areaspla.com Open in urlscan Pro
217.76.132.218 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://areaspla.com/wp-includes/js/login/question3.php
Submission: On June 09 via automatic, source openphish (June 9th 2022, 1:31:51 am UTC) — Scanned from ES

Summary HTTP 45 Redirects Links 185 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 14 domains to perform 45 HTTP transactions. The main IP is 217.76.132.218, located in Spain and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is areaspla.com.

This is the only time areaspla.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: USAA (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1	217.76.132.218 217.76.132.218	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
18	104.111.229.42 104.111.229.42	16625 (AKAMAI-AS) (AKAMAI-AS)
2 11	104.89.39.85 104.89.39.85	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.75.88.194 104.75.88.194	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	52.59.84.128 52.59.84.128	16509 (AMAZON-02) (AMAZON-02)
3	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:214... 2600:9000:214f:ea00:16:4ed5:12c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:2400:7:f1a3:af00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
45	14

1 217.76.132.218 (Spain)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: llgi819.servidoresdns.net

areaspla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.111.229.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-229-42.deploy.static.akamaitechnologies.com

s.usaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content.usaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.89.39.85 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-39-85.deploy.static.akamaitechnologies.com

tms.usaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
da.usaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.88.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-194.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.84.128 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-84-128.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)

znb1hw37qc9ivyln7-usaa.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:ea00:16:4ed5:12c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.mczbf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:2400:7:f1a3:af00:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.sjwoe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	usaa.com 2 redirects s.usaa.com — Cisco Umbrella Rank: 54936 content.usaa.com — Cisco Umbrella Rank: 39021 tms.usaa.com — Cisco Umbrella Rank: 29938 da.usaa.com — Cisco Umbrella Rank: 29912 Failed	651 KB
3	qualtrics.com znb1hw37qc9ivyln7-usaa.siteintercept.qualtrics.com — Cisco Umbrella Rank: 38076 siteintercept.qualtrics.com — Cisco Umbrella Rank: 860	23 KB
2	mczbf.com www.mczbf.com — Cisco Umbrella Rank: 7739	15 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 75	83 KB
1	google.es www.google.es — Cisco Umbrella Rank: 16990	548 B
1	google.com www.google.com — Cisco Umbrella Rank: 4	548 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 46	2 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 122	15 KB
1	sjwoe.com www.sjwoe.com — Cisco Umbrella Rank: 10142	422 B
1	agkn.com d.agkn.com — Cisco Umbrella Rank: 531	778 B
1	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 853	694 B
1	areaspla.com areaspla.com	66 KB
0	tealiumiq.com Failed datacloud.tealiumiq.com Failed
0	usaa360.com Failed gb.usaa360.com Failed
45	14

	Domain	Requested by
11	content.usaa.com	areaspla.com s.usaa.com
9	tms.usaa.com	1 redirects areaspla.com
7	s.usaa.com	areaspla.com s.usaa.com
2	siteintercept.qualtrics.com	znb1hw37qc9ivyln7-usaa.siteintercept.qualtrics.com siteintercept.qualtrics.com
2	www.mczbf.com	tms.usaa.com www.mczbf.com
2	www.googletagmanager.com	tms.usaa.com www.googletagmanager.com
2	da.usaa.com	tms.usaa.com
1	www.google.es
1	www.google.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.sjwoe.com	www.mczbf.com
1	znb1hw37qc9ivyln7-usaa.siteintercept.qualtrics.com
1	d.agkn.com	tms.usaa.com
1	tags.tiqcdn.com	tms.usaa.com
1	areaspla.com
0	datacloud.tealiumiq.com Failed	tms.usaa.com
0	gb.usaa360.com Failed	tms.usaa.com
45	18

This site contains links to these domains. Also see Links.

Domain
www.usaa.com
trustsealinfo.websecurity.norton.com

Subject Issuer	Validity	Valid
www.usaa.com DigiCert SHA2 Extended Validation Server CA	`2022-04-05` - `2023-05-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
www.mczbf.com Amazon	`2021-07-20` - `2022-08-18`	a year	crt.sh
*.qualtrics.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-04` - `2023-05-04`	a year	crt.sh
www.sjwoe.com Amazon	`2022-01-13` - `2023-02-11`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.google.es GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://areaspla.com/wp-includes/js/login/question3.php
Frame ID: E7FD59F6CF1EA6D15A6513BAC0151549
Requests: 47 HTTP requests in this frame

Frame: https://d.agkn.com/iframe/9297/?type=1000&che=0.7700165869545972
Frame ID: 44B6139543E593B105922EC2D8A7D477
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Security Question | USAA

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

YUI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/yui/|yui\.yahooapis\.com)

Page Statistics

45
Requests

67 %
HTTPS

46 %
IPv6

14
Domains

18
Subdomains

14
IPs

4
Countries

928 kB
Transfer

2114 kB
Size

12
Cookies

185 Outgoing links

These are links going to different origins than the main page.

URL: https://www.usaa.com/inet/ent_home/CpHome?action=USAAHome&wa_ref=pri_auth_nav_home

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_home/CpHome?action=INIT&action=INIT&wa_ref=pri_auth_nav_home
Title: My USAA

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/money_movement_payments?wa_ref=pri_global_tools_pmts
Title: Payments

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_multipay/CpBillPay?action=INIT&wa_ref=pri_global_tools_pmts_paybills
Title: Pay Bills

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/bank_lmt/BkCheckRequest?action=INIT&wa_ref=pri_global_tools_pmts_offcheck
Title: Get an Official Check

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/gas_bank/BkAccountsWSession?action=AccountCheckReorder&wa_ref=pri_global_tools_pmts_reorder_check
Title: Reorder Checks

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_multipay/CpBillPay?action=ReviewHistoryTask&wa_ref=pri_global_tools_pmts_view_activity
Title: View Payment Activity

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/gas_pc_pas/GyMemberAutoHistoryServlet?action=INIT&alias=servlet&wa_ref=pri_global_tools_ins_chgautocoverage
Title: Change Auto Coverage

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/gas_pc_pas/GyMemberAutoIdServlet?action=INIT&wa_ref=pri_global_tools_ins_proofofins
Title: Request Proof-of-Insurance Card

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/home_value_monitoring_main?wa_ref=pri_global_tools_real_estate_home_value_monitoring
Title: Home Value Monitoring

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/locationassessment/location?wa_ref=pri_global_products_realestate_pra
Title: Property Risk Assessment

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/gas_bank/BkEnvs?action=INIT&referralID=ZUSA000881&product_type=MyCar&wa_ref=pri_global_tools_vehicle_mycar
Title: My Car

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/money_movement_deposits_landing?wa_ref=pri_global_tools_deposits
Title: Deposits

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/bank_deposit/BkHomeDeposit?action=INIT&wa_ref=pri_global_tools_deposits_athome
Title: Deposit@Home

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/deposit_at_mobile_main?wa_ref=pri_global_tools_deposits_atmobile
Title: Deposit@Mobile

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/usaa_easy_deposits_main?wa_ref=pri_global_tools_deposits_easydeposit
Title: Easy Deposit at The UPS Store

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/usaa_deposit_taking_atms?wa_ref=pri_global_tools_deposits_atm
Title: Deposit at ATM

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/gas_bank/BkAccountsWSession?action=AccountDepositEnvelopeOrder&wa_ref=pri_global_tools_deposits_env_slips
Title: Reorder Deposit Envelopes & Slips

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/imco_accountmaint/ImNewsAndResearch?name=NewsAndResearch&wa_ref=pri_global_tools_investments_getstockquote
Title: Get a Stock Quote

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/imco_accountmaint/ImNewsAndResearch?name=NewsAndResearch&wa_ref=pri_global_tools_investments_marketnews
Title: Market News & Research

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/transfer_nonusaa_investment_account_main?wa_ref=pri_subglobalnav_transfer_non_USAA_accounts
Title: Transfer a Non-USAA Investment

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/bk_ira/entIraAccounts?wa_ref=pri_global_tools_ira_withdraw
Title: Withdraw from Your IRA

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/money_movement_transfers?wa_ref=pri_global_tools_transfers
Title: Transfers

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_xfer/CpFundsTransfer?action=INIT&wa_ref=pri_global_tools_transfers_betweenaccounts
Title: Transfer between Accounts

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_xfer/CpFundsTransfer?action=ReviewRecurringHistoryTask&wa_ref=pri_global_tools_transfers_auto_transfer
Title: View Automatic Transfers

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_xfer/CpFundsTransfer?action=ReviewHistoryTask&wa_ref=pri_global_tools_transfers_view_activity
Title: View Transfer Activity

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_acctmaint/CpAcctMaint?action=INIT&wa_ref=pri_global_tools_transfers_add_an_account
Title: Add an Account

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_acctmaint/CpAcctMaint?action=ManageAcctsTask&wa_ref=pri_global_tools_transfers_manage_accounts
Title: Manage Accounts

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/enc/ent_wires/EntWireTransfer?flowState=reset&flowState=reset&wa_ref=pri_global_tools_transfers_wire
Title: Wire Transfer

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_edd/CpEdd?action=INIT&wa_ref=pri_global_tools_addlservices_viewdocs
Title: View Documents

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/usaa_forms_main?wa_ref=pri_global_tools_addlservices_getforms
Title: Get Forms

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_upload_documents/uploadDocs/?action=init&wa_ref=pri_global_tools_addlservices_scanupload
Title: Send Documents to USAA

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_pfm_moneymanager/EntMoneyManager/TrackYourMoney?flowState=reset&wa_ref=pri_global_budgetinggoals_trackyourmoney
Title: Track Money

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_pfm_moneymanager/EntMoneyManager/Budget?flowState=reset&wa_ref=pri_global_budgetinggoals_mybudget
Title: Budget

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_pfm_moneymanager/EntMoneyManager/InvestmentView?flowState=reset&wa_ref=pri_global_budgetinggoals_investmentview
Title: Investment View

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_accumulation_goal/GoalSummary/?wa_ref=pri_global_budgetinggoals_goals
Title: Goals

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_savings_advisor/EntSavingsAdvisorWeb/LandingPage?flowState=reset&wa_ref=pri_global_budgetinggoals_savingsbooster
Title: Savings Booster

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/bank_lmt/BkCreditCardCashAdv?action=INIT&wa_ref=pri_global_creditcards_creditcardcashadvance
Title: Credit Card Cash Advance

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/enc/bank_mm/BkBalanceTransfer?action=INIT&wa_ref=pri_global_creditcards_creditcardbalancetransfers
Title: Credit Card Balance Transfers

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_home/CpHome?action=INIT&action=INIT&wa_ref=pri_global_creditcards_manageprepaidspendingcard
Title: Manage Pre-Paid Spending Card

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_securityadvisor/page/SecurityAdvisorHomePage?wa_ref=pri_global_securityprivacy_securityadvisor
Title: My Security Advisor

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/our-products-main?wa_ref=pri_global_products_viewall
Title: View All Products

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/in_insurance/InMainMenu?action=INIT&wa_ref=pri_global_products_ins
Title: Insurance

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/auto_insurance_main?wa_ref=pri_global_products_ins_auto
Title: Auto Insurance

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/insurance_home_renters?wa_ref=pri_global_products_ins_renters
Title: Renters Insurance

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/insurance_home_condo?wa_ref=pri_global_products_ins_homeowner
Title: Homeowner Insurance

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/insurance_home_rental_home?wa_ref=pri_global_products_ins_rental_prop
Title: Rental Property Insurance

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/insurance_home_value_items?wa_ref=pri_global_products_ins_vpp
Title: Valuable Personal Property Insurance

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/insurance_home_main?wa_ref=pri_global_products_ins_home_property
Title: Home & Property Insurance

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/insurance_home_flood?wa_ref=pri_global_products_ins_flood
Title: Flood Insurance

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/gas_life/LhProfiledPages?PageId=lh_life_mainmenu&wa_ref=pri_global_products_ins_life
Title: Life Insurance

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/gas_life/LhProfiledAnnuity?action=init&wa_ref=pri_global_products_ins_annuities
Title: Annuities

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/insurance_home_umbrella?wa_ref=pri_global_products_ins_umbrella
Title: Umbrella Insurance

