landingst.wpengine.com Open in urlscan Pro
35.196.26.136 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://landingst.wpengine.com/bofa-test-landing-page/
Submission: On August 22 via manual (August 22nd 2023, 9:57:59 pm UTC) from US — Scanned from DE

Summary HTTP 19 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 19 HTTP transactions. The main IP is 35.196.26.136, located in North Charleston, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is landingst.wpengine.com.

This is the only time landingst.wpengine.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bank of America (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 15	35.196.26.136 35.196.26.136	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2606:4700::68... 2606:4700::6810:d515	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2

15 35.196.26.136 (North Charleston, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 136.26.196.35.bc.googleusercontent.com

landingst.wpengine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:d515 (United States)

ASN13335 (CLOUDFLARENET, US)

file.virginpulse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	wpengine.com 1 redirects landingst.wpengine.com	208 KB
5	virginpulse.com file.virginpulse.com — Cisco Umbrella Rank: 84607	695 KB
19	2

	Domain	Requested by
15	landingst.wpengine.com	1 redirects landingst.wpengine.com
5	file.virginpulse.com	landingst.wpengine.com
19	2

This site contains links to these domains. Also see Links.

Domain
app.member.virginpulse.com
enroll.virginpulse.com
support.mywellnessresources.com

Subject Issuer	Validity	Valid
member.virginpulse.com DigiCert SHA2 Secure Server CA	`2022-12-05` - `2023-12-04`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://landingst.wpengine.com/bofa-test-landing-page/
Frame ID: 10EC533A9AFF42D667988391DA1F8D9D
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MyWellness - Landing Page Test

Page URL History Show full URLs

http://landingst.wpengine.com/bofa-test-landing-page HTTP 301
http://landingst.wpengine.com/bofa-test-landing-page/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

26 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

902 kB
Transfer

1212 kB
Size

1
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://app.member.virginpulse.com/
Title: Active Employees

Search URL Search Domain Scan URL

URL: https://enroll.virginpulse.com/#/sponsors/5272/enrollmentGroups/3637
Title: Employee

Search URL Search Domain Scan URL

URL: https://enroll.virginpulse.com/#/sponsors/5272/enrollmentGroups/3638
Title: Spouse or partner

Search URL Search Domain Scan URL

URL: https://support.mywellnessresources.com/
Title: Have questions? Get answers.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://landingst.wpengine.com/bofa-test-landing-page HTTP 301
http://landingst.wpengine.com/bofa-test-landing-page/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
landingst.wpengine.com/bofa-test-landing-page/
Redirect Chain

http://landingst.wpengine.com/bofa-test-landing-page
http://landingst.wpengine.com/bofa-test-landing-page/

10 KB
4 KB

122ms
121ms

Document
text/html

35.196.26.136
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

http://landingst.wpengine.com/bofa-test-landing-page/

Protocol

HTTP/1.1

Server

35.196.26.136 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

136.26.196.35.bc.googleusercontent.com

Software

nginx / WP Engine

Resource Hash

f3e8833b989e30d3b091afec83d2e6b7f72635c63936e17d327435ee7c4e061a

Security Headers

Name

Value

Content-Security-Policy

default-src 'self';script-src 'self' https://js-agent.newrelic.com/ https://code.jquery.com/ https://cdnjs.cloudflare.com/ https://stackpath.bootstrapcdn.com/ https://ajax.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://landing.virginpulse.com/ https://www.googletagmanager.com/ 'unsafe-inline';script-src-elem 'self' https://js-agent.newrelic.com/ https://code.jquery.com/ https://cdnjs.cloudflare.com/ https://stackpath.bootstrapcdn.com/ https://ajax.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://landing.virginpulse.com/ https://www.googletagmanager.com/ 'unsafe-inline';style-src 'self' https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://landing.virginpulse.com/ https://stackpath.bootstrapcdn.com/ 'unsafe-inline';style-src-elem 'self' https://maxcdn.bootstrapcdn.com/ https://fonts.googleapis.com/ https://landing.virginpulse.com/ https://stackpath.bootstrapcdn.com/ 'unsafe-inline';font-src 'self' https://fonts.gstatic.com/ https://maxcdn.bootstrapcdn.com/ data:;img-src * 'self' data: https:;

