omg-group.com Open in urlscan Pro
2a06:98c1:3121::c  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request EDDUpdateForm.html Show response omg-group.com/wp-admin/includes/tt/	42 KB 7 KB	387ms 320ms	Document text/html	2a06:98c1:3121::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://omg-group.com/wp-admin/includes/tt/EDDUpdateForm.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3858f34e4486a332c393949478d230625a2c07507dd54bfe274cafb93cadbb3a Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 732988924aafb8bb-AMS content-encoding br content-type text/html date Fri, 29 Jul 2022 23:11:24 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" last-modified Wed, 27 Jul 2022 15:28:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FDo%2ByFQ4Y64Iok%2Fb40FLtQMu4qB2%2BeGBKCEbuwhQtkKNKy0Ihthb4xAhHFQDExjs0alSx1vRYVMM%2Bc8eevhSrVb228xflpFpEC04SBEncbFSuRjZVqpeT1IXZyB6QTWeEF8M90VPMiRhzLNA"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	css www.visaprepaidprocessing.com/bundles/foundation/	2 KB 1 KB	311ms 197ms	Stylesheet text/css	172.64.147.33 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.visaprepaidprocessing.com/bundles/foundation/css?v=TgYukCV0BSpb98GObtBe6i9KeBqBppGV5EzParDKRD011 Requested by Host: omg-group.com URL: https://omg-group.com/wp-admin/includes/tt/EDDUpdateForm.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 172.64.147.33 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9125b08d73099fe6cc8ec181f39edc63439b48442010ec2635791578f9e3b4ed Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language nl-NL,nl;q=0.9 Referer https://omg-group.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers pragma no-cache date Fri, 29 Jul 2022 23:11:25 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare x-opnet-transaction-trace a2_7cdc69d0-5a68-4884-8b5c-b30b864ad639-66112-300462 x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/css; charset=utf-8 cache-control no-cache cf-ray 73298894fa28b933-AMS expires -1
GET H2	200	css www.visaprepaidprocessing.com/bundles/	290 KB 48 KB	279ms 166ms	Stylesheet text/css	172.64.147.33 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.visaprepaidprocessing.com/bundles/css?v=wAZASNxRNEHvELh5VVy5mcxHM2kaP7CFlrsQ-TKMrzc11 Requested by Host: omg-group.com URL: https://omg-group.com/wp-admin/includes/tt/EDDUpdateForm.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 172.64.147.33 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6d926638fec19cfb6b7c198a7cbd5ba4933a966bc20aea5fb14db35c3318c46c Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language nl-NL,nl;q=0.9 Referer https://omg-group.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers pragma no-cache date Fri, 29 Jul 2022 23:11:25 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare x-opnet-transaction-trace a2_6d634057-c9de-4062-9663-46032a5649db-37404-297456 x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/css; charset=utf-8 cache-control no-cache cf-ray 73298894fa29b933-AMS expires -1
GET H2	200	preventEarlyClickCss www.visaprepaidprocessing.com/bundles/	45 B 353 B	280ms 167ms	Stylesheet text/css	172.64.147.33 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.visaprepaidprocessing.com/bundles/preventEarlyClickCss?v=AjE3qz4xe4LPPh9UwnSuF7YqcFXF2UG5PMA-GpfTe5c11 Requested by Host: omg-group.com URL: https://omg-group.com/wp-admin/includes/tt/EDDUpdateForm.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 172.64.147.33 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 42a0994f945e96989c7b09cd6d4c08fced929ce73f63396a83b3f071720c3c49 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language nl-NL,nl;q=0.9 Referer https://omg-group.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers pragma no-cache date Fri, 29 Jul 2022 23:11:25 GMT cf-cache-status DYNAMIC server cloudflare x-opnet-transaction-trace a2_c5300be7-411c-4405-85ee-c6471f5e4d6b-66196-299435 x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/css; charset=utf-8 cache-control no-cache cf-ray 732988950a2bb933-AMS content-length 45 expires -1