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/recreational_vehicle_insurance_main?wa_ref=pri_global_products_ins_recreationvehicle
Title: Motorcycle, RV & Boat Insurance

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/insurance_business?wa_ref=pri_global_products_ins_business
Title: Small Business Insurance

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/other_insurance_main?wa_ref=pri_global_products_ins_addlinssolutions
Title: Additional Insurance

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_edp/edp/PackageSelection?action=INIT&wa_ref=pri_global_products_package_view_all
Title: View All Product Packages

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/gas_bank/BkMainMenu?action=INIT&wa_ref=pri_global_products_bank
Title: Banking

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/bank_checking_main?wa_ref=pri_global_products_bank_checking
Title: Checking Accounts

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/bank_savings?wa_ref=pri_global_products_bank_savings
Title: Savings Account

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/banking_credit_cards_main?wa_ref=pri_global_products_bank_cc
Title: Credit Cards

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/bank_loan_auto_main?wa_ref=pri_global_products_bank_auto
Title: Auto Loans

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/extended_vehicle_protection_program_main_page?wa_ref=pri_global_products_bank_extvehprot
Title: Extended Vehicle Protection

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/bank_cds?wa_ref=pri_global_products_bank_cd
Title: Certificates of Deposit

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/bank_loan_mortgages_product?wa_ref=pri_global_products_bank_mortgages
Title: Home Mortgages

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/bank_real_estate_rewards_network_main?wa_ref=pri_global_products_movers_adv
Title: USAA Real Estate Rewards Network

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/bank_loan_personal?wa_ref=pri_global_products_bank_personal
Title: Personal Loans

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/bank_loan_recreational_vehicle?wa_ref=pri_global_products_bank_recreationvehicle
Title: Motorcycle, RV & Boat Loans

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/creditcheck_monitoring_main?wa_ref=pri_global_products_bank_creditmonitor
Title: Credit Monitoring & ID Protection

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/bank_youth?wa_ref=pri_global_products_bank_youthbanking
Title: Youth Banking

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/college_savings_and_money?wa_ref=pri_global_products_bank_collegebanking
Title: College Products

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/imco_storefront/ImcoStorefront/?wa_ref=pri_global_products_invest
Title: Investing

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/imco_storefront/ImcoStorefront/DIYInvesting?wa_ref=pri_global_products_invest_get_started
Title: Help Me Get Started

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/imco_storefront/ImcoStorefront/MutualFunds?wa_ref=pri_global_products_invest_mutualfunds
Title: USAA Mutual Funds

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/imco_storefront/ImcoStorefront/StockBond?wa_ref=pri_global_products_invest_stockbond
Title: Stocks, Bonds, Funds & ETFs

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/imco_storefront/ImcoStorefront/RetirementAccounts?wa_ref=pri_global_products_invest_retire
Title: IRAs

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/imco_storefront/ImcoStorefront/ManagedMoney?wa_ref=pri_global_products_invest_personalassetmgmt
Title: USAA Managed Money

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/imco_storefront/ImcoStorefront/CollegeSavings?wa_ref=pri_global_products_invest_collegesavings
Title: 529 College Savings

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/insurance_annuities_main?wa_ref=pri_global_products_invest_annuities
Title: Annuities

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/imco_storefront/ImcoStorefront/EducationMain?wa_ref=pri_global_products_invest_inv_ed
Title: Investor Education

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/imco_storefront/ImcoStorefront/MarketInsight?wa_ref=pri_global_products_invest_marketinsight
Title: Market Insight

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/real-estate-main?wa_ref=pri_global_products_realestate
Title: Real Estate

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/bank_loan_mortgages_product?wa_ref=pri_global_products_realestate_mortgage
Title: Mortgages

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/bank_loan_refinance_my_home?wa_ref=pri_global_products_realestate_refinance
Title: Refinance

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/mortgage_VA_loan_landing?wa_ref=pub_global_products_realestate_valoans
Title: VA Loans

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/Moversadvantage_Main?wa_ref=pri_global_products_realestate_agentfinder
Title: Real Estate Agent Finder

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/bank_loan_mortgages_home_solutions?wa_ref=pri_global_products_realestate_homerentalsearch
Title: Home & Rental Search

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_retirement_planning_main?wa_ref=pri_global_products_retire
Title: Retirement Planning

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/imco_storefront/ImcoStorefront/Rollover?wa_ref=pri_global_products_retire_rollover
Title: Rollovers & Transfers

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/financial_planning_personal_plan?wa_ref=pri_global_products_retire_financialplanning
Title: Financial Planning

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/financial_planning_select_program?wa_ref=pri_global_products_retire_wealthmgmt
Title: USAA Wealth Management

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/financial_planning_trust_services?wa_ref=pri_global_products_retire_trustservices
Title: Trust Services

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/insurance_health_insurance_main?wa_ref=pri_global_products_health
Title: Health Insurance

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/insurance_dental_solutions_main?wa_ref=pri_global_products_health_dental
Title: Dental

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/insurance_vision_solutions_main?wa_ref=pri_global_products_health_vision
Title: Vision

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/insurance_medicare_solutions_main?wa_ref=pri_global_products_health_medicare
Title: Medicare

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/insurance_major_medical_solutions_main?wa_ref=pri_global_products_health_majormed
Title: Major Medical

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/long_term_care_insurance_main?wa_ref=pri_global_products_health_ltc
Title: Long-Term Care

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/shopping_and_discounts_main?wa_ref=pri_global_products_discounts
Title: Shopping & Discounts

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/home_online_security_main?wa_ref=pri_global_products_shopping_home
Title: Home Solutions

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/travel_main?wa_ref=pri_global_products_shopping_travel
Title: Travel Deals

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/retail_and_discounts_main?wa_ref=pri_global_products_shopping_retail
Title: Online Shopping

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/car_buying_services_products?wa_ref=pri_global_products_discounts_carbuying
Title: Car Buying Service

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/your-life-events-main_redirect?wa_ref=pri_global_lifeevents_viewall
Title: View All Advice Center

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_retirement_planning_main?wa_ref=pri_global_lifeevents_retire
Title: Your Retirement

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_ret_accumulation/EntRetirementAccumulation/?wa_ref=pri_global_lifeevents_retire_ontrack
Title: Am I on Track?

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_retirement_getting_started_menu?wa_ref=pri_global_lifeevents_start_retirement
Title: Getting Started

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_retirement_growing_menu?wa_ref=pri_global_lifeevents_grow_retirement
Title: Growing Your Retirement

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_retirement_living_in_menu?wa_ref=pri_global_lifeevents_live_retirement
Title: Living in Retirement

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_retirement_estate_planning_menu?wa_ref=pri_global_lifeevents_estate
Title: Estate Planning

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_tax_center_main?wa_ref=pri_global_lifeevents_finances_taxes
Title: Tax Center

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/imco_storefront/ImcoStorefront/MarketInsight?wa_ref=pri_global_lifeevents_finances_marketinsight
Title: Market Insight

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_finances_understanding_investments_menu?wa_ref=pri_global_lifeevents_understand_investments
Title: Understanding Investments

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_finances_saving_and_budgeting_menu?wa_ref=pri_global_lifeevents_finances_savingbudgeting
Title: Saving & Budgeting

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_finances_debt_credit_menu?wa_ref=pri_global_lifeevents_debtcredit
Title: Managing Debt & Credit

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_finances_financial_setbacks_menu?wa_ref=pri_global_lifeevents_financial_setbacks
Title: Financial Setbacks

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/financial_advice_community_main?wa_ref=pri_global_lifeevents_finances_asksusaa
Title: Ask USAA a Financial Question

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_family_getting_married_menu?wa_ref=pri_global_lifeevents_get_married
Title: Getting Married

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_family_becoming_a_parent_menu?wa_ref=pri_global_lifeevents_become_parent
Title: Becoming a Parent

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_family_parenting_menu?wa_ref=pri_global_lifeevents_parenting
Title: Parenting

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_family_young_adult_menu?wa_ref=pri_global_lifeevents_young_adults
Title: Young Adults

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_family_getting_divorced_menu?wa_ref=pri_global_lifeevents_get_divorced
Title: Getting Divorced

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_family_loss_of_a_loved_one_menu?wa_ref=pri_global_lifeevents_loss_loved_one
Title: Loss of a Loved One

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_family_life_insurance_menu?wa_ref=pri_global_lifeevents_life_ins
Title: Life Insurance

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_family_health_insurance_menu?wa_ref=pri_global_lifeevents_health_ins
Title: Health Insurance

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_about_protection?wa_ref=pri_global_lifeevents_disasterrecovery
Title: Disaster & Recovery

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_about_protection?wa_ref=pri_global_lifeevents_disasterrecovery_earthquakes
Title: Earthquakes

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_about_protection?wa_ref=pri_global_lifeevents_disasterrecovery_floodsstorms
Title: Floods & Storms

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_about_protection?wa_ref=pri_global_lifeevents_disasterrecovery_hurricanes
Title: Hurricanes

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_about_protection?wa_ref=pri_global_lifeevents_disasterrecovery_tornadoes
Title: Tornadoes

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_about_protection?wa_ref=pri_global_lifeevents_disasterrecovery_wildfires
Title: Wildfires

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_about_protection?wa_ref=pri_global_lifeevents_disasterrecovery_winterstorms
Title: Winter Storms

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_joining_the_military_menu?wa_ref=pri_global_lifeevents_join_military
Title: Joining the Military

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_deployment_menu?wa_ref=pri_global_lifeevents_deploy
Title: Deployment

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_permanent_change_station_menu?wa_ref=pri_global_lifeevents_pcs
Title: PCS

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_leaving_the_military_menu?wa_ref=pri_global_lifeevents_leave_military
Title: Leaving the Military

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_auto_buying_selling_menu?wa_ref=pri_global_lifeevents_buysell_auto
Title: Buying & Selling

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_auto_maintaining_protecting_menu?wa_ref=pri_global_lifeevents_maintain_auto
Title: Maintaining & Protecting

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_home_buying_selling_menu?wa_ref=pri_global_lifeevents_home_buy
Title: Buying & Selling

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_home_renting_menu?wa_ref=pri_global_lifeevents_home_rent
Title: Renting

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_home_maintaining_menu?wa_ref=pri_global_lifeevents_home_maintain
Title: Maintaining & Protecting

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_home_refinancing_menu?wa_ref=pri_global_lifeevents_refinance
Title: Refinance

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_home_rental_properties_menu?wa_ref_pri_global_lifeevents_manage_rental
Title: Managing a Rental

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_changing_jobs_menu?wa_ref=pri_global_lifeevents_change_jobs
Title: Changing Jobs

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_education_training_menu?wa_ref=pri_global_lifeevents_education
Title: Education & Training

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/planners_and_calculators_main?wa_ref=pri_global_lifeevents_calculators
Title: Planners & Calculators

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/financial_readiness_score_landing?wa_ref=pri_global_life_events_frs
Title: Financial Readiness Score

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/money_manager_informational_landing?wa_ref=pri_global_life_events_money_manager
Title: Money Manager

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/life_insurance_advice/LifeInsuranceAdvice/?action=INIT&wa_ref=pri_global_life_events_life_needs
Title: Life Insurance Needs

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_mortgage_affordability_calculator_main?wa_ref=pri_global_life_events_mrtg_afford_calc
Title: Mortgage Affordability

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pc_claims_ext/PcClaimsHome?action=INIT&wa_ref=pri_global_tools_claims_viewall
Title: View All Claims

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pc_claims_ext/PcClaimsHome?action=INIT&wa_ref=pri_global_tools_claims_reportclaim
Title: Report a Claim

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pc_claims_ext/PcClaimsHome?action=INIT&wa_ref=pri_global_tools_claims_status
Title: Claims Status

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/insurance_claims_fraud_main?wa_ref=pri_global_tools_claims_claimsfraud
Title: Insurance Claims Fraud

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/advice_about_protection?wa_ref=pri_global_tools_claims_disasterrecov
Title: Disaster & Recovery Center

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/ContactUsInternational?wa_ref=pri_globalnav_contactusinternational
Title: Calling from International

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/ContactUsMain?wa_ref=pri_auth_nav_other_contact
Title: Contact & Support Center

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/security_center?wa_ref=pri_auth_nav_security
Title: Security Center

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_locationServices/UsaaLocator/?wa_ref=pri_globalnav_help_atm_usaalocations
Title: ATMs & Locations

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/usaa_financial_center?wa_ref=pri_globalnav_contactus_financialctrhub_loc
Title: Financial Center

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_messagehub/MessageCenterMainPage/MessageCenterMainPage?action=INIT&wa_ref=pri_auth_nav_alertsandactions
Title: Alerts & Actions

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_membervalue/MemberValue?wa_ref=pri_global_memberAdvantages
Title: Points & Rewards

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_offers_app/EntMyOffersServlet?action=INIT&mainPage=true&wa_ref=pri_global_myoffers
Title: Offers

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_personalinfo/CustProfSummary?action=INIT&wa_ref=pri_auth_persinfo
Title: Profile & Preferences 1

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_logoff/Logoff?action=INIT&wa_ref=pri_auth_nav_logoffs
Title: Log Off

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_community_profile/sso?referer=https://communities.usaa.com/&wa_ref=pri_global_social_bar_footer_member_community&flowState=reset
Title: Share. Connect. Explore. Visit the Member Community.