Strict-Transport-Security

includeSubdomains; preload; max-age=63072000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=600, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: default-src 'self';script-src 'self' https://js-agent.newrelic.com/ https://code.jquery.com/ https://cdnjs.cloudflare.com/ https://stackpath.bootstrapcdn.com/ https://ajax.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://landing.virginpulse.com/ https://www.googletagmanager.com/ 'unsafe-inline';script-src-elem 'self' https://js-agent.newrelic.com/ https://code.jquery.com/ https://cdnjs.cloudflare.com/ https://stackpath.bootstrapcdn.com/ https://ajax.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://landing.virginpulse.com/ https://www.googletagmanager.com/ 'unsafe-inline';style-src 'self' https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://landing.virginpulse.com/ https://stackpath.bootstrapcdn.com/ 'unsafe-inline';style-src-elem 'self' https://maxcdn.bootstrapcdn.com/ https://fonts.googleapis.com/ https://landing.virginpulse.com/ https://stackpath.bootstrapcdn.com/ 'unsafe-inline';font-src 'self' https://fonts.gstatic.com/ https://maxcdn.bootstrapcdn.com/ data:;img-src * 'self' data: https:;
Content-Type: text/html; charset=UTF-8
Date: Tue, 22 Aug 2023 21:57:52 GMT
Keep-Alive: timeout=20
Link: <https://landingst.wpengine.com/?p=454>; rel=shortlink
Server: nginx
Strict-Transport-Security: includeSubdomains; preload; max-age=63072000;
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
X-Cache: HIT: 17
X-Cache-Group: normal
X-Cacheable: SHORT
X-WPE-Request-ID: 88e3afa45de2d287339a179ac50eeb35
x-powered-by: WP Engine

Redirect headers

Cache-Control: max-age=600, must-revalidate
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Tue, 22 Aug 2023 21:57:52 GMT
Keep-Alive: timeout=20
Location: http://landingst.wpengine.com/bofa-test-landing-page/
Server: nginx
Strict-Transport-Security: includeSubdomains; preload; max-age=63072000;
X-Cache: HIT: 17
X-Cache-Group: normal
X-Cacheable: non200
X-Redirect-By: WordPress
X-WPE-Request-ID: 09650d096f5c32004a69f6e6a9f7b41f
x-powered-by: WP Engine

GET
H/1.1 200
OK jquery-1.11.1.min.js Show response
landingst.wpengine.com/wp-content/themes/landing/MyWellnessLandingPageTest/js/ 94 KB
33 KB 247ms
126ms Script
application/javascript 35.196.26.136
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: http://landingst.wpengine.com/wp-content/themes/landing/MyWellnessLandingPageTest/js/jquery-1.11.1.min.js
Requested by: Host: landingst.wpengine.com
URL: http://landingst.wpengine.com/bofa-test-landing-page/
Protocol: HTTP/1.1
Server: 35.196.26.136 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 136.26.196.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://landingst.wpengine.com/bofa-test-landing-page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 21:57:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 09:53:23 GMT
Server: nginx
ETag: W/"64ccca93-1762a"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
X-WPE-Request-ID: b4cef7e2dd3f8f0893ce113658eeb74e
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Keep-Alive: timeout=20

GET
H/1.1 200
OK MyWellnessLandingPageTest.js Show response
landingst.wpengine.com/wp-content/themes/landing/MyWellnessLandingPageTest/js/ 363 B
665 B 244ms
124ms Script
application/javascript 35.196.26.136
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: http://landingst.wpengine.com/wp-content/themes/landing/MyWellnessLandingPageTest/js/MyWellnessLandingPageTest.js
Requested by: Host: landingst.wpengine.com
URL: http://landingst.wpengine.com/bofa-test-landing-page/
Protocol: HTTP/1.1
Server: 35.196.26.136 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 136.26.196.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 29bfb6629dc9eb56bcb6c99c09f9544c95cf98ed0ceacc80d119fad11b8f2199

