b56fef2912dcc0f57cff5f9206e1831
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/F68DD4439278D0467.woff2/ HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:16:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
link: <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/>; rel="https://api.w.org/", <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/wp/v2/pages/574>; rel="alternate"; type="application/json", <http://confirmation-state-usaa-information-team-online.info/>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: 169_HTTP.200,169_front,169_URL.d91cf6b9501814d32cb344bc62b845e1,169_F,169_Po.574,169_PGS,169_
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:54 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755ae5c91c87b4f4-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9C7F15704715916A9.woff2/
104.18.25.120200 OK 27 kB URL HTTP/1.1 confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9C7F15704715916A9.woff2/
IP 104.18.25.120:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (56416), with CRLF, LF line terminators
Hash ce6f857136779730a1a9af704f2ae12a
b6c6f2973f51205d29b063ff94b91453cd74a07c
663e62d9b53c117ab9321c2f656b0b6cb9e3b71faec15ec3e8e9bd00b52caa4e
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9C7F15704715916A9.woff2/ HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:16:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
link: <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/>; rel="https://api.w.org/", <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/wp/v2/pages/574>; rel="alternate"; type="application/json", <http://confirmation-state-usaa-information-team-online.info/>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: 169_HTTP.200,169_front,169_URL.26ed341e12cf9cf43680b4ca35f21fc3,169_F,169_Po.574,169_PGS,169_
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:54 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755ae5c90d450b51-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9ECBC8FFB535D0532.woff
104.18.25.120301 Moved Permanently 0 B URL HTTP/1.1 confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9ECBC8FFB535D0532.woff
IP 104.18.25.120:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9ECBC8FFB535D0532.woff HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css
HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 02:16:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
x-redirect-by: WordPress
location: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9ECBC8FFB535D0532.woff/
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:54 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755ae5ce1ec90b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/E83D71A074DF776F4.woff
104.18.25.120301 Moved Permanently 0 B URL HTTP/1.1 confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/E83D71A074DF776F4.woff
IP 104.18.25.120:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/E83D71A074DF776F4.woff HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css
HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 02:16:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
x-redirect-by: WordPress
location: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/E83D71A074DF776F4.woff/
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:54 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755ae5ce3e07b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/F68DD4439278D0467.woff
104.18.25.120301 Moved Permanently 0 B URL HTTP/1.1 confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/F68DD4439278D0467.woff
IP 104.18.25.120:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/F68DD4439278D0467.woff HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css
HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 02:16:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
x-redirect-by: WordPress
location: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/F68DD4439278D0467.woff/
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:54 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755ae5ceae67b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 12:31:58 GMT
expires: Sun, 01 Oct 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 395096
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9C7F15704715916A9.woff
104.18.25.120301 Moved Permanently 0 B URL HTTP/1.1 confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9C7F15704715916A9.woff
IP 104.18.25.120:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9C7F15704715916A9.woff HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css
HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 02:16:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
x-redirect-by: WordPress
location: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9C7F15704715916A9.woff/
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:55 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755ae5ceaef40b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/C1B705B7AD8D5B4C6.woff/
104.18.25.120200 OK 28 kB URL HTTP/1.1 confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/C1B705B7AD8D5B4C6.woff/
IP 104.18.25.120:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (56416), with CRLF, LF line terminators
Hash 63cf24e35d97b930ed5b2128a620da00
33689675c55c736362b859eac08a82b4296155b6
58644be51b3a8cd5bd544a5a9951f6f4efb589df6c9f9507d878e1146845294d
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/C1B705B7AD8D5B4C6.woff/ HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:16:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
link: <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/>; rel="https://api.w.org/", <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/wp/v2/pages/574>; rel="alternate"; type="application/json", <http://confirmation-state-usaa-information-team-online.info/>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: 169_HTTP.200,169_front,169_URL.51f1817cab16a5cd8530bc99901ab1c5,169_F,169_Po.574,169_PGS,169_
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:55 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755ae5ce7d08b50f-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5845
Expires: Thu, 06 Oct 2022 03:54:20 GMT
Date: Thu, 06 Oct 2022 02:16:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5845