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_community_profile/sso?referer=https://communities.usaa.com/t5/Ask-USAA/ct-p/ask-usaa&wa_ref=pri_global_socialbar_footer_community_finadvice&flowState=reset
Title: Financial Questions & Answers

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/usaa_mobile_main?wa_ref=global_socialbar_footer_mobile
Title: GO MOBILEapps & more

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/global-community-bar-fb-redirect?wa_ref=global_socialbar_footer_facebook

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/global-community-bar-tw-redirect?wa_ref=global_socialbar_footer_twitter

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/global-community-bar-yt-redirect?wa_ref=global_socialbar_footer_youtube

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/usaa_social_main?wa_ref=global_socialbar_footer_more

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/about_usaa_main?wa_ref=private_subglobal_footer_about_usaa_page
Title: Corporate Info & Media

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_community_profile/sso?flowState=reset&referer=https://communities.usaa.com/t5/News-Center/ct-p/news-center&wa_ref=pri_subglobal_footer_newscenter
Title: News Center

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/security_protect_your_personal_information?wa_ref=pri_subglobal_footer_privacy_promise
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.usaa.com/careers?wa_ref=pub_subglobal_footer_career_center_page
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/accessibility_at_usaa_main?wa_ref=pri_subglobal_footer_accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/ContactUsOtherServices?wa_ref=private_subglobal_footerUtility_utilityLevelZeroPriReg_CONTACTUS
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/site_map?wa_ref=private_subglobal_footerUtility_utilityLevelZeroPriReg_SITEMAP
Title: Site Map

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/mc_faq/McFAQ?app=CpFaq&FAQPageID=CorpRegistrationFaq&wa_ref=private_subglobal_footerUtility_utilityLevelZeroPriReg_FAQS
Title: FAQs

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/site_terms_and_conditions?wa_ref=private_subglobal_footerUtility_utilityLevelZeroPriReg_TERMCONDITIONS
Title: Site Terms

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_home/CpHome?action=INIT&initCobrowse=https://www.usaa.com/inet/ent_memberassistance/Cobrowse?action=COBROWSE&isWicket=true&AppId=SecurityQuestionsApplication&PageId=SecurityQuestionsPage&SubPageId=null
Title: Need help? (Opens pop-up layer)

Search URL Search Domain Scan URL

URL: https://trustsealinfo.websecurity.norton.com/splash?form_file=fdf/splash.fdf&dn=www.usaa.com&lang=en
Title: USAA.com is Norton Secured. View Norton VeriSign Certificate

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_utils/CrossChannelAuthRedirect?currentAppId=SecurityQuestionsApplication&targetChannel=mobileMember&targetLookAndFeel=default
Title: Switch to mobile site

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/pages/security_online_information_gathering
Title: About Our Ads

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

http://tms.usaa.com/main/prod/utag.js HTTP 301
https://tms.usaa.com/main/prod/utag.js

Request Chain 23

http://tms.usaa.com/main/prod/utag.481.js?utv=ut4.46.202206061809 HTTP 307
https://tms.usaa.com/main/prod/utag.481.js?utv=ut4.46.202206061809

Request Chain 24

http://tms.usaa.com/main/prod/utag.425.js?utv=ut4.46.202206061809 HTTP 307
https://tms.usaa.com/main/prod/utag.425.js?utv=ut4.46.202206061809

Request Chain 25

http://tms.usaa.com/main/prod/utag.645.js?utv=ut4.46.202206061809 HTTP 307
https://tms.usaa.com/main/prod/utag.645.js?utv=ut4.46.202206061809

Request Chain 26

http://tms.usaa.com/main/prod/utag.277.js?utv=ut4.46.202206061809 HTTP 307
https://tms.usaa.com/main/prod/utag.277.js?utv=ut4.46.202206061809

Request Chain 27

http://tms.usaa.com/main/prod/utag.495.js?utv=ut4.46.202206061809 HTTP 307
https://tms.usaa.com/main/prod/utag.495.js?utv=ut4.46.202206061809

Request Chain 28

http://tms.usaa.com/main/prod/utag.437.js?utv=ut4.46.202206061809 HTTP 307
https://tms.usaa.com/main/prod/utag.437.js?utv=ut4.46.202206061809

Request Chain 29

http://tms.usaa.com/main/prod/utag.649.js?utv=ut4.46.202206061809 HTTP 307
https://tms.usaa.com/main/prod/utag.649.js?utv=ut4.46.202206061809

Request Chain 35

http://znb1hw37qc9ivyln7-usaa.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_b1Hw37QC9IVyLn7&Q_LOC=http%3A%2F%2Fareaspla.com%2Fwp-includes%2Fjs%2Flogin%2Fquestion3.php HTTP 307
https://znb1hw37qc9ivyln7-usaa.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_b1Hw37QC9IVyLn7&Q_LOC=http%3A%2F%2Fareaspla.com%2Fwp-includes%2Fjs%2Flogin%2Fquestion3.php

Request Chain 37

http://da.usaa.com/b/ss/usaadev3/1/JS-2.19.0/s66176024444016?AQB=1&ndh=1&pf=1&t=9%2F5%2F2022%201%3A31%3A49%204%200&sdid=714A1BEDAE16338F-3B18E2D17FE4D374&mid=45974579914401200752058820834385865574&ce=UTF-8&ns=usaa&pageName=www%7Cent%7Cent%7Cent%7Cn_a%7Cn_a%7Csec%7Csec_security_question&g=http%3A%2F%2Fareaspla.com%2Fwp-includes%2Fjs%2Flogin%2Fquestion3.php&c.&pageloadtime=2.7&defPageName=areaspla.com%7C%7Cent_auth_secques%2Fanswer%3Fsecurityquestionspage&getTimeParting=Wednesday%7C8%3A30%20PM&getDateParting=6%2F8%2F2022&newRepeat=New&linkType=pv&.c&cc=USD&ch=ent%7Cent%7Csec%7Csec_security_question&server=areaspla.com&events=event207%3D0%2Cevent208%3D0%2Cevent209%3D0.001%2Cevent210%3D0.038%2Cevent211%3D0.047%2Cevent212%3D0.083%2Cevent213%3D1.738%2Cevent214%3D0.018%2Cevent215%3D0.087%2Cevent216&v1=%7Bxor%7DMzM1NTAxNzg4&h1=areaspla.com%7C&l1=n_a&c2=view%3Amain%3Aut4.46.202206061809&l2=n_a%3An_a&v3=ALL%20BUT%20CASUALTY&v4=www&v5=ent&v6=ent&v7=ent&v8=sec_quest_app&v9=sec_security_question&v11=www%7Cent%7Cent%7Cent%7Cn_a%7Cn_a%7Csec%7Csec_security_question&c14=%22Logged%20In%22&c25=SecurityQuestionsApplication%3ASecurityQuestionsPage&c27=main%3A277%3A425%3A437%3A481-cm%3A495%3A645-dv-av%3A649%3A&v29=1951&v30=AZ&v31=false&v32=false&v33=false&v34=false&v35=false&v36=false&v37=false&v40=false&v41=false&v42=true&v43=false&v45=false&c75=http%3A%2F%2Fareaspla.com%2Fwp-includes%2Fjs%2Flogin%2Fquestion3.php&v131=http%3A%2F%2Fareaspla.com%2Fwp-includes%2Fjs%2Flogin%2Fquestion3.php&v181=Etc%2FUnknown&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=47977B2A53A852210A490D45%40AdobeOrg&AQE=1 HTTP 301
https://da.usaa.com/b/ss/usaadev3/1/JS-2.19.0/s66176024444016?AQB=1&ndh=1&pf=1&t=9%2F5%2F2022%201%3A31%3A49%204%200&sdid=714A1BEDAE16338F-3B18E2D17FE4D374&mid=45974579914401200752058820834385865574&ce=UTF-8&ns=usaa&pageName=www%7Cent%7Cent%7Cent%7Cn_a%7Cn_a%7Csec%7Csec_security_question&g=http%3A%2F%2Fareaspla.com%2Fwp-includes%2Fjs%2Flogin%2Fquestion3.php&c.&pageloadtime=2.7&defPageName=areaspla.com%7C%7Cent_auth_secques%2Fanswer%3Fsecurityquestionspage&getTimeParting=Wednesday%7C8%3A30%20PM&getDateParting=6%2F8%2F2022&newRepeat=New&linkType=pv&.c&cc=USD&ch=ent%7Cent%7Csec%7Csec_security_question&server=areaspla.com&events=event207%3D0%2Cevent208%3D0%2Cevent209%3D0.001%2Cevent210%3D0.038%2Cevent211%3D0.047%2Cevent212%3D0.083%2Cevent213%3D1.738%2Cevent214%3D0.018%2Cevent215%3D0.087%2Cevent216&v1=%7Bxor%7DMzM1NTAxNzg4&h1=areaspla.com%7C&l1=n_a&c2=view%3Amain%3Aut4.46.202206061809&l2=n_a%3An_a&v3=ALL%20BUT%20CASUALTY&v4=www&v5=ent&v6=ent&v7=ent&v8=sec_quest_app&v9=sec_security_question&v11=www%7Cent%7Cent%7Cent%7Cn_a%7Cn_a%7Csec%7Csec_security_question&c14=%22Logged%20In%22&c25=SecurityQuestionsApplication%3ASecurityQuestionsPage&c27=main%3A277%3A425%3A437%3A481-cm%3A495%3A645-dv-av%3A649%3A&v29=1951&v30=AZ&v31=false&v32=false&v33=false&v34=false&v35=false&v36=false&v37=false&v40=false&v41=false&v42=true&v43=false&v45=false&c75=http%3A%2F%2Fareaspla.com%2Fwp-includes%2Fjs%2Flogin%2Fquestion3.php&v131=http%3A%2F%2Fareaspla.com%2Fwp-includes%2Fjs%2Flogin%2Fquestion3.php&v181=Etc%2FUnknown&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=47977B2A53A852210A490D45%40AdobeOrg&AQE=1

45 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request question3.php Show response
areaspla.com/wp-includes/js/login/ 66 KB
66 KB 86ms
46ms Document
text/html 217.76.132.218
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: http://areaspla.com/wp-includes/js/login/question3.php
Protocol: HTTP/1.1
Server: 217.76.132.218 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: llgi819.servidoresdns.net
Software: Apache /
Resource Hash: 4aec011702fc14d721f6fb962354d98ae57caa0f53798176fe27e779d1b27ba4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

Connection: Upgrade, Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 09 Jun 2022 01:31:46 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked
Upgrade: h2,h2c