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://landingst.wpengine.com/bofa-test-landing-page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 21:57:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Aug 2023 10:07:16 GMT
Server: nginx
ETag: W/"64d60854-16b"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
X-WPE-Request-ID: 0d1bfb3df1d25793a2521e860a7148a7
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Keep-Alive: timeout=20

GET
H/1.1 200
OK bootstrap.min.css
landingst.wpengine.com/wp-content/themes/landing/MyWellnessLandingPageTest/css/ 138 KB
21 KB 243ms
127ms Stylesheet
text/css 35.196.26.136
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: http://landingst.wpengine.com/wp-content/themes/landing/MyWellnessLandingPageTest/css/bootstrap.min.css
Requested by: Host: landingst.wpengine.com
URL: http://landingst.wpengine.com/bofa-test-landing-page/
Protocol: HTTP/1.1
Server: 35.196.26.136 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 136.26.196.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://landingst.wpengine.com/bofa-test-landing-page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 21:57:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 09:53:23 GMT
Server: nginx
ETag: W/"64ccca93-22682"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: text/css
X-WPE-Request-ID: d71057aa32b670f4fbfc8fa733b8a40b
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Keep-Alive: timeout=20

GET
H/1.1 200
OK font_awesome.css
landingst.wpengine.com/wp-content/themes/landing/MyWellnessLandingPageTest/fonts/ 46 KB
10 KB 240ms
122ms Stylesheet
text/css 35.196.26.136
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: http://landingst.wpengine.com/wp-content/themes/landing/MyWellnessLandingPageTest/fonts/font_awesome.css
Requested by: Host: landingst.wpengine.com
URL: http://landingst.wpengine.com/bofa-test-landing-page/
Protocol: HTTP/1.1
Server: 35.196.26.136 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 136.26.196.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://landingst.wpengine.com/bofa-test-landing-page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 21:57:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 09:53:23 GMT
Server: nginx
ETag: W/"64ccca93-b752"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: text/css
X-WPE-Request-ID: d53decec0eac9781976989c6a72dc864
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Keep-Alive: timeout=20

GET
H/1.1 200
OK MyWellnessLandingPageTest.css
landingst.wpengine.com/wp-content/themes/landing/MyWellnessLandingPageTest/css/ 47 KB
6 KB 242ms
124ms Stylesheet
text/css 35.196.26.136
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: http://landingst.wpengine.com/wp-content/themes/landing/MyWellnessLandingPageTest/css/MyWellnessLandingPageTest.css
Requested by: Host: landingst.wpengine.com
URL: http://landingst.wpengine.com/bofa-test-landing-page/
Protocol: HTTP/1.1
Server: 35.196.26.136 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 136.26.196.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: a80fb032e98ea1dc965aef77ae04d37d5119fbbcc2c2b676af36736c1d8defc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://landingst.wpengine.com/bofa-test-landing-page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 21:57:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 09:53:23 GMT
Server: nginx
ETag: W/"64ccca93-bc87"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: text/css
X-WPE-Request-ID: d240e72cc0c49c68a472f718e085ff95
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Keep-Alive: timeout=20

GET
H/1.1 200
OK MyWellnessLandingPageTestMain.css
landingst.wpengine.com/wp-content/themes/landing/MyWellnessLandingPageTest/css/ 8 KB
2 KB 243ms
123ms Stylesheet
text/css 35.196.26.136
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: http://landingst.wpengine.com/wp-content/themes/landing/MyWellnessLandingPageTest/css/MyWellnessLandingPageTestMain.css
Requested by: Host: landingst.wpengine.com
URL: http://landingst.wpengine.com/bofa-test-landing-page/
Protocol: HTTP/1.1
Server: 35.196.26.136 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 136.26.196.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 89bd383b8a393e6bf45d5e65d1db9b956a96af1c81a6d47de78c636fc4b93195