Expires: Thu, 06 Oct 2022 03:54:20 GMT
Date: Thu, 06 Oct 2022 02:16:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5845
Expires: Thu, 06 Oct 2022 03:54:20 GMT
Date: Thu, 06 Oct 2022 02:16:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5845
Expires: Thu, 06 Oct 2022 03:54:20 GMT
Date: Thu, 06 Oct 2022 02:16:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf3cf74b-e020-403d-b52e-28fa9422685f.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf3cf74b-e020-403d-b52e-28fa9422685f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3222f99612aade6e826abd0777d174ab
87a07ee9edaede64877f4fb54343aacd5aa01fcf
18f2f9a9fa80180dda5cab4593580eff2345829c3a90304437987ce603b8f4c1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf3cf74b-e020-403d-b52e-28fa9422685f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7380
x-amzn-requestid: 7debdc13-fb3c-491b-bda0-c1626ab713f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPZNESDoAMFzNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df907-4502eff80aef2cd33080075e;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:37:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: 8BU057ZZmvAbEwso8F8QPIGXQeRjGB8nO3QJYQekMorUj-8AFO5Z6Q==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 57bd3a2d9e0e4cbf89d9eb3d7dfb916e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:47:36 GMT
etag: "87a07ee9edaede64877f4fb54343aacd5aa01fcf"
content-type: image/jpeg
age: 16159
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F523563fe-7c63-4bf8-82a9-5a22c254cf4c.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F523563fe-7c63-4bf8-82a9-5a22c254cf4c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 00e43396123462b87cf3d3592dd71f02
8c895a5716462c161f98637053cac4469eaaea33
2fc70d34c11b2fc338714930bdf6efa14a1c3d4d7560a43061aea41c83ec4d2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F523563fe-7c63-4bf8-82a9-5a22c254cf4c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10390
x-amzn-requestid: 3a01001b-3f8a-4118-9cce-af68e92b78bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjP2EEV4oAMFcqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df9c0-254f65637b3d98f8268fe321;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:40:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 7PsyVPG6o3G08CoNRuiY3iS-JL658WfKzUZQQTy4coWbKlYIQn5-Eg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 7f06047c304d80ea094816a27c933914.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:45:34 GMT
age: 16281
etag: "8c895a5716462c161f98637053cac4469eaaea33"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0916782d-815c-4b19-b89a-acc67a745ebc.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0916782d-815c-4b19-b89a-acc67a745ebc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a2e00e7f6054a915275111712ae68feb
016d84f56f97f1ab12c4046177e3e809aa861729
d042df692c87770504eaa80dae07601163a3b330061b5b9ec7b66a2bec759150
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0916782d-815c-4b19-b89a-acc67a745ebc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11478
x-amzn-requestid: d058c900-2b03-4373-aa5b-0d91128de0e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQiMGXDIAMFbVg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfada-743a7dda1804ecb76ae96592;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:44:58 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: Geyupd7DZO0XRtj6uKJM-il3wOu82I2N26-vLgJCxYlid1Csm-fYxQ==
via: 1.1 58f9a50682bb94842197f3e957919c60.cloudfront.net (CloudFront), 1.1 76dcc62b68091cc715d50b5017be77fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 22:01:17 GMT
age: 15338
etag: "016d84f56f97f1ab12c4046177e3e809aa861729"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73af78d1-5736-4820-b1cd-2746dc2b907b.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73af78d1-5736-4820-b1cd-2746dc2b907b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 746e3c38e01d58e6fa0728798221a830
b19dd1d42995ea4242505b152e77835442341581
c524a2e7e29690030b7402077f711e643674c8f42de071214f3909b447fb1e3b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73af78d1-5736-4820-b1cd-2746dc2b907b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6933
x-amzn-requestid: aa50b0cd-e931-49a9-bce3-00366738aea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPtNGKPoAMF6UA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df987-77a4f8306103dcdf3de7d1fd;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:39:19 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: J6TTFpH3OGVu4hTFbLlatmlwGGOiEshSdr4xUCdCKog4kUAA5TyBSQ==
via: 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 22:10:54 GMT
age: 14761
etag: "b19dd1d42995ea4242505b152e77835442341581"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9ECBC8FFB535D0532.woff/
104.18.25.120200 OK 28 kB URL HTTP/1.1 confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9ECBC8FFB535D0532.woff/
IP 104.18.25.120:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (56416), with CRLF, LF line terminators
Hash 62f484de981c122203b1a7a433b6822d
b4aa72276dee2be4e55ff14b14f160a8402d6ec3
84dd98d0cc98b50002f386a259cbad304dbcc50f5b47bb3b85485b02f1c0d5cb
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9ECBC8FFB535D0532.woff/ HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:16:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
link: <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/>; rel="https://api.w.org/", <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/wp/v2/pages/574>; rel="alternate"; type="application/json", <http://confirmation-state-usaa-information-team-online.info/>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: 169_HTTP.200,169_front,169_URL.86953cd2df4ca879b048a709405fd6d4,169_F,169_Po.574,169_PGS,169_
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:55 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755ae5cf2f190b51-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4fc2ddd86450d64d3fb659ab4e78be58
bbe71936b78a8c34d03ab87948dc840b35c6948f
84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: szhtD9f4RuQaDKXe7LElSR0yOKo9cYa1i2YMeG3eSpBXP8ePcdzQig==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 07:29:32 GMT
age: 67643