GET H2	200	site.css www.visaprepaidprocessing.com/content/PRC384/CP384-T03-019/_Styles/	65 KB 13 KB	710ms 597ms	Stylesheet text/css	172.64.147.33 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.visaprepaidprocessing.com/content/PRC384/CP384-T03-019/_Styles/site.css Requested by Host: omg-group.com URL: https://omg-group.com/wp-admin/includes/tt/EDDUpdateForm.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 172.64.147.33 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9ac51812f3c5052b6c14281e132a55b2c5603b4170e8440cca32ebbff26fe866 Request headers accept-language nl-NL,nl;q=0.9 Referer https://omg-group.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 29 Jul 2022 23:11:25 GMT content-encoding br cf-cache-status MISS last-modified Mon, 11 May 2020 16:57:38 GMT server cloudflare etag W/"456f1a47b527d61:0" x-opnet-transaction-trace a2_ee6ee5ba-e1bf-4382-903b-76903af7c3b5-34644-305250 vary Accept-Encoding expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/css cache-control public, max-age=14400 cf-ray 732988950a2cb933-AMS expires Sat, 30 Jul 2022 03:11:25 GMT
GET H2	200	logo.png www.visaprepaidprocessing.com/content/PRC384/CP384-T03-019/_Images/	8 KB 8 KB	301ms 202ms	Image image/png	172.64.147.33 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.visaprepaidprocessing.com/content/PRC384/CP384-T03-019/_Images/logo.png Requested by Host: omg-group.com URL: https://omg-group.com/wp-admin/includes/tt/EDDUpdateForm.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 172.64.147.33 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ad62eb85667532488d032273c196c7ea1c10e0897223c4b66cd38b8c5e5215a4 Request headers accept-language nl-NL,nl;q=0.9 Referer https://omg-group.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 29 Jul 2022 23:11:25 GMT cf-cache-status REVALIDATED last-modified Tue, 15 Oct 2019 14:27:22 GMT server cloudflare etag "d8d87ca86483d51:0" x-opnet-transaction-trace a2_6fdc4a17-db5d-4d74-b0f7-2034b7ccd282-64816-171597 vary Accept-Encoding expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 732988950a2db933-AMS content-length 7719 expires Sat, 30 Jul 2022 03:11:25 GMT
GET H2	404	load.gif ppllabs.com/wp-content/uploads/2018/10/	0 0	419ms 290ms	Image text/html	54.194.170.100 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ppllabs.com/wp-content/uploads/2018/10/load.gif Requested by Host: omg-group.com URL: https://omg-group.com/wp-admin/includes/tt/EDDUpdateForm.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 54.194.170.100 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-194-170-100.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://omg-group.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers
GET H2	200	print www.visaprepaidprocessing.com/bundles/css/	2 KB 862 B	306ms 208ms	Stylesheet text/css	172.64.147.33 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.visaprepaidprocessing.com/bundles/css/print?v=JPgM1hk5e3sLqXHZFVWtkkRA7MMTcH6t30yiIk5dBDo11 Requested by Host: omg-group.com URL: https://omg-group.com/wp-admin/includes/tt/EDDUpdateForm.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 172.64.147.33 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5e2aabe93299c82250d8d6952e7eec0d120c95b45ddc24175f187dd530543205 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language nl-NL,nl;q=0.9 Referer https://omg-group.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers pragma no-cache date Fri, 29 Jul 2022 23:11:25 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare x-opnet-transaction-trace a2_7cdc69d0-5a68-4884-8b5c-b30b864ad639-66112-300463 x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/css; charset=utf-8 cache-control no-cache cf-ray 732988950a2fb933-AMS expires -1
GET H2	200	California-Emplorment-Development-Department.png risingsunopp.org/wp-content/uploads/	38 KB 39 KB	787ms 156ms	Image image/png	35.196.226.51 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://risingsunopp.org/wp-content/uploads/California-Emplorment-Development-Department.png Requested by Host: omg-group.com URL: https://omg-group.com/wp-admin/includes/tt/EDDUpdateForm.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.196.226.51 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 51.226.196.35.bc.googleusercontent.com Software nginx / Resource Hash e42a916188a514a0a199e43604cade7a8ea93c324b5b661a5dbb11055d10d459 Request headers accept-language nl-NL,nl;q=0.9 Referer https://omg-group.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 29 Jul 2022 23:11:25 GMT last-modified Mon, 10 Jun 2019 17:08:24 GMT server nginx etag "5cfe8e88-9931" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 39217