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://landingst.wpengine.com/bofa-test-landing-page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 21:57:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 09:53:23 GMT
Server: nginx
ETag: W/"64ccca93-2060"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: text/css
X-WPE-Request-ID: d5c16f77a5e44f658b1651badaa6fbae
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Keep-Alive: timeout=20

GET
H2 200 8T4onPXoTRSdutypCXbM
file.virginpulse.com/api/file/ 38 KB
39 KB 186ms
121ms Image
image/png 2606:4700::6810:d515
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.virginpulse.com/api/file/8T4onPXoTRSdutypCXbM
Requested by: Host: landingst.wpengine.com
URL: http://landingst.wpengine.com/bofa-test-landing-page/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:d515 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30652cee5990b3b76f6cbf6f26362be9254dd62b4c6e6003c1127d1484573787

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://landingst.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 21:57:53 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 4c7862a49cd83c3f3532e46f49fb0cf6.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: MXP64-C1
age: 390073
x-cache: Hit from cloudfront
content-disposition: inline; filename="bofaLogoMobile_v2.png"
content-length: 39422
x-served-by: cache-iad-kjyo7100069-IAD, cache-fra-etou8220039-FRA
last-modified: Fri, 18 Aug 2023 09:36:40 GMT
server: cloudflare
x-timer: S1692624266.541514,VS0,VE2
etag: "49bc9262c4a31f1ee2ca2dd5e1dc8588"
x-file-name: bofaLogoMobile_v2.png
access-control-max-age: 21600
access-control-allow-methods: DELETE, GET, HEAD, POST, PUT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-File-Name
cache-control: public, max-age=2678400
filestack-trace-id: 1692351400-scROPRpPQj
accept-ranges: bytes
cf-ray: 7fae5fc03f8e3668-FRA
access-control-allow-headers: Content-Type, X-No-Stream
x-amz-cf-id: MwJy_42HhKIg-YDLpKiovzPCP_HUPOFyFyL38HHlpoAJ_6tp8SaqEw==
x-cache-hits: 1, 1

GET
H/1.1 200
OK vplogo.svg
landingst.wpengine.com/wp-content/themes/landing/MyWellnessLandingPageTest/images/ 6 KB
3 KB 122ms
122ms Image
image/svg+xml 35.196.26.136
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://landingst.wpengine.com/wp-content/themes/landing/MyWellnessLandingPageTest/images/vplogo.svg
Requested by: Host: landingst.wpengine.com
URL: http://landingst.wpengine.com/bofa-test-landing-page/
Protocol: HTTP/1.1
Server: 35.196.26.136 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 136.26.196.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c79bca43366afd3cd4a2d29b9c60f24296b21dd03a3e60ec82510a31376ae4ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://landingst.wpengine.com/bofa-test-landing-page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 21:57:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 09:53:23 GMT
Server: nginx
ETag: W/"64ccca93-192b"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: image/svg+xml
X-WPE-Request-ID: 341b6b90bccf7af888a2adb3750cb497
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Keep-Alive: timeout=20

GET
H2 200 UDGg9V3FQbSortmkuCi5
file.virginpulse.com/api/file/ 2 KB
3 KB 209ms
144ms Image
image/png 2606:4700::6810:d515
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.virginpulse.com/api/file/UDGg9V3FQbSortmkuCi5
Requested by: Host: landingst.wpengine.com
URL: http://landingst.wpengine.com/bofa-test-landing-page/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:d515 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01af9483640011690a6765137ab76b11e13f10fb09c397decb3f5fc566598cd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://landingst.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 21:57:53 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 c2015c52d38ccde0fdca03737208f710.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: MXP64-C1
age: 980164
x-cache: Hit from cloudfront
content-disposition: inline; filename="faq_icon.png"
content-length: 2017
x-served-by: cache-iad-kjyo7100133-IAD, cache-fra-etou8220100-FRA
last-modified: Fri, 04 Aug 2023 09:38:36 GMT
server: cloudflare
x-timer: S1692649725.913414,VS0,VE91
etag: "03dca9508cdfa2a37b898cb5d242eace"
x-file-name: faq_icon.png
access-control-max-age: 21600
access-control-allow-methods: DELETE, GET, HEAD, POST, PUT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-File-Name
cache-control: public, max-age=2678400
filestack-trace-id: 1691761308-hFJIEfQHmp
accept-ranges: bytes
cf-ray: 7fae5fc03f8f3668-FRA
access-control-allow-headers: Content-Type, X-No-Stream
x-amz-cf-id: Mw6jP1kHaoEoJEItoXrnE0ZL--ccyWupBGlRF-tBkeXO89Rq5BaRRA==
x-cache-hits: 8, 0