GET
H2 200 aggregator
s.usaa.com/inet/resources/ 268 KB
157 KB 476ms
148ms Stylesheet
text/css 104.111.229.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s.usaa.com/inet/resources/aggregator?type=-min&fv=2.0&embed=true&k_3.9.0_reset_css:cacheid=3299152759_p&k_3.9.0_fonts_css:cacheid=3363860946_p&k_3.9.0_grids_css:cacheid=3577736449_p&k_2.0_UsaaHtmlBase_css_2:cacheid=3521151343_p&k_2.0_UsaaCommon_css_2:cacheid=2309985328_p&k_2.0_UsaaLabel_css:cacheid=4191120533_p&k_2.0_UsaaLink_css_2:cacheid=2335800588_p&k_2.0_UsaaButton_css:cacheid=1608907356_p&k_RebrandIaRestructure_css:cacheid=2166107632_p&k_RebrandFonts_css:cacheid=638946587_p&k_2.0_FootnotesContainer_css:cacheid=3317129168_p&k_2.0_UpperFootnotesContainer_css_1:cacheid=2160867919_p&k_2.0_LowerFootnotesContainer_css_1:cacheid=1384337747_p&k_2.0_CrossChannelPanel_css:cacheid=240016603_p&k_2.0_MemberFeedbackBasePanel_css:cacheid=793462235_p&k_2.0_FooterPanel_css_3:cacheid=1721575049_p&k_2.0_UsaaBase_css_2:cacheid=1673589775_p

Requested by

Host: areaspla.com
URL: http://areaspla.com/wp-includes/js/login/question3.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.229.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-42.deploy.static.akamaitechnologies.com

Software

USAA-Integrity /

Resource Hash

25f318cc7cd980402ce18bd6ea3f78ac37830449bc4498ae01d2cd30e054433b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://areaspla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 01:31:47 GMT
content-encoding: gzip
last-modified: Wed, 27 Apr 2022 22:06:42 GMT
server: USAA-Integrity
vary: Accept-Encoding
content-language: en-US
access-control-allow-origin: *
cache-control: max-age=587645
usaa_wts_jvm_agent_uuid: 00c29ef1-1efe-417a-a069-265af54e6e56
strict-transport-security: max-age=31536000
content-type: text/css; charset=UTF-8
content-length: 159199

GET
H2 200 aggregator
s.usaa.com/inet/resources/ 7 KB
3 KB 403ms
75ms Stylesheet
text/css 104.111.229.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s.usaa.com/inet/resources/aggregator?type=-min&fv=2.0&embed=true&k_2.0_HeadingLabel_css_2:cacheid=4266044238_p&k_3.9.0_overlay_css:cacheid=4602403_p&k_2.0_ModalPanel_css_2:cacheid=3434356096_p&k_2.0_UsaaFeedbackPanel_css_4:cacheid=3252368427_p&k_2.0_PairedInfoTableBorder_css_3:cacheid=3959059769_p&k_2.0_UsaaHidden_css:cacheid=2460684718_p&k_2.0_UsaaBasePageLayout_css_2:cacheid=800684293_p

Requested by

Host: areaspla.com
URL: http://areaspla.com/wp-includes/js/login/question3.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.229.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-42.deploy.static.akamaitechnologies.com

Software

USAA-Integrity /

Resource Hash

afbd51cd31fe74081f434f2bdf9b74258190c7700667087588645a697bf14531

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://areaspla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 01:31:47 GMT
content-encoding: gzip
last-modified: Wed, 27 Apr 2022 22:06:50 GMT
server: USAA-Integrity
vary: Accept-Encoding
content-language: en-US
access-control-allow-origin: *
cache-control: max-age=495651
usaa_wts_jvm_agent_uuid: 9d9e7b5b-f1cb-478c-bec5-87e5c11cc2bf
strict-transport-security: max-age=31536000
content-type: text/css; charset=UTF-8
content-length: 2076

GET
H2 200 tlClose.png
content.usaa.com/mcontent/static_assets/Media/ 397 B
845 B 377ms
66ms Image
image/png 104.111.229.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.usaa.com/mcontent/static_assets/Media/tlClose.png?cacheid=3841836057_p

Requested by

Host: areaspla.com
URL: http://areaspla.com/wp-includes/js/login/question3.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.229.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-42.deploy.static.akamaitechnologies.com

Software

USAA-Integrity /

Resource Hash

b110bcd83560d6f9960baff7ddaa2a8c4529ac63867f54903211e380b3d835e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://areaspla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 01:31:47 GMT
last-modified: Thu, 05 Dec 2013 03:07:32 GMT
server: USAA-Integrity
etag: "18d-4ecc0d4a06500"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=574091
accept-ranges: bytes
content-length: 397

GET
H2 200 enterprise_nav_globalnav_usaalogo.svg
content.usaa.com/mcontent/static_assets/Media/ 11 KB
11 KB 385ms
75ms Image
image/svg+xml 104.111.229.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.usaa.com/mcontent/static_assets/Media/enterprise_nav_globalnav_usaalogo.svg?cacheid=4189973775_p

Requested by

Host: areaspla.com
URL: http://areaspla.com/wp-includes/js/login/question3.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.229.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-42.deploy.static.akamaitechnologies.com

Software

USAA-Integrity /

Resource Hash

d1886043ac668fcd2ccb7019ba9b35ef16f7d0c3db9d9dedf3862b036a4ae2d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://areaspla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 01:31:47 GMT
last-modified: Wed, 11 Nov 2015 13:57:39 GMT
server: USAA-Integrity
etag: "2a96-524443596bac0"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: max-age=499447
accept-ranges: bytes
content-length: 10902

GET
H2 200 SocMedIcon_facebook_v2.png
content.usaa.com/mcontent/static_assets/Media/ 1 KB
2 KB 325ms
74ms Image
image/png 104.111.229.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.usaa.com/mcontent/static_assets/Media/SocMedIcon_facebook_v2.png?cacheid=2110766211_p

Requested by

Host: areaspla.com
URL: http://areaspla.com/wp-includes/js/login/question3.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.229.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-42.deploy.static.akamaitechnologies.com

Software

USAA-Integrity /

Resource Hash

e9a681648676dcb7d958f77bed911c7a8a30dabe8ef0265b5ee894205c8aef60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://areaspla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 01:31:47 GMT
last-modified: Thu, 23 Jan 2014 15:26:32 GMT
server: USAA-Integrity
etag: "518-4f0a4ddb87a00"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=569780
accept-ranges: bytes
content-length: 1304

GET
H2 200 SocMedIcon_twitter_v2.png
content.usaa.com/mcontent/static_assets/Media/ 1 KB
2 KB 340ms
90ms Image
image/png 104.111.229.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.usaa.com/mcontent/static_assets/Media/SocMedIcon_twitter_v2.png?cacheid=2393434372_p

Requested by

Host: areaspla.com
URL: http://areaspla.com/wp-includes/js/login/question3.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.229.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-42.deploy.static.akamaitechnologies.com

Software

USAA-Integrity /

Resource Hash

ad5980cb9d5ad82571e49366d26c086e2c2bbe7efe6feb729c12f9594948ba21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://areaspla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 01:31:47 GMT
last-modified: Thu, 23 Jan 2014 15:26:38 GMT
server: USAA-Integrity
etag: "587-4f0a4de140780"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=502521
accept-ranges: bytes
content-length: 1415

GET
H2 200 SocMedIcon_youtube_v2.png
content.usaa.com/mcontent/static_assets/Media/ 1 KB
2 KB 340ms
90ms Image
image/png 104.111.229.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.usaa.com/mcontent/static_assets/Media/SocMedIcon_youtube_v2.png?cacheid=2107969893_p

Requested by

Host: areaspla.com
URL: http://areaspla.com/wp-includes/js/login/question3.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.229.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-42.deploy.static.akamaitechnologies.com

Software

USAA-Integrity /

Resource Hash

d317c2e6324cdd35249a3d5b6370b68d5b018fdddecc1dec0b9660f2affff0bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://areaspla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 01:31:47 GMT
last-modified: Thu, 23 Jan 2014 15:26:26 GMT
server: USAA-Integrity
etag: "59a-4f0a4dd5cec80"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=581204
accept-ranges: bytes
content-length: 1434

GET
H2 200 SocMedIcon_more.png
content.usaa.com/mcontent/static_assets/Media/ 4 KB
4 KB 358ms
107ms Image
image/png 104.111.229.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.usaa.com/mcontent/static_assets/Media/SocMedIcon_more.png?cacheid=1317144102_p

Requested by

Host: areaspla.com
URL: http://areaspla.com/wp-includes/js/login/question3.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.229.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-42.deploy.static.akamaitechnologies.com

Software

USAA-Integrity /

Resource Hash

fda9dc9b1feb432da051add9ca8ccdcdedfe460e5e1be4df5f3d17e0bde69c87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://areaspla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 01:31:47 GMT
last-modified: Thu, 23 Jan 2014 22:11:23 GMT
server: USAA-Integrity
etag: "eb5-4f0aa8593b8c0"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=503990
accept-ranges: bytes
content-length: 3765

GET
H2 200 usaa-sprite-globalNav_v2.png
content.usaa.com/mcontent/static_assets/Media/ 56 KB
57 KB 67ms
65ms Image
image/png 104.111.229.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.usaa.com/mcontent/static_assets/Media/usaa-sprite-globalNav_v2.png?cacheid=2167270257_p

Requested by

Host: areaspla.com
URL: http://areaspla.com/wp-includes/js/login/question3.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.229.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-42.deploy.static.akamaitechnologies.com

Software

USAA-Integrity /

Resource Hash

522a5fe0b1921acbaa0925b2a50fa141b0719797d5c552ffc150415c7c44d23b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://areaspla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 01:31:47 GMT
last-modified: Fri, 13 Feb 2015 21:43:34 GMT
server: USAA-Integrity
etag: "e14a-50eff20d78d80"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=578898
accept-ranges: bytes
content-length: 57674

GET
H2 200 aggregator Show response
s.usaa.com/inet/resources/ 139 KB
48 KB 326ms
76ms Script
application/x-javascript 104.111.229.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s.usaa.com/inet/resources/aggregator?type=-min&fv=2.0&embed=true&k_3.9.0_yui:cacheid=503939227_p&k_3.9.0_loader:cacheid=2635896308_p

Requested by

Host: areaspla.com
URL: http://areaspla.com/wp-includes/js/login/question3.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.229.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-42.deploy.static.akamaitechnologies.com

Software

USAA-Integrity /

Resource Hash

67dcb0f0af3149c12b34892e3b1ca471e3a87234625190772e037aaaa8a4a9b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://areaspla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 01:31:47 GMT
content-encoding: gzip
last-modified: Thu, 28 Apr 2022 06:59:28 GMT
server: USAA-Integrity
vary: Accept-Encoding
content-language: en-US
access-control-allow-origin: *
cache-control: max-age=196295
usaa_wts_jvm_agent_uuid: a78607c9-9771-4e2b-919d-3bb295b11570
strict-transport-security: max-age=31536000
content-type: application/x-javascript; charset=UTF-8
content-length: 47885

GET
H2 200 background_general_fb.png
content.usaa.com/mcontent/static_assets/Media/ 3 KB
3 KB 61ms
60ms Image
image/png 104.111.229.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.usaa.com/mcontent/static_assets/Media/background_general_fb.png?cacheid=2934981489_p

Requested by

Host: s.usaa.com
URL: https://s.usaa.com/inet/resources/aggregator?type=-min&fv=2.0&embed=true&k_3.9.0_reset_css:cacheid=3299152759_p&k_3.9.0_fonts_css:cacheid=3363860946_p&k_3.9.0_grids_css:cacheid=3577736449_p&k_2.0_UsaaHtmlBase_css_2:cacheid=3521151343_p&k_2.0_UsaaCommon_css_2:cacheid=2309985328_p&k_2.0_UsaaLabel_css:cacheid=4191120533_p&k_2.0_UsaaLink_css_2:cacheid=2335800588_p&k_2.0_UsaaButton_css:cacheid=1608907356_p&k_RebrandIaRestructure_css:cacheid=2166107632_p&k_RebrandFonts_css:cacheid=638946587_p&k_2.0_FootnotesContainer_css:cacheid=3317129168_p&k_2.0_UpperFootnotesContainer_css_1:cacheid=2160867919_p&k_2.0_LowerFootnotesContainer_css_1:cacheid=1384337747_p&k_2.0_CrossChannelPanel_css:cacheid=240016603_p&k_2.0_MemberFeedbackBasePanel_css:cacheid=793462235_p&k_2.0_FooterPanel_css_3:cacheid=1721575049_p&k_2.0_UsaaBase_css_2:cacheid=1673589775_p

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.229.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-42.deploy.static.akamaitechnologies.com