GET H2	200	EmailLogo.png www.visaprepaidprocessing.com/content/PRC384/_images/	4 KB 4 KB	179ms 179ms	Image image/png	172.64.147.33 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.visaprepaidprocessing.com/content/PRC384/_images/EmailLogo.png Requested by Host: omg-group.com URL: https://omg-group.com/wp-admin/includes/tt/EDDUpdateForm.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 172.64.147.33 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash db86fe978fad3c304c1c8b6ab1f65f409c16137076caec52fdfba3a18fbeebdb Request headers accept-language nl-NL,nl;q=0.9 Referer https://omg-group.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 29 Jul 2022 23:11:25 GMT cf-cache-status REVALIDATED last-modified Thu, 27 Aug 2020 16:15:23 GMT server cloudflare etag "805f2c448d7cd61:0" x-opnet-transaction-trace a2_afb08176-75d1-4bd8-9af0-244f2f8d5cf5-27732-590919 vary Accept-Encoding expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 732988958b17b933-AMS content-length 3908 expires Sat, 30 Jul 2022 03:11:25 GMT
GET H2	200	smtp.js Show response smtpjs.com/v3/	871 B 1 KB	99ms 29ms	Script application/javascript	109.169.71.112 IOMART-AS
General Check archive.org Show headers Download Go to Full URL https://smtpjs.com/v3/smtp.js Requested by Host: omg-group.com URL: https://omg-group.com/wp-admin/includes/tt/EDDUpdateForm.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.169.71.112 Altrincham, United Kingdom, ASN20860 (IOMART-AS, GB), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 1fd711cb491a361ef91e29c50de0680a4b156c0b34bb91e18570d0037263a776 Request headers accept-language nl-NL,nl;q=0.9 Referer https://omg-group.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 29 Jul 2022 23:11:24 GMT last-modified Tue, 10 Nov 2020 17:17:51 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "162f436b85b7d61:0" content-type application/javascript access-control-allow-origin * accept-ranges bytes content-length 871
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.2.1/	85 KB 30 KB	101ms 32ms	Script text/javascript	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js Requested by Host: omg-group.com URL: https://omg-group.com/wp-admin/includes/tt/EDDUpdateForm.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://omg-group.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 29 Jul 2022 22:17:42 GMT content-encoding gzip x-content-type-options nosniff age 3223 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30306 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 29 Jul 2023 22:17:42 GMT
GET		OpenSans-Regular-webfont.woff www.visaprepaidprocessing.com/Content/_Fonts/	0 0
GET		Connections.woff www.visaprepaidprocessing.com/content/PRC384/_Fonts/	0 0
GET		OpenSans-Bold-webfont.woff www.visaprepaidprocessing.com/Content/_Fonts/	0 0
GET H/1.1	200 OK	/ Show response api.ipify.org/	23 B 253 B	330ms 106ms	XHR application/json	54.91.59.199 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.ipify.org/?format=json Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-91-59-199.compute-1.amazonaws.com Software Cowboy / Resource Hash 8af7d552d1d7bbef86337919a96296108284fd607d8eba3644affea54fc9ba3c Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://omg-group.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Fri, 29 Jul 2022 23:11:25 GMT Via 1.1 vegur Server Cowboy Vary Origin Content-Type application/json Access-Control-Allow-Origin https://omg-group.com Connection keep-alive Content-Length 23
GET		OpenSans-Regular-webfont.ttf www.visaprepaidprocessing.com/Content/_Fonts/	0 0
GET		OpenSans-Bold-webfont.ttf www.visaprepaidprocessing.com/Content/_Fonts/	0 0
GET		Connections.ttf www.visaprepaidprocessing.com/content/PRC384/_Fonts/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.visaprepaidprocessing.com