GET
H/1.1 200
OK popper.min.js Show response
landingst.wpengine.com/wp-content/themes/landing/MyWellnessLandingPageTest/js/ 20 KB
8 KB 123ms
123ms Script
application/javascript 35.196.26.136
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: http://landingst.wpengine.com/wp-content/themes/landing/MyWellnessLandingPageTest/js/popper.min.js
Requested by: Host: landingst.wpengine.com
URL: http://landingst.wpengine.com/bofa-test-landing-page/
Protocol: HTTP/1.1
Server: 35.196.26.136 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 136.26.196.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://landingst.wpengine.com/bofa-test-landing-page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 21:57:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 09:53:23 GMT
Server: nginx
ETag: W/"64ccca93-4f71"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
X-WPE-Request-ID: 47beeefccca17d4e0cbdee77e388dbf7
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Keep-Alive: timeout=20

GET
H/1.1 200
OK bootstrap.min.js Show response
landingst.wpengine.com/wp-content/themes/landing/MyWellnessLandingPageTest/js/ 50 KB
14 KB 122ms
122ms Script
application/javascript 35.196.26.136
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: http://landingst.wpengine.com/wp-content/themes/landing/MyWellnessLandingPageTest/js/bootstrap.min.js
Requested by: Host: landingst.wpengine.com
URL: http://landingst.wpengine.com/bofa-test-landing-page/
Protocol: HTTP/1.1
Server: 35.196.26.136 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 136.26.196.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://landingst.wpengine.com/bofa-test-landing-page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 21:57:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 09:53:23 GMT
Server: nginx
ETag: W/"64ccca93-c62b"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
X-WPE-Request-ID: a0187c61ec1499251f8d1c1c101de283
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Keep-Alive: timeout=20

GET
H2 200 sFWQiaS5R2OBw4GPp0FF
file.virginpulse.com/api/file/ 637 KB
638 KB 184ms
122ms Image
image/jpeg 2606:4700::6810:d515
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.virginpulse.com/api/file/sFWQiaS5R2OBw4GPp0FF
Requested by: Host: landingst.wpengine.com
URL: http://landingst.wpengine.com/wp-content/themes/landing/MyWellnessLandingPageTest/css/MyWellnessLandingPageTest.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:d515 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9515879203b02be14bfe0489659aa94689be2d1afe845edd72e478fcfd02e4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://landingst.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 21:57:53 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 ab6f11597d22bd0292d6b657e4418dd2.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: MXP64-C1
age: 1602491
x-cache: Hit from cloudfront
content-disposition: inline; filename="bofaNewBackground.jpeg"
content-length: 652134
x-served-by: cache-iad-kiad7000176-IAD, cache-fra-etou8220045-FRA
last-modified: Fri, 04 Aug 2023 08:49:41 GMT
server: cloudflare
x-timer: S1692613799.151879,VS0,VE4
etag: "ad547e7ed5f2b4340c4601afc36c62dc"
x-file-name: bofaNewBackground.jpeg
access-control-max-age: 21600
access-control-allow-methods: DELETE, GET, HEAD, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-File-Name
cache-control: public, max-age=2678400
filestack-trace-id: 1691138982-pcPeS38fRK
accept-ranges: bytes
cf-ray: 7fae5fc03f933668-FRA
access-control-allow-headers: Content-Type, X-No-Stream
x-amz-cf-id: nEIFCS_xEEW7lpI_I64Ohbvrxup8mX9OGWgvGba_3YOn0efK8E26sA==
x-cache-hits: 1, 1