Software

USAA-Integrity /

Resource Hash

e2e04a8e937f5b74a4c50cb7592a8e0bba54b40818d44e43ffd5c40c6b4fe72a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://s.usaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 01:31:47 GMT
last-modified: Mon, 16 Sep 2013 11:24:14 GMT
server: USAA-Integrity
etag: "b13-4e67e71a8d380"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=583317
accept-ranges: bytes
content-length: 2835

GET
H2 200 enterprise_nav_globalnav_sprite.svg
content.usaa.com/mcontent/static_assets/Media/ 3 KB
3 KB 150ms
149ms Image
image/svg+xml 104.111.229.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.usaa.com/mcontent/static_assets/Media/enterprise_nav_globalnav_sprite.svg?cacheid=3121332548_p

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.229.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-42.deploy.static.akamaitechnologies.com

Software

USAA-Integrity /

Resource Hash

32a78d62b883ff9ad4da5253ea3390908f472a71835a46d387b88bcfda209ea6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://s.usaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 01:31:47 GMT
last-modified: Mon, 14 Dec 2015 20:44:26 GMT
server: USAA-Integrity
etag: "c2a-526e1bd1f5e80"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: max-age=582633
accept-ranges: bytes
content-length: 3114

GET
DATA 200
OK truncated
/ 27 KB
27 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f53796ddf251b92b780fdff6b6cfbb1afcc8c43c085e4f8bfc8cf81fb2ceef99

Request headers

Referer
Origin: http://areaspla.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 17 KB
17 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1e6fe52eb77428387c40bca6ac1dc5e04e32df118ee60b85ed60dd3c953c22a

Request headers

Referer
Origin: http://areaspla.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 28 KB
28 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a496651fb1b9fc3b0294fb776f0ee858a5439d6bc5b7c8d99de314180a4cd713

Request headers

Referer
Origin: http://areaspla.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
H2 200 bgFooter_v2.png
content.usaa.com/mcontent/static_assets/Media/ 496 B
941 B 66ms
66ms Image
image/png 104.111.229.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.usaa.com/mcontent/static_assets/Media/bgFooter_v2.png?cacheid=1109381259_p

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.229.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-42.deploy.static.akamaitechnologies.com

Software

USAA-Integrity /

Resource Hash

09fe494df49bb50492a87d2670d9839f3f4220f300b146809d36b7e805db52a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://s.usaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 01:31:47 GMT
last-modified: Wed, 18 Sep 2013 17:36:29 GMT
server: USAA-Integrity
etag: "1f0-4e6abe09ca140"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=584719
accept-ranges: bytes
content-length: 496

GET
H2 200 misc_accent_socMedia.png
content.usaa.com/mcontent/static_assets/Media/ 9 KB
9 KB 90ms
90ms Image
image/png 104.111.229.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.usaa.com/mcontent/static_assets/Media/misc_accent_socMedia.png?cacheid=2092261743_p

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.229.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-42.deploy.static.akamaitechnologies.com

Software

USAA-Integrity /

Resource Hash

70cc16695978690e74938cae7f3a5f0de6ee23b1837bddca169316c7001eecd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://s.usaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 01:31:47 GMT
last-modified: Mon, 04 Dec 2017 16:00:17 GMT
server: USAA-Integrity
etag: "224d-55f85d081a640"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=586539
accept-ranges: bytes
content-length: 8781

GET
H2 200 aggregator
s.usaa.com/inet/resources/ 766 B
2 KB 61ms
61ms Stylesheet
text/css 104.111.229.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s.usaa.com/inet/resources/aggregator?type=-min&fv=2.0&p_/javascript/ent/thirdparty/yui/yui3_9_0/widget-base/assets/skins/sam/widget-base.css&p_/javascript/ent/thirdparty/yui/yui3_9_0/widget-stack/assets/skins/sam/widget-stack.css&p_/javascript/ent/thirdparty/yui/yui3_9_0/overlay/assets/skins/sam/overlay.css

Requested by

Host: s.usaa.com
URL: https://s.usaa.com/inet/resources/aggregator?type=-min&fv=2.0&embed=true&k_3.9.0_yui:cacheid=503939227_p&k_3.9.0_loader:cacheid=2635896308_p

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.229.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-42.deploy.static.akamaitechnologies.com

Software

USAA-Integrity /

Resource Hash

e5adc50895b708c3e16be7ec4fde707de13ab7c11533cfae3ba4742f243bb436

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://areaspla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 01:31:47 GMT
content-encoding: gzip
last-modified: Wed, 27 Apr 2022 22:06:56 GMT
server: USAA-Integrity
vary: Accept-Encoding
content-language: en-US
access-control-allow-origin: *
cache-control: max-age=196117
usaa_wts_jvm_agent_uuid: 72a3a6ad-d267-4055-b433-c799c8caae61
strict-transport-security: max-age=31536000
content-type: text/css; charset=UTF-8
content-length: 330

GET
H2

200

utag.js Show response
tms.usaa.com/main/prod/
Redirect Chain

http://tms.usaa.com/main/prod/utag.js
https://tms.usaa.com/main/prod/utag.js

262 KB
62 KB

662ms
437ms

Script
application/x-javascript

104.89.39.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tms.usaa.com/main/prod/utag.js

Requested by

Host: areaspla.com
URL: http://areaspla.com/wp-includes/js/login/question3.php

Protocol

Server

104.89.39.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-39-85.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

8645fa082d7c48c107becb075a0dce2dc2357a455b17ee4a8cd0d972130683d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://areaspla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 01:31:48 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 18:10:18 GMT
server: AkamaiNetStorage
etag: "35a8abb0a626e6b9d10364fef43fa67a:1654539018.351316"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1800
strict-transport-security: max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Jun 2022 02:01:48 GMT

Redirect headers

Location: https://tms.usaa.com/main/prod/utag.js
Date: Thu, 09 Jun 2022 01:31:47 GMT
Cache-Control: max-age=1800
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0
Expires: Thu, 09 Jun 2022 02:01:47 GMT

GET
H2 200 aggregator Show response
s.usaa.com/inet/resources/ 230 KB
85 KB 70ms
70ms Script
application/x-javascript 104.111.229.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s.usaa.com/inet/resources/aggregator?type=-min&fv=2.0&p_/javascript/ent/thirdparty/yui/yui3_9_0/oop/oop.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/event-custom-base/event-custom-base.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/dom-core/dom-core.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/dom-base/dom-base.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/selector-native/selector-native.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/selector/selector.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/node-core/node-core.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/node-base/node-base.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/event-base/event-base.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/event-base-ie/event-base-ie.js&k_2.0_WicketEventYui_js:cacheid=3958596169_p&p_/javascript/ent/thirdparty/yui/yui3_9_0/querystring-stringify-simple/querystring-stringify-simple.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/io-base/io-base.js&k_2.0_WicketAjaxYui_js:cacheid=330936029_p&p_/javascript/ent/thirdparty/yui/yui3_9_0/attribute-core/attribute-core.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/event-custom-complex/event-custom-complex.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/attribute-observable/attribute-observable.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/attribute-extras/attribute-extras.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/attribute-base/attribute-base.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/base-core/base-core.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/base-observable/base-observable.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/base-base/base-base.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/event-delegate/event-delegate.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/attribute-complex/attribute-complex.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/pluginhost-base/pluginhost-base.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/pluginhost-config/pluginhost-config.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/base-pluginhost/base-pluginhost.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/classnamemanager/classnamemanager.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/event-synthetic/event-synthetic.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/event-focus/event-focus.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/dom-style/dom-style.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/node-style/node-style.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/widget-base/widget-base.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/widget-htmlparser/widget-htmlparser.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/widget-skin/widget-skin.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/node-event-delegate/node-event-delegate.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/widget-uievents/widget-uievents.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/base-build/base-build.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/widget-stdmod/widget-stdmod.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/dom-screen/dom-screen.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/node-screen/node-screen.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/widget-position/widget-position.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/widget-position-align/widget-position-align.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/widget-stack/widget-stack.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/widget-position-constrain/widget-position-constrain.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/overlay/overlay.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/plugin/plugin.js&k_2.0_ModalPanel_js_2:cacheid=4244172564_p&p_/javascript/ent/thirdparty/yui/yui3_9_0/event-simulate/event-simulate.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/async-queue/async-queue.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/gesture-simulate/gesture-simulate.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/node-event-simulate/node-event-simulate.js&k_2.0_LogOffPopup_js:cacheid=1227684044_p&k_2.0_GNBWcmSupportScript_js:cacheid=149771480_p&k_2.0_EnterpriseUtilityFunctions_js:cacheid=2831538708_p&k_2.0_usaaNamespace_js:cacheid=2651159623_p&k_2.0_NavSubglobalMenuV3_js:cacheid=97897630_p&k_2.0_AccTouchMenuV3_js:cacheid=540782592_p&k_2.0_GNBCommon_js:cacheid=3440703063_p&k_2.0_GNBClientAutoCompleteBehavior_js:cacheid=1697558837_p&p_/javascript/ent/thirdparty/yui/yui3_9_0/transition/transition.js&k_2.0_MemberFeedbackBasePanel_js:cacheid=1551415922_p&k_2.0_AutoFocusBehavior_js:cacheid=1773503113_p&k_2.0_NoMultiFormSubmitButtonBehavior_js:cacheid=2021437079_p

Requested by

Host: s.usaa.com
URL: https://s.usaa.com/inet/resources/aggregator?type=-min&fv=2.0&embed=true&k_3.9.0_yui:cacheid=503939227_p&k_3.9.0_loader:cacheid=2635896308_p

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.229.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-42.deploy.static.akamaitechnologies.com

Software

USAA-Integrity /

Resource Hash

f0810cb6e0ab24384c4b773fc0f930b6675d6ee7c977125de4cb3d5c200abc8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://areaspla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 01:31:47 GMT
content-encoding: gzip
last-modified: Fri, 06 May 2022 21:46:08 GMT
server: USAA-Integrity
vary: Accept-Encoding
content-language: en-US
access-control-allow-origin: *
cache-control: max-age=588673
usaa_wts_jvm_agent_uuid: 9c6a21fa-1753-41a5-832f-dd98a9bf3237
strict-transport-security: max-age=31536000
content-type: application/x-javascript; charset=UTF-8
content-length: 85540

GET
H2 200 aggregator Show response
s.usaa.com/inet/resources/ 28 KB
11 KB 63ms
63ms Script
application/x-javascript 104.111.229.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s.usaa.com/inet/resources/aggregator?type=-min&fv=2.0&k_2.0_GNBWcmSupportScript_js:cacheid=149771480_p&k_2.0_EnterpriseUtilityFunctions_js:cacheid=2831538708_p&k_2.0_usaaNamespace_js:cacheid=2651159623_p&k_2.0_NavSubglobalMenuV3_js:cacheid=97897630_p&k_2.0_AccTouchMenuV3_js:cacheid=540782592_p&k_2.0_GNBCommon_js:cacheid=3440703063_p&k_2.0_GNBClientAutoCompleteBehavior_js:cacheid=1697558837_p

Requested by

Host: s.usaa.com
URL: https://s.usaa.com/inet/resources/aggregator?type=-min&fv=2.0&embed=true&k_3.9.0_yui:cacheid=503939227_p&k_3.9.0_loader:cacheid=2635896308_p

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.229.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-42.deploy.static.akamaitechnologies.com

Software

USAA-Integrity /

Resource Hash

dc2083538b54917a09c0e8d41a641f84932732e68c6c12248e03018632ecfa91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://areaspla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 01:31:47 GMT
content-encoding: gzip
last-modified: Fri, 06 May 2022 21:46:08 GMT
server: USAA-Integrity
vary: Accept-Encoding
content-language: en-US
access-control-allow-origin: *
cache-control: max-age=588690
usaa_wts_jvm_agent_uuid: 3ce5afe2-45ed-4e10-bd2e-60555b47b1c6
strict-transport-security: max-age=31536000
content-type: application/x-javascript; charset=UTF-8
content-length: 9642