URL

https://www.visaprepaidprocessing.com/Content/_Fonts/OpenSans-Regular-webfont.woff

Domain

www.visaprepaidprocessing.com

URL

https://www.visaprepaidprocessing.com/content/PRC384/_Fonts/Connections.woff

Domain

www.visaprepaidprocessing.com

URL

https://www.visaprepaidprocessing.com/Content/_Fonts/OpenSans-Bold-webfont.woff

Domain

www.visaprepaidprocessing.com

URL

https://www.visaprepaidprocessing.com/Content/_Fonts/OpenSans-Regular-webfont.ttf

Domain

www.visaprepaidprocessing.com

URL

https://www.visaprepaidprocessing.com/Content/_Fonts/OpenSans-Bold-webfont.ttf

Domain

www.visaprepaidprocessing.com

URL

https://www.visaprepaidprocessing.com/content/PRC384/_Fonts/Connections.ttf

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank of America (Banking)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| Email function| sendEmailL function| sendEmailC function| sendEmail function| sendEmail2 function| sendEmail3 function| sendEmail4 function| sendEmail5 function| sendEmail6 function| $ function| jQuery

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.visaprepaidprocessing.com/	1970-01-20 04:53:39	Name: __cflb Value: 0H28uxchcBYFcUJ7agzKikmQw5nqRP3uKP1hhAdEzma
			.visaprepaidprocessing.com/	1969-12-31 23:59:59	Name: __cfruid Value: db5d826786644fe56b57b88f2b3b3813c8778c85-1659136285
			.visaprepaidprocessing.com/	1970-01-20 04:52:18	Name: __cf_bm Value: D0rcQkcS.TCbhBYy2nqDYFMp9NXusiuvdALzWavMw5k-1659136285-0-AabmN1Non4M8cxshFQR/XzKNJ1AhpiqBMmAZ7+3ucykjSOAWCAZ2JuVTKt9Dx2124qWCNWsSP/Uo0R1HRrjktQM=

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ppllabs.com/wp-content/uploads/2018/10/load.gif Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://omg-group.com/wp-admin/includes/tt/EDDUpdateForm.html Message: Access to font at 'https://www.visaprepaidprocessing.com/Content/_Fonts/OpenSans-Regular-webfont.woff' from origin 'https://omg-group.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.visaprepaidprocessing.com/Content/_Fonts/OpenSans-Regular-webfont.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://omg-group.com/wp-admin/includes/tt/EDDUpdateForm.html Message: Access to font at 'https://www.visaprepaidprocessing.com/Content/_Fonts/OpenSans-Bold-webfont.woff' from origin 'https://omg-group.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.visaprepaidprocessing.com/Content/_Fonts/OpenSans-Bold-webfont.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://omg-group.com/wp-admin/includes/tt/EDDUpdateForm.html Message: Access to font at 'https://www.visaprepaidprocessing.com/content/PRC384/_Fonts/Connections.woff' from origin 'https://omg-group.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.visaprepaidprocessing.com/content/PRC384/_Fonts/Connections.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://omg-group.com/wp-admin/includes/tt/EDDUpdateForm.html Message: Access to font at 'https://www.visaprepaidprocessing.com/Content/_Fonts/OpenSans-Bold-webfont.ttf' from origin 'https://omg-group.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.visaprepaidprocessing.com/Content/_Fonts/OpenSans-Bold-webfont.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://omg-group.com/wp-admin/includes/tt/EDDUpdateForm.html Message: Access to font at 'https://www.visaprepaidprocessing.com/Content/_Fonts/OpenSans-Regular-webfont.ttf' from origin 'https://omg-group.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.visaprepaidprocessing.com/Content/_Fonts/OpenSans-Regular-webfont.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://omg-group.com/wp-admin/includes/tt/EDDUpdateForm.html Message: Access to font at 'https://www.visaprepaidprocessing.com/content/PRC384/_Fonts/Connections.ttf' from origin 'https://omg-group.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.visaprepaidprocessing.com/content/PRC384/_Fonts/Connections.ttf Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.ipify.org
omg-group.com
ppllabs.com
risingsunopp.org
smtpjs.com
www.visaprepaidprocessing.com
www.visaprepaidprocessing.com
109.169.71.112
172.64.147.33
2a00:1450:4001:803::200a
2a06:98c1:3121::c
35.196.226.51
54.194.170.100
54.91.59.199
1fd711cb491a361ef91e29c50de0680a4b156c0b34bb91e18570d0037263a776
3858f34e4486a332c393949478d230625a2c07507dd54bfe274cafb93cadbb3a
42a0994f945e96989c7b09cd6d4c08fced929ce73f63396a83b3f071720c3c49
5e2aabe93299c82250d8d6952e7eec0d120c95b45ddc24175f187dd530543205
6d926638fec19cfb6b7c198a7cbd5ba4933a966bc20aea5fb14db35c3318c46c
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8af7d552d1d7bbef86337919a96296108284fd607d8eba3644affea54fc9ba3c
9125b08d73099fe6cc8ec181f39edc63439b48442010ec2635791578f9e3b4ed
9ac51812f3c5052b6c14281e132a55b2c5603b4170e8440cca32ebbff26fe866
ad62eb85667532488d032273c196c7ea1c10e0897223c4b66cd38b8c5e5215a4
db86fe978fad3c304c1c8b6ab1f65f409c16137076caec52fdfba3a18fbeebdb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42a916188a514a0a199e43604cade7a8ea93c324b5b661a5dbb11055d10d459