GET
H2 200 sY192fTCScqvumVcgCU9
file.virginpulse.com/api/file/ 6 KB
7 KB 204ms
144ms Image
image/png 2606:4700::6810:d515
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.virginpulse.com/api/file/sY192fTCScqvumVcgCU9
Requested by: Host: landingst.wpengine.com
URL: http://landingst.wpengine.com/wp-content/themes/landing/MyWellnessLandingPageTest/css/MyWellnessLandingPageTest.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:d515 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fbd21036cac49160f608b63831bb0e1cec9b75dfaab1243daab5b7894543421

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://landingst.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 21:57:53 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 d64f2c2143842e4fb6820056f2f13c48.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: MXP64-C1
age: 1599954
x-cache: Hit from cloudfront
content-disposition: inline; filename="employee.png"
content-length: 6298
x-served-by: cache-iad-kiad7000048-IAD, cache-fra-etou8220100-FRA
last-modified: Fri, 04 Aug 2023 09:31:59 GMT
server: cloudflare
x-timer: S1692649725.890159,VS0,VE2
etag: "da6d669d0747659a1719a0a5f5de62ea"
x-file-name: employee.png
access-control-max-age: 21600
access-control-allow-methods: DELETE, GET, HEAD, POST, PUT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-File-Name
cache-control: public, max-age=2678400
filestack-trace-id: 1691141519-dkMGobYoRR
accept-ranges: bytes
cf-ray: 7fae5fc03f923668-FRA
access-control-allow-headers: Content-Type, X-No-Stream
x-amz-cf-id: GfGgQ5ZvZTgfBRi4hnPUsHIDGnQ-3KNkvcmFPoaVbjfnl2ipkGN0uQ==
x-cache-hits: 1, 1

GET
H2 200 ZfSQZJK9RTKcbcbJWQrh
file.virginpulse.com/api/file/ 7 KB
8 KB 224ms
163ms Image
image/png 2606:4700::6810:d515
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.virginpulse.com/api/file/ZfSQZJK9RTKcbcbJWQrh
Requested by: Host: landingst.wpengine.com
URL: http://landingst.wpengine.com/wp-content/themes/landing/MyWellnessLandingPageTest/css/MyWellnessLandingPageTest.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:d515 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5eef61b3175527429f2421b3e782f3794507ffa5c54ad2ee0cce3054b3cec2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://landingst.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 21:57:53 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 785863fe1b0961dc0a54153752ab0c4c.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: MXP64-C1
age: 621153
x-cache: Hit from cloudfront
content-disposition: inline; filename="spouse.png"
content-length: 7651
x-served-by: cache-iad-kcgs7200023-IAD, cache-fra-etou8220039-FRA
last-modified: Fri, 04 Aug 2023 09:34:55 GMT
server: cloudflare
x-timer: S1692624266.553910,VS0,VE1
etag: "dfa109aa0ba06b87134246f396812eb8"
x-file-name: spouse.png
access-control-max-age: 21600
access-control-allow-methods: DELETE, GET, HEAD, POST, PUT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-File-Name
cache-control: public, max-age=2678400
filestack-trace-id: 1692120320-zfW5JMe7QV
accept-ranges: bytes
cf-ray: 7fae5fc03f913668-FRA
access-control-allow-headers: Content-Type, X-No-Stream
x-amz-cf-id: OWp35kZ_XhLhplR_rjJ2LWF2ZeLKFPefYDhRbZ7rliwAUa9wBIGtHA==
x-cache-hits: 1, 1

GET
H/1.1 200
OK mem8YaGs126MiZpBA-UFVZ0b.woff2
landingst.wpengine.com/wp-content/themes/landing/MyWellnessLandingPageTest/fonts/ 14 KB
14 KB 122ms
121ms Font
font/woff2 35.196.26.136
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: http://landingst.wpengine.com/wp-content/themes/landing/MyWellnessLandingPageTest/fonts/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by: Host: landingst.wpengine.com
URL: http://landingst.wpengine.com/wp-content/themes/landing/MyWellnessLandingPageTest/css/MyWellnessLandingPageTest.css
Protocol: HTTP/1.1
Server: 35.196.26.136 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 136.26.196.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9