GET
H2 200 aggregator Show response
s.usaa.com/inet/resources/ 25 KB
11 KB 64ms
64ms Script
application/x-javascript 104.111.229.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s.usaa.com/inet/resources/aggregator?type=-min&fv=2.0&p_/javascript/ent/thirdparty/yui/yui3_9_0/event-mousewheel/event-mousewheel.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/event-mouseenter/event-mouseenter.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/event-key/event-key.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/event-resize/event-resize.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/event-hover/event-hover.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/event-outside/event-outside.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/event-touch/event-touch.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/event-move/event-move.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/event-flick/event-flick.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/event-valuechange/event-valuechange.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/event-tap/event-tap.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/node-pluginhost/node-pluginhost.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/datatype-xml-parse/datatype-xml-parse.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/io-xdr/io-xdr.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/io-form/io-form.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/io-upload-iframe/io-upload-iframe.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/queue-promote/queue-promote.js&p_/javascript/ent/thirdparty/yui/yui3_9_0/io-queue/io-queue.js

Requested by

Host: s.usaa.com
URL: https://s.usaa.com/inet/resources/aggregator?type=-min&fv=2.0&embed=true&k_3.9.0_yui:cacheid=503939227_p&k_3.9.0_loader:cacheid=2635896308_p

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.229.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-42.deploy.static.akamaitechnologies.com

Software

USAA-Integrity /

Resource Hash

1194c22009c4c44456787ce0ca833f849b4c58c9f481ab2e106eb67d4195551f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://areaspla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 01:31:47 GMT
content-encoding: gzip
last-modified: Thu, 28 Apr 2022 06:59:28 GMT
server: USAA-Integrity
vary: Accept-Encoding
content-language: en-US
access-control-allow-origin: *
cache-control: max-age=196943
usaa_wts_jvm_agent_uuid: 3e5b6048-6f94-4bab-8bfb-0241113d0f50
strict-transport-security: max-age=31536000
content-type: application/x-javascript; charset=UTF-8
content-length: 10230

GET
H/1.1 200
OK securityquestionsapplication.js Show response
tags.tiqcdn.com/dle/usaa/main/ 189 B
694 B 153ms
71ms Script
application/javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/dle/usaa/main/securityquestionsapplication.js
Requested by: Host: tms.usaa.com
URL: http://tms.usaa.com/main/prod/utag.js
Protocol: HTTP/1.1
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 621599937afef277886495b219197f69df7c896c75f86019a13dafcf145cd825

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://areaspla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Thu, 09 Jun 2022 01:31:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Oct 2019 20:16:32 GMT
Server: AmazonS3
x-amz-request-id: 6TDRE75DYAYEDVNZ
ETag: "6749da3b277a0c8e52dc9eb28a1b7940"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 147
x-amz-id-2: S5QH8lGlaMpvCpdOXMyPr0NcXnkworbuuL7jbOBsaHuoqwFeFLs1aJlVYWMltZ/50uTArhnN4ig=
Expires: Thu, 09 Jun 2022 02:31:48 GMT

GET
H2

200

utag.481.js Show response
tms.usaa.com/main/prod/
Redirect Chain

http://tms.usaa.com/main/prod/utag.481.js?utv=ut4.46.202206061809
https://tms.usaa.com/main/prod/utag.481.js?utv=ut4.46.202206061809

422 KB
127 KB

199ms
199ms

Script
application/x-javascript

104.89.39.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tms.usaa.com/main/prod/utag.481.js?utv=ut4.46.202206061809

Protocol

Server

104.89.39.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-39-85.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

269dc9963f02248f95f60b6c5d9c83d60abdee0fc8938b5892403878a75cf7f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://areaspla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 01:31:48 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 18:10:15 GMT
server: AkamaiNetStorage
etag: "4e6b5bb4b9d767f6c23008f94f049f53:1654539015.831673"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1800
strict-transport-security: max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Jun 2022 02:01:48 GMT

Redirect headers

Location: https://tms.usaa.com/main/prod/utag.481.js?utv=ut4.46.202206061809
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

utag.425.js Show response
tms.usaa.com/main/prod/
Redirect Chain

http://tms.usaa.com/main/prod/utag.425.js?utv=ut4.46.202206061809
https://tms.usaa.com/main/prod/utag.425.js?utv=ut4.46.202206061809

111 KB
35 KB

469ms
468ms

Script
application/x-javascript

104.89.39.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tms.usaa.com/main/prod/utag.425.js?utv=ut4.46.202206061809

Protocol

Server

104.89.39.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-39-85.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

a267c5e1d8303485efcede6436ac5f3b3dfcc05f66e0bcc05293e90e84867df4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://areaspla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 01:31:48 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 18:10:16 GMT
server: AkamaiNetStorage
etag: "a50a953cf19cdc701ce8dde634681c2d:1654539016.465297"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 35811
expires: Thu, 09 Jun 2022 02:01:48 GMT

Redirect headers

Location: https://tms.usaa.com/main/prod/utag.425.js?utv=ut4.46.202206061809
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

utag.645.js Show response
tms.usaa.com/main/prod/
Redirect Chain

http://tms.usaa.com/main/prod/utag.645.js?utv=ut4.46.202206061809
https://tms.usaa.com/main/prod/utag.645.js?utv=ut4.46.202206061809

8 KB
3 KB

445ms
445ms

Script
application/x-javascript

104.89.39.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tms.usaa.com/main/prod/utag.645.js?utv=ut4.46.202206061809

Protocol

Server

104.89.39.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-39-85.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

740000d62f879a2b5d2b3f71cec9ee5306a54ddaf5dbe9cb8c04b7b9dfe1a81c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://areaspla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 01:31:48 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 18:10:11 GMT
server: AkamaiNetStorage
etag: "045d2dd42b4b5b89c4d9c949eb50a8eb:1654539011.814687"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 2839
expires: Thu, 09 Jun 2022 02:01:48 GMT

Redirect headers

Location: https://tms.usaa.com/main/prod/utag.645.js?utv=ut4.46.202206061809
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

utag.277.js Show response
tms.usaa.com/main/prod/
Redirect Chain

http://tms.usaa.com/main/prod/utag.277.js?utv=ut4.46.202206061809
https://tms.usaa.com/main/prod/utag.277.js?utv=ut4.46.202206061809

9 KB
3 KB

352ms
351ms

Script
application/x-javascript

104.89.39.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tms.usaa.com/main/prod/utag.277.js?utv=ut4.46.202206061809

Protocol

Server

104.89.39.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-39-85.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

7d365b1cbf25d49258a41b890b6201da8b45bf49d90c7102b58883766ec98cd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://areaspla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 01:31:48 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 18:10:06 GMT
server: AkamaiNetStorage
etag: "1ef958a1ee1034cad96c4ba9aa024af7:1654539006.890007"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 3194
expires: Thu, 09 Jun 2022 02:01:48 GMT

Redirect headers

Location: https://tms.usaa.com/main/prod/utag.277.js?utv=ut4.46.202206061809
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

utag.495.js Show response
tms.usaa.com/main/prod/
Redirect Chain

http://tms.usaa.com/main/prod/utag.495.js?utv=ut4.46.202206061809
https://tms.usaa.com/main/prod/utag.495.js?utv=ut4.46.202206061809

4 KB
2 KB

360ms
360ms

Script
application/x-javascript

104.89.39.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tms.usaa.com/main/prod/utag.495.js?utv=ut4.46.202206061809

Protocol

Server

104.89.39.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-39-85.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

ad33da1388cce42d4a1fbcd2847602351901e56479d92d5b7601be4b07e71401

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://areaspla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 01:31:48 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 18:10:08 GMT
server: AkamaiNetStorage
etag: "13e778a6effe06f47e7d1aca2c66992b:1654539008.730937"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 1704
expires: Thu, 09 Jun 2022 02:01:48 GMT

Redirect headers

Location: https://tms.usaa.com/main/prod/utag.495.js?utv=ut4.46.202206061809
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

utag.437.js Show response
tms.usaa.com/main/prod/
Redirect Chain

http://tms.usaa.com/main/prod/utag.437.js?utv=ut4.46.202206061809
https://tms.usaa.com/main/prod/utag.437.js?utv=ut4.46.202206061809

2 KB
1 KB

453ms
453ms

Script
application/x-javascript

104.89.39.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tms.usaa.com/main/prod/utag.437.js?utv=ut4.46.202206061809

Protocol

Server

104.89.39.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-39-85.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

1f201b9e42faaf4bcb48e0ec1a12eddb5c6d40ada2870264433def70a3470f25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://areaspla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 01:31:48 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 18:10:08 GMT
server: AkamaiNetStorage
etag: "90874022d17f9d1b25a57deab159f6f5:1654539008.244713"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 930
expires: Thu, 09 Jun 2022 02:01:48 GMT

Redirect headers

Location: https://tms.usaa.com/main/prod/utag.437.js?utv=ut4.46.202206061809
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

utag.649.js Show response
tms.usaa.com/main/prod/
Redirect Chain

http://tms.usaa.com/main/prod/utag.649.js?utv=ut4.46.202206061809
https://tms.usaa.com/main/prod/utag.649.js?utv=ut4.46.202206061809

4 KB
2 KB

428ms
428ms

Script
application/x-javascript

104.89.39.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tms.usaa.com/main/prod/utag.649.js?utv=ut4.46.202206061809

Protocol

Server

104.89.39.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-39-85.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

d96baeae29defb7bfefc72c4bb89f3babed38ff844cdca9454f2f2174819d081

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://areaspla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 01:31:49 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 18:10:10 GMT
server: AkamaiNetStorage
etag: "7222db0d553d182156584a97021e1153:1654539010.238627"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 1734
expires: Thu, 09 Jun 2022 02:01:49 GMT

Redirect headers

Location: https://tms.usaa.com/main/prod/utag.649.js?utv=ut4.46.202206061809
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET id
da.usaa.com/ 0
0

GET cls_report
gb.usaa360.com/glassbox/reporting/4B3F8B78-DAAF-3BEF-5E64-29E7C240D0DA/ 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 104 KB
40 KB 200ms
73ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6301032

Requested by

Host: tms.usaa.com
URL: http://tms.usaa.com/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

473feb1dab8af7b805b10d865a8d50a79f451146c033c210e098db1213879859

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://areaspla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 01:31:49 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40950
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 00:55:57 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Jun 2022 01:31:49 GMT

POST i.gif
datacloud.tealiumiq.com/usaa/main/2/ 0
0

GET
H/1.1 200
OK / Show response
d.agkn.com/iframe/9297/ Frame 44B6 223 B
778 B 266ms
61ms Document
text/html 52.59.84.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.agkn.com/iframe/9297/?type=1000&che=0.7700165869545972
Requested by: Host: tms.usaa.com
URL: http://tms.usaa.com/main/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.84.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-84-128.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 52a1d0f52f460e327988c355867521b4de4af61472d94935afb22dd20cfea935

Request headers

Referer: http://areaspla.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 223
Content-Type: text/html;charset=UTF-8
Date: Thu, 09 Jun 2022 01:31:49 GMT
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Server: Apache-Coyote/1.1

GET
H2

200

/ Show response
znb1hw37qc9ivyln7-usaa.siteintercept.qualtrics.com/WRSiteInterceptEngine/
Redirect Chain

http://znb1hw37qc9ivyln7-usaa.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_b1Hw37QC9IVyLn7&Q_LOC=http%3A%2F%2Fareaspla.com%2Fwp-includes%2Fjs%2Flogin%2Fquestion3.php
https://znb1hw37qc9ivyln7-usaa.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_b1Hw37QC9IVyLn7&Q_LOC=http%3A%2F%2Fareaspla.com%2Fwp-includes%2Fjs%2Flogin%2Fquestion3.php

7 KB
4 KB

135ms
48ms

Script
application/javascript

104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://znb1hw37qc9ivyln7-usaa.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_b1Hw37QC9IVyLn7&Q_LOC=http%3A%2F%2Fareaspla.com%2Fwp-includes%2Fjs%2Flogin%2Fquestion3.php

Protocol

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85d5a4df4a46900d4975816c36f6dab6bcd37313678ec1f029b05171d923714c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://areaspla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 01:31:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 77133
cf-polished: origSize=8435
cf-ray: 71861c21e965866e-MAD
edge-control: max-age=604800
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"20f3-oeSPew4JSN0vOD+Hr6Pp4QR8dz8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