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb35f200a-4b30-4eca-b738-7597a7594fb0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb35f200a-4b30-4eca-b738-7597a7594fb0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af17f003b33d854fd024dcd3980fea27
1282572af57f7d04cae3f736a9b9fcb378efdf70
5e0112558b9196f1025a354f4b69fb02321d9a345c2d302e523001a56b51cc31
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb35f200a-4b30-4eca-b738-7597a7594fb0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12156
x-amzn-requestid: 0640ef42-f082-43cb-9fbb-ba509f7ec1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZXYcIFhmIAMFeVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63393ab3-2fbc1cf648993ee1346ec9b2;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 07:16:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LZZWZlT3DnlbEyrOaNR-emsGas3uCB6VaQYdTQ76-W0XL7_Yq3BAJw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 09:27:45 GMT
age: 60550
etag: "1282572af57f7d04cae3f736a9b9fcb378efdf70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/E83D71A074DF776F4.woff/
104.18.25.120200 OK 28 kB URL HTTP/1.1 confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/E83D71A074DF776F4.woff/
IP 104.18.25.120:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (56416), with CRLF, LF line terminators
Hash 470333a6ba005078502d7dd7a7d9f4d3
5917ed9572a0f737d04eeb2f07cbe594dc85bf87
a9e935c621335649be99684be9c88bc8ce9cb234b32be99072dd57c9300b9b26
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/E83D71A074DF776F4.woff/ HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:16:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
link: <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/>; rel="https://api.w.org/", <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/wp/v2/pages/574>; rel="alternate"; type="application/json", <http://confirmation-state-usaa-information-team-online.info/>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: 169_HTTP.200,169_front,169_URL.f4bce783d8275935dcd992dba0221487,169_F,169_Po.574,169_PGS,169_
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:55 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755ae5cfae6bb505-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/F68DD4439278D0467.woff/
104.18.25.120200 OK 28 kB URL HTTP/1.1 confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/F68DD4439278D0467.woff/
IP 104.18.25.120:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (56416), with CRLF, LF line terminators
Hash 389f385b7805342154e2cf82a6f489bd
626af6cdc887814a5ed2853c046b975ac873b53e
68b91deee1ad64b04c6227e76b66408b28cda7de876b997ff52fd0b214ef33ed
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/F68DD4439278D0467.woff/ HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:16:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
link: <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/>; rel="https://api.w.org/", <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/wp/v2/pages/574>; rel="alternate"; type="application/json", <http://confirmation-state-usaa-information-team-online.info/>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: 169_HTTP.200,169_front,169_URL.f9ebe98bbf26e37cfba8edeb12a355e1,169_F,169_Po.574,169_PGS,169_
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:55 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755ae5cfdec1b4f4-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9C7F15704715916A9.woff/
104.18.25.120200 OK 28 kB URL HTTP/1.1 confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9C7F15704715916A9.woff/
IP 104.18.25.120:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (56416), with CRLF, LF line terminators
Hash ff6be4911ff84b1e875e04ec0e3c368a
11a724f0c6a961905ee3dee1a445faec2b4679b3
ae317a5aa401a547c472f5ddeb995b67f4f1a1e53651412a972ea95aef2ccaa0
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-admin/css/colors/ectoplasm/web/home/host/assets/css/9C7F15704715916A9.woff/ HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/assets/css/ent-unified-logon-web.5ebf7a63de6bdd733dbd.css
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:16:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
link: <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/>; rel="https://api.w.org/", <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/wp/v2/pages/574>; rel="alternate"; type="application/json", <http://confirmation-state-usaa-information-team-online.info/>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: 169_HTTP.200,169_front,169_URL.9c20635c330eb7977cf670840c0789ab,169_F,169_Po.574,169_PGS,169_
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:55 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755ae5cfdf4f0b51-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/favicon.ico/
104.18.25.120200 OK 28 kB URL HTTP/1.1 confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/favicon.ico/
IP 104.18.25.120:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (56416), with CRLF, LF line terminators
Hash 88f53082711259ae086e56260f720d1b
bfcb72d028455bf33e753158b979dceeb65c5532
3e7d209d2bb30e8a9b4465762b4ad323efbd25122c1c21cf2117fd08d2b3d748
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-admin/css/colors/ectoplasm/web/home/host/favicon.ico/ HTTP/1.1
Host: confirmation-state-usaa-information-team-online-info.preview-domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://confirmation-state-usaa-information-team-online-info.preview-domain.com/wp-admin/css/colors/ectoplasm/web/home/host/captcha.php
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:16:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
x-pingback: http://confirmation-state-usaa-information-team-online.info/xmlrpc.php
link: <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/>; rel="https://api.w.org/", <http://confirmation-state-usaa-information-team-online.info/index.php?rest_route=/wp/v2/pages/574>; rel="alternate"; type="application/json", <http://confirmation-state-usaa-information-team-online.info/>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: 169_HTTP.200,169_front,169_URL.3337bd948f63b0ce0a65edc358599b89,169_F,169_Po.574,169_PGS,169_
cache-control: public, max-age=604800
expires: Thu, 13 Oct 2022 02:16:56 GMT
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755ae5d45834b4f4-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400