Request headers

Referer: http://landingst.wpengine.com/wp-content/themes/landing/MyWellnessLandingPageTest/css/MyWellnessLandingPageTest.css
Origin: http://landingst.wpengine.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 21:57:53 GMT
Last-Modified: Fri, 04 Aug 2023 09:53:23 GMT
Server: nginx
ETag: "64ccca93-36e0"
Vary: Accept-Encoding
Content-Type: font/woff2
X-WPE-Request-ID: 30477c55fe27e1efc4deb65c04ecf359
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 14048

GET
H/1.1 200
OK fa-solid-900.woff2
landingst.wpengine.com/wp-content/themes/landing/MyWellnessLandingPageTest/webfonts/ 61 KB
61 KB 121ms
121ms Font
font/woff2 35.196.26.136
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: http://landingst.wpengine.com/wp-content/themes/landing/MyWellnessLandingPageTest/webfonts/fa-solid-900.woff2
Requested by: Host: landingst.wpengine.com
URL: http://landingst.wpengine.com/wp-content/themes/landing/MyWellnessLandingPageTest/fonts/font_awesome.css
Protocol: HTTP/1.1
Server: 35.196.26.136 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 136.26.196.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f

Request headers

Referer: http://landingst.wpengine.com/wp-content/themes/landing/MyWellnessLandingPageTest/fonts/font_awesome.css
Origin: http://landingst.wpengine.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 21:57:53 GMT
Last-Modified: Fri, 04 Aug 2023 09:53:24 GMT
Server: nginx
ETag: "64ccca94-f408"
Vary: Accept-Encoding
Content-Type: font/woff2
X-WPE-Request-ID: 49810de79c27e902565e9857fba23d40
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 62472

GET
H/1.1 200
OK mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
landingst.wpengine.com/wp-content/themes/landing/MyWellnessLandingPageTest/fonts/ 14 KB
15 KB 121ms
120ms Font
font/woff2 35.196.26.136
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: http://landingst.wpengine.com/wp-content/themes/landing/MyWellnessLandingPageTest/fonts/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by: Host: landingst.wpengine.com
URL: http://landingst.wpengine.com/wp-content/themes/landing/MyWellnessLandingPageTest/css/MyWellnessLandingPageTest.css
Protocol: HTTP/1.1
Server: 35.196.26.136 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 136.26.196.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 482994b911cc3e869aa8ace6d9932d67b68de83ea2885207ce165ff04c38d7bc

Request headers

Referer: http://landingst.wpengine.com/wp-content/themes/landing/MyWellnessLandingPageTest/css/MyWellnessLandingPageTest.css
Origin: http://landingst.wpengine.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 21:57:53 GMT
Last-Modified: Fri, 04 Aug 2023 09:53:23 GMT
Server: nginx
ETag: "64ccca93-3980"
Vary: Accept-Encoding
Content-Type: font/woff2
X-WPE-Request-ID: 2f4e91007634300e6bcb0bfb83827bc2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 14720

GET
H/1.1 200
OK mem5YaGs126MiZpBA-UNirkOUuhp.woff2
landingst.wpengine.com/wp-content/themes/landing/MyWellnessLandingPageTest/fonts/ 14 KB
15 KB 213ms
122ms Font
font/woff2 35.196.26.136
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: http://landingst.wpengine.com/wp-content/themes/landing/MyWellnessLandingPageTest/fonts/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by: Host: landingst.wpengine.com
URL: http://landingst.wpengine.com/wp-content/themes/landing/MyWellnessLandingPageTest/css/MyWellnessLandingPageTest.css
Protocol: HTTP/1.1
Server: 35.196.26.136 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 136.26.196.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d61b45b8b3cded238a65ee0aac4043b989f11cee56acfe5c889777f961f241a2