Redirect headers

Location: https://znb1hw37qc9ivyln7-usaa.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_b1Hw37QC9IVyLn7&Q_LOC=http%3A%2F%2Fareaspla.com%2Fwp-includes%2Fjs%2Flogin%2Fquestion3.php
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK tag.js Show response
www.mczbf.com/tags/11168/ 43 KB
15 KB 259ms
84ms Script
application/javascript 2600:9000:214f:ea00:16:4ed5:12c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mczbf.com/tags/11168/tag.js
Requested by: Host: tms.usaa.com
URL: http://tms.usaa.com/main/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ea00:16:4ed5:12c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 62aed839bca8f54358a1be615d1608429449f9b613dcf93d4e29005a7241093d

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://areaspla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 01:31:49 GMT
Content-Encoding: gzip
Server: nginx
X-Amz-Cf-Pop: FRA53-C1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Content-Type: application/javascript; charset=UTF-8
Via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
Cache-Control: max-age=1800
Connection: keep-alive
X-Amz-Cf-Id: HXBQo7R2iwdPuk-2YFUUQiq2veE4RxEUoEmKpx-9Dgp1C-BcQAT7jQ==
X-Request-ID: eeddba0a-e793-11ec-9b34-edd44dce73a7

GET
H2

200

s66176024444016
da.usaa.com/b/ss/usaadev3/1/JS-2.19.0/
Redirect Chain

http://da.usaa.com/b/ss/usaadev3/1/JS-2.19.0/s66176024444016?AQB=1&ndh=1&pf=1&t=9%2F5%2F2022%201%3A31%3A49%204%200&sdid=714A1BEDAE16338F-3B18E2D17FE4D374&mid=45974579914401200752058820834385865574&...
https://da.usaa.com/b/ss/usaadev3/1/JS-2.19.0/s66176024444016?AQB=1&ndh=1&pf=1&t=9%2F5%2F2022%201%3A31%3A49%204%200&sdid=714A1BEDAE16338F-3B18E2D17FE4D374&mid=45974579914401200752058820834385865574...

43 B
414 B

81ms
81ms

Image
image/gif

104.89.39.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://da.usaa.com/b/ss/usaadev3/1/JS-2.19.0/s66176024444016?AQB=1&ndh=1&pf=1&t=9%2F5%2F2022%201%3A31%3A49%204%200&sdid=714A1BEDAE16338F-3B18E2D17FE4D374&mid=45974579914401200752058820834385865574&ce=UTF-8&ns=usaa&pageName=www%7Cent%7Cent%7Cent%7Cn_a%7Cn_a%7Csec%7Csec_security_question&g=http%3A%2F%2Fareaspla.com%2Fwp-includes%2Fjs%2Flogin%2Fquestion3.php&c.&pageloadtime=2.7&defPageName=areaspla.com%7C%7Cent_auth_secques%2Fanswer%3Fsecurityquestionspage&getTimeParting=Wednesday%7C8%3A30%20PM&getDateParting=6%2F8%2F2022&newRepeat=New&linkType=pv&.c&cc=USD&ch=ent%7Cent%7Csec%7Csec_security_question&server=areaspla.com&events=event207%3D0%2Cevent208%3D0%2Cevent209%3D0.001%2Cevent210%3D0.038%2Cevent211%3D0.047%2Cevent212%3D0.083%2Cevent213%3D1.738%2Cevent214%3D0.018%2Cevent215%3D0.087%2Cevent216&v1=%7Bxor%7DMzM1NTAxNzg4&h1=areaspla.com%7C&l1=n_a&c2=view%3Amain%3Aut4.46.202206061809&l2=n_a%3An_a&v3=ALL%20BUT%20CASUALTY&v4=www&v5=ent&v6=ent&v7=ent&v8=sec_quest_app&v9=sec_security_question&v11=www%7Cent%7Cent%7Cent%7Cn_a%7Cn_a%7Csec%7Csec_security_question&c14=%22Logged%20In%22&c25=SecurityQuestionsApplication%3ASecurityQuestionsPage&c27=main%3A277%3A425%3A437%3A481-cm%3A495%3A645-dv-av%3A649%3A&v29=1951&v30=AZ&v31=false&v32=false&v33=false&v34=false&v35=false&v36=false&v37=false&v40=false&v41=false&v42=true&v43=false&v45=false&c75=http%3A%2F%2Fareaspla.com%2Fwp-includes%2Fjs%2Flogin%2Fquestion3.php&v131=http%3A%2F%2Fareaspla.com%2Fwp-includes%2Fjs%2Flogin%2Fquestion3.php&v181=Etc%2FUnknown&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=47977B2A53A852210A490D45%40AdobeOrg&AQE=1

Protocol

Server

104.89.39.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-39-85.deploy.static.akamaitechnologies.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://areaspla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 01:31:49 GMT
x-content-type-options: nosniff
x-c: main-1645.Id526ce.M0-571
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 10 Jun 2022 01:31:49 GMT
server: jag
xserver: anedge-df488f754-mpwml
etag: 3553523461564727296-4619912043448093874
strict-transport-security: max-age=31536000
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Wed, 08 Jun 2022 01:31:49 GMT

Redirect headers

Location: https://da.usaa.com/b/ss/usaadev3/1/JS-2.19.0/s66176024444016?AQB=1&ndh=1&pf=1&t=9%2F5%2F2022%201%3A31%3A49%204%200&sdid=714A1BEDAE16338F-3B18E2D17FE4D374&mid=45974579914401200752058820834385865574&ce=UTF-8&ns=usaa&pageName=www%7Cent%7Cent%7Cent%7Cn_a%7Cn_a%7Csec%7Csec_security_question&g=http%3A%2F%2Fareaspla.com%2Fwp-includes%2Fjs%2Flogin%2Fquestion3.php&c.&pageloadtime=2.7&defPageName=areaspla.com%7C%7Cent_auth_secques%2Fanswer%3Fsecurityquestionspage&getTimeParting=Wednesday%7C8%3A30%20PM&getDateParting=6%2F8%2F2022&newRepeat=New&linkType=pv&.c&cc=USD&ch=ent%7Cent%7Csec%7Csec_security_question&server=areaspla.com&events=event207%3D0%2Cevent208%3D0%2Cevent209%3D0.001%2Cevent210%3D0.038%2Cevent211%3D0.047%2Cevent212%3D0.083%2Cevent213%3D1.738%2Cevent214%3D0.018%2Cevent215%3D0.087%2Cevent216&v1=%7Bxor%7DMzM1NTAxNzg4&h1=areaspla.com%7C&l1=n_a&c2=view%3Amain%3Aut4.46.202206061809&l2=n_a%3An_a&v3=ALL%20BUT%20CASUALTY&v4=www&v5=ent&v6=ent&v7=ent&v8=sec_quest_app&v9=sec_security_question&v11=www%7Cent%7Cent%7Cent%7Cn_a%7Cn_a%7Csec%7Csec_security_question&c14=%22Logged%20In%22&c25=SecurityQuestionsApplication%3ASecurityQuestionsPage&c27=main%3A277%3A425%3A437%3A481-cm%3A495%3A645-dv-av%3A649%3A&v29=1951&v30=AZ&v31=false&v32=false&v33=false&v34=false&v35=false&v36=false&v37=false&v40=false&v41=false&v42=true&v43=false&v45=false&c75=http%3A%2F%2Fareaspla.com%2Fwp-includes%2Fjs%2Flogin%2Fquestion3.php&v131=http%3A%2F%2Fareaspla.com%2Fwp-includes%2Fjs%2Flogin%2Fquestion3.php&v181=Etc%2FUnknown&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=47977B2A53A852210A490D45%40AdobeOrg&AQE=1
Date: Thu, 09 Jun 2022 01:31:49 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 200 11.2bb382f416862e9f4531.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 59 KB
18 KB 51ms
51ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/11.2bb382f416862e9f4531.chunk.js?Q_CLIENTVERSION=1.73.0&Q_CLIENTTYPE=web&Q_BRANDID=areaspla.com

Requested by

Host: znb1hw37qc9ivyln7-usaa.siteintercept.qualtrics.com
URL: http://znb1hw37qc9ivyln7-usaa.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_b1Hw37QC9IVyLn7&Q_LOC=http%3A%2F%2Fareaspla.com%2Fwp-includes%2Fjs%2Flogin%2Fquestion3.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0deeb04da789835d2b3fe13c690c2f95290fc7491ef177f112dabdfaac4e021f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://areaspla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 01:31:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 78498
cf-polished: origSize=61477
cf-ray: 71861c22499c866e-MAD
edge-control: max-age=604800
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 07 Jun 2022 00:55:52 GMT
server: cloudflare
etag: W/"f025-1813ba92dc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 2 KB
1 KB 83ms
83ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_b1Hw37QC9IVyLn7&Q_CLIENTVERSION=1.73.0&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/11.2bb382f416862e9f4531.chunk.js?Q_CLIENTVERSION=1.73.0&Q_CLIENTTYPE=web&Q_BRANDID=areaspla.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be6e086283e899772092b81847b640d741259893e8dd6c1358c230ff7f65973c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://areaspla.com/
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 09 Jun 2022 01:31:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://areaspla.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: a05331916bc1b713
cf-ray: 71861c22a9e6866e-MAD

GET
H2 200 policy Show response
www.sjwoe.com/ 28 B
422 B 215ms
61ms XHR
application/json 2600:9000:2057:2400:7:f1a3:af00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sjwoe.com/policy
Requested by: Host: www.mczbf.com
URL: https://www.mczbf.com/tags/11168/tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:7:f1a3:af00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4bfe3fd63b2ce813a2e3e1252146acf89e82d30222ca39161cf68086449cd64b

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://areaspla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 01:01:32 GMT
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
age: 1817
x-amzn-requestid: bee24daf-7072-462a-b4ad-c02067a3911b
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=3600
x-amzn-trace-id: Root=1-62a1466c-1b5d439e701a4b5e77e72874;Sampled=0
x-amz-cf-pop: FRA6-C1
x-amz-apigw-id: TbfxCFleIAMFTEQ=
content-length: 28
x-amz-cf-id: F46PUzgW77XCVSFqeWaB8Jv06Ylp1zrqR0SONpBur8pTJV3KwUk3bg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 75ms
75ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-948718260&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6301032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c8d8506e7f9343fdd99137a65724fdddb3c6389c5c0280b60fe9045e983d469c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://areaspla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 01:31:49 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43559
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 00:55:57 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Jun 2022 01:31:49 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 189ms
65ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-948718260&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

22f38bcd5544708fe83348bf6b068d4f521e0cb16c32d0256b7e027760114bad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://areaspla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 01:31:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15069
x-xss-protection: 0
server: cafe
etag: 11223643544955582496
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 09 Jun 2022 01:31:49 GMT

POST
H/1.1 200
OK pageInfo Show response
www.mczbf.com/11168/ 68 B
514 B 204ms
86ms Fetch
image/png 2600:9000:214f:ea00:16:4ed5:12c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mczbf.com/11168/pageInfo
Requested by: Host: www.mczbf.com
URL: https://www.mczbf.com/tags/11168/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ea00:16:4ed5:12c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept: */*
Referer: http://areaspla.com/
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Thu, 09 Jun 2022 01:31:49 GMT
Via: 1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
Server: nginx
X-Amz-Cf-Pop: FRA53-C1
X-Cache: Miss from cloudfront
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: no-store
Connection: keep-alive
Content-Length: 68
X-Amz-Cf-Id: 618SNoIdB5TN0CWgVJOBelx4mPcU9o-QqVieR9_1ROde1tkopip1ZQ==
X-Request-ID: ef1f5776-e793-11ec-861d-d55564760d75

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/948718260/ 2 KB
2 KB 197ms
71ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/948718260/?random=1654738309933&cv=9&fst=1654738309933&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fareaspla.com%2Fwp-includes%2Fjs%2Flogin%2Fquestion3.php&tiba=Security%20Question%20%7C%20USAA&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e641a8912210aeaa6b41ed5c5276d25f9f7532621ebadaac514d204c36eec403