Request headers

Referer: http://landingst.wpengine.com/wp-content/themes/landing/MyWellnessLandingPageTest/css/MyWellnessLandingPageTest.css
Origin: http://landingst.wpengine.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 21:57:53 GMT
Last-Modified: Fri, 04 Aug 2023 09:53:23 GMT
Server: nginx
ETag: "64ccca93-38d0"
Vary: Accept-Encoding
Content-Type: font/woff2
X-WPE-Request-ID: 06ac23a9676b73e53c9ad31f00cbcaa2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 14544

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank of America (Banking)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.virginpulse.com/	1970-01-20 14:12:23	Name: __cf_bm Value: uKguEfYu51OZQ7EZ9Y1haOF5k5T0PRXiQ17rNpXxJWI-1692741473-0-AQ9k0wIJdd7PNg3K0B5SO8tXbf4n+8B7TxaPCgAZA6ixITWOnTGzL3182QKkwrRtUT47qMYQpZKToxDz8AcNS3OHPQIJ4/Wsi+Zpb4PX3LRO

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self';script-src 'self' https://js-agent.newrelic.com/ https://code.jquery.com/ https://cdnjs.cloudflare.com/ https://stackpath.bootstrapcdn.com/ https://ajax.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://landing.virginpulse.com/ https://www.googletagmanager.com/ 'unsafe-inline';script-src-elem 'self' https://js-agent.newrelic.com/ https://code.jquery.com/ https://cdnjs.cloudflare.com/ https://stackpath.bootstrapcdn.com/ https://ajax.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://landing.virginpulse.com/ https://www.googletagmanager.com/ 'unsafe-inline';style-src 'self' https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://landing.virginpulse.com/ https://stackpath.bootstrapcdn.com/ 'unsafe-inline';style-src-elem 'self' https://maxcdn.bootstrapcdn.com/ https://fonts.googleapis.com/ https://landing.virginpulse.com/ https://stackpath.bootstrapcdn.com/ 'unsafe-inline';font-src 'self' https://fonts.gstatic.com/ https://maxcdn.bootstrapcdn.com/ data:;img-src * 'self' data: https:;
Strict-Transport-Security	includeSubdomains; preload; max-age=63072000;

Header

Value

Content-Security-Policy

Strict-Transport-Security

includeSubdomains; preload; max-age=63072000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

file.virginpulse.com
landingst.wpengine.com
2606:4700::6810:d515
35.196.26.136
01af9483640011690a6765137ab76b11e13f10fb09c397decb3f5fc566598cd4
29bfb6629dc9eb56bcb6c99c09f9544c95cf98ed0ceacc80d119fad11b8f2199
2fbd21036cac49160f608b63831bb0e1cec9b75dfaab1243daab5b7894543421
30652cee5990b3b76f6cbf6f26362be9254dd62b4c6e6003c1127d1484573787
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9
482994b911cc3e869aa8ace6d9932d67b68de83ea2885207ce165ff04c38d7bc
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
89bd383b8a393e6bf45d5e65d1db9b956a96af1c81a6d47de78c636fc4b93195
a80fb032e98ea1dc965aef77ae04d37d5119fbbcc2c2b676af36736c1d8defc2
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef
c79bca43366afd3cd4a2d29b9c60f24296b21dd03a3e60ec82510a31376ae4ca
d5eef61b3175527429f2421b3e782f3794507ffa5c54ad2ee0cce3054b3cec2a
d61b45b8b3cded238a65ee0aac4043b989f11cee56acfe5c889777f961f241a2
f3e8833b989e30d3b091afec83d2e6b7f72635c63936e17d327435ee7c4e061a
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
f9515879203b02be14bfe0489659aa94689be2d1afe845edd72e478fcfd02e4d

landingst.wpengine.com Open in urlscan Pro 35.196.26.136 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

26 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

902 kBTransfer

1212 kBSize

1 Cookies

4 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

landingst.wpengine.com Open in urlscan Pro
35.196.26.136 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

26 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

902 kB
Transfer

1212 kB
Size

1
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!