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://areaspla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 01:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1064
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/948718260/ 42 B
548 B 201ms
72ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/948718260/?random=1654738309933&cv=9&fst=1654736400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fareaspla.com%2Fwp-includes%2Fjs%2Flogin%2Fquestion3.php&tiba=Security%20Question%20%7C%20USAA&async=1&fmt=3&is_vtc=1&random=2773448164&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://areaspla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 01:31:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.es/pagead/1p-user-list/948718260/ 42 B
548 B 198ms
71ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.es/pagead/1p-user-list/948718260/?random=1654738309933&cv=9&fst=1654736400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fareaspla.com%2Fwp-includes%2Fjs%2Flogin%2Fquestion3.php&tiba=Security%20Question%20%7C%20USAA&async=1&fmt=3&is_vtc=1&random=2773448164&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://areaspla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 01:31:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: da.usaa.com
URL: http://da.usaa.com/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=47977B2A53A852210A490D45%40AdobeOrg&mid=45974579914401200752058820834385865574&d_coppa=true&ts=1654738309278

Domain: gb.usaa360.com
URL: https://gb.usaa360.com/glassbox/reporting/4B3F8B78-DAAF-3BEF-5E64-29E7C240D0DA/cls_report?_cls_s=9df9d4d0-fa3b-4369-a5b0-0165b5fd09fa%3A0&_cls_v=814547b3-9008-4968-b241-607036fa0d00&pv=2

Domain: datacloud.tealiumiq.com
URL: http://datacloud.tealiumiq.com/usaa/main/2/i.gif

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: USAA (Banking)

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
areaspla.com/	1970-01-20 03:59:07	Name: modelSplitCookie Value: Model
.areaspla.com/	1970-01-20 12:24:34	Name: utag_main Value: v_id:01814616cd06000d69fe6449e3e703073003606b00b08$_sn:1$_se:1$_ss:1$_st:1654740108359$ses_id:1654738308359%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:areaspla.com$dc_visit:1$dc_event:1%3Bexp-session
.areaspla.com/	1970-01-20 21:11:36	Name: AMCV_47977B2A53A852210A490D45%40AdobeOrg Value: 1585540135%7CMCMID%7C45974579914401200752058820834385865574%7CMCAID%7CNONE%7CvVersion%7C4.4.0
.areaspla.com/	1970-01-20 04:22:10	Name: s_pers Value: %20gpv_pn%3Dwww%257Cent%257Cent%257Cent%257Cn_a%257Cn_a%257Csec%257Csec_security_question%7C1654740109455%3B%20s_nr%3D1654738309456-New%7C1657330309456%3B
.areaspla.com/	1969-12-31 23:59:59	Name: s_sess Value: %20s_cc%3Dtrue%3B
.agkn.com/	1970-01-20 12:24:34	Name: ab Value: 0001%3AGyEwHrIhrTitgOrCVpffnvDObTEx1Mma
.agkn.com/	1970-01-20 12:24:34	Name: u Value: C\|0AAAqNAoFKjQKBQAAAAAA
.areaspla.com/	1970-01-20 05:48:34	Name: _gcl_au Value: 1.1.1348021485.1654738310
.usaa360.com/	1970-01-20 12:24:34	Name: _abck Value: BA59004D50AF46A29DC83D4F828B1D54~-1~YAAQHrUQAo4vYx6BAQAA4tEWRghWMj2/Uv4HIliM1n+SklFdIFYQ68Nuw3+Y5qu0Npd31xnL24uZ4tN2HSJRrpcEhJkvOS7jlwR7UoFxAosOmja3wPXNJKmZS3xxZZoMRLJQudiOpwe57HYQuUG4HQpY+IR/bjUfkmUJF/iamdXwBStR6vXbNnToXIdP2tQ4yoMXt2Ra6HDTJjNCvXWKeKJe1YaDCuTxGEltGDcK7KhUQlsgZXYqdWZVCpMwxh6aIXvj1HtYV0yk0wilLMFatGBB70H3kTEtxB5MlMdPkVJ0Bq8n/xvbgPf5OrQl/rlsmT+TPK/PxM1CMvZDWOozrCrPBkI+JP06QRrmbX+SbFxZen+6jt91yF++zmjW~-1~-1~-1
.usaa360.com/	1970-01-20 03:39:12	Name: bm_sz Value: ECB1E23BD3B4256C1033ACA682EA4B98~YAAQHrUQAo8vYx6BAQAA4tEWRhAWzSqGvHtPOwTNUn/BAULKddcLLenjeGOhrAEw/GGLCMuk4eO2PvoF8KuXZzyiiCYH0LqgnqcdDLjwIgepD90GvmOOuNyvP9ZxmLv5riY9UEGaOfgEEIyXhiFo2CzgBvuK30NF0vWeVQU7x8Em5LZT6v6byShpolmEywKn4XILWZwy/B9AeFKgE0pU+1pzlTy6XXhV9jgPDUKV6hxNwg3TOuS4BkCWgD/qee+CrYNxpxAxJ82r4iS2R+cYfzalipafa5jmoUr6NhjHvFtOIqGW~4602162~3422265
.areaspla.com/	1970-01-20 13:07:46	Name: cjConsent Value: MHxZfDB8Tnww
.doubleclick.net/	1970-01-20 03:38:59	Name: test_cookie Value: CheckForPermission

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://areaspla.com/wp-includes/js/login/question3.php Message: Access to XMLHttpRequest at 'http://datacloud.tealiumiq.com/usaa/main/2/i.gif' from origin 'http://areaspla.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: http://datacloud.tealiumiq.com/usaa/main/2/i.gif Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://areaspla.com/wp-includes/js/login/question3.php Message: Access to XMLHttpRequest at 'http://da.usaa.com/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=47977B2A53A852210A490D45%40AdobeOrg&mid=45974579914401200752058820834385865574&d_coppa=true&ts=1654738309278' from origin 'http://areaspla.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: http://da.usaa.com/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=47977B2A53A852210A490D45%40AdobeOrg&mid=45974579914401200752058820834385865574&d_coppa=true&ts=1654738309278 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://areaspla.com/wp-includes/js/login/question3.php Message: Access to XMLHttpRequest at 'https://gb.usaa360.com/glassbox/reporting/4B3F8B78-DAAF-3BEF-5E64-29E7C240D0DA/cls_report?_cls_s=9df9d4d0-fa3b-4369-a5b0-0165b5fd09fa%3A0&_cls_v=814547b3-9008-4968-b241-607036fa0d00&pv=2' from origin 'http://areaspla.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://gb.usaa360.com/glassbox/reporting/4B3F8B78-DAAF-3BEF-5E64-29E7C240D0DA/cls_report?_cls_s=9df9d4d0-fa3b-4369-a5b0-0165b5fd09fa%3A0&_cls_v=814547b3-9008-4968-b241-607036fa0d00&pv=2 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

areaspla.com
content.usaa.com
d.agkn.com
da.usaa.com
datacloud.tealiumiq.com
gb.usaa360.com
googleads.g.doubleclick.net
s.usaa.com
siteintercept.qualtrics.com
tags.tiqcdn.com
tms.usaa.com
www.google.com
www.google.es
www.googleadservices.com
www.googletagmanager.com
www.mczbf.com
www.sjwoe.com
znb1hw37qc9ivyln7-usaa.siteintercept.qualtrics.com
da.usaa.com
datacloud.tealiumiq.com
gb.usaa360.com
104.111.229.42
104.17.209.240
104.75.88.194
104.89.39.85
142.250.186.130
217.76.132.218
2600:9000:2057:2400:7:f1a3:af00:93a1
2600:9000:214f:ea00:16:4ed5:12c0:93a1
2a00:1450:4001:801::2003
2a00:1450:4001:809::2004
2a00:1450:4001:813::2008
2a00:1450:4001:831::2002
52.59.84.128
09fe494df49bb50492a87d2670d9839f3f4220f300b146809d36b7e805db52a3
0deeb04da789835d2b3fe13c690c2f95290fc7491ef177f112dabdfaac4e021f
1194c22009c4c44456787ce0ca833f849b4c58c9f481ab2e106eb67d4195551f
1f201b9e42faaf4bcb48e0ec1a12eddb5c6d40ada2870264433def70a3470f25
22f38bcd5544708fe83348bf6b068d4f521e0cb16c32d0256b7e027760114bad
25f318cc7cd980402ce18bd6ea3f78ac37830449bc4498ae01d2cd30e054433b
269dc9963f02248f95f60b6c5d9c83d60abdee0fc8938b5892403878a75cf7f7
32a78d62b883ff9ad4da5253ea3390908f472a71835a46d387b88bcfda209ea6
473feb1dab8af7b805b10d865a8d50a79f451146c033c210e098db1213879859
4aec011702fc14d721f6fb962354d98ae57caa0f53798176fe27e779d1b27ba4
4bfe3fd63b2ce813a2e3e1252146acf89e82d30222ca39161cf68086449cd64b
522a5fe0b1921acbaa0925b2a50fa141b0719797d5c552ffc150415c7c44d23b
52a1d0f52f460e327988c355867521b4de4af61472d94935afb22dd20cfea935
621599937afef277886495b219197f69df7c896c75f86019a13dafcf145cd825
62aed839bca8f54358a1be615d1608429449f9b613dcf93d4e29005a7241093d
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
67dcb0f0af3149c12b34892e3b1ca471e3a87234625190772e037aaaa8a4a9b6
70cc16695978690e74938cae7f3a5f0de6ee23b1837bddca169316c7001eecd7
740000d62f879a2b5d2b3f71cec9ee5306a54ddaf5dbe9cb8c04b7b9dfe1a81c
7d365b1cbf25d49258a41b890b6201da8b45bf49d90c7102b58883766ec98cd5
85d5a4df4a46900d4975816c36f6dab6bcd37313678ec1f029b05171d923714c
8645fa082d7c48c107becb075a0dce2dc2357a455b17ee4a8cd0d972130683d1
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a267c5e1d8303485efcede6436ac5f3b3dfcc05f66e0bcc05293e90e84867df4
a496651fb1b9fc3b0294fb776f0ee858a5439d6bc5b7c8d99de314180a4cd713
ad33da1388cce42d4a1fbcd2847602351901e56479d92d5b7601be4b07e71401
ad5980cb9d5ad82571e49366d26c086e2c2bbe7efe6feb729c12f9594948ba21
afbd51cd31fe74081f434f2bdf9b74258190c7700667087588645a697bf14531
b110bcd83560d6f9960baff7ddaa2a8c4529ac63867f54903211e380b3d835e8
be6e086283e899772092b81847b640d741259893e8dd6c1358c230ff7f65973c
c8d8506e7f9343fdd99137a65724fdddb3c6389c5c0280b60fe9045e983d469c
d1886043ac668fcd2ccb7019ba9b35ef16f7d0c3db9d9dedf3862b036a4ae2d3
d317c2e6324cdd35249a3d5b6370b68d5b018fdddecc1dec0b9660f2affff0bd
d96baeae29defb7bfefc72c4bb89f3babed38ff844cdca9454f2f2174819d081
dc2083538b54917a09c0e8d41a641f84932732e68c6c12248e03018632ecfa91
e2e04a8e937f5b74a4c50cb7592a8e0bba54b40818d44e43ffd5c40c6b4fe72a
e5adc50895b708c3e16be7ec4fde707de13ab7c11533cfae3ba4742f243bb436
e641a8912210aeaa6b41ed5c5276d25f9f7532621ebadaac514d204c36eec403
e9a681648676dcb7d958f77bed911c7a8a30dabe8ef0265b5ee894205c8aef60
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0810cb6e0ab24384c4b773fc0f930b6675d6ee7c977125de4cb3d5c200abc8f
f1e6fe52eb77428387c40bca6ac1dc5e04e32df118ee60b85ed60dd3c953c22a
f53796ddf251b92b780fdff6b6cfbb1afcc8c43c085e4f8bfc8cf81fb2ceef99
fda9dc9b1feb432da051add9ca8ccdcdedfe460e5e1be4df5f3d17e0bde69c87

areaspla.com Open in urlscan Pro 217.76.132.218 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

45 Requests

67 %HTTPS

46 %IPv6

14 Domains

18 Subdomains

14 IPs

4 Countries

928 kBTransfer

2114 kBSize

12 Cookies

185 Outgoing links

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

areaspla.com Open in urlscan Pro
217.76.132.218 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

67 %
HTTPS

46 %
IPv6

14
Domains

18
Subdomains

14
IPs

4
Countries

928 kB
Transfer

2114 kB
Size

12
Cookies

45 HTTP transactions
3 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!