userrequired-infoaccess01.ddns.ms Open in urlscan Pro
146.190.172.126 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://userrequired-infoaccess01.ddns.ms/
Effective URL:
https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48
Submission: On October 03 via api (October 3rd 2023, 1:36:25 am UTC) from US — Scanned from US

Summary HTTP 37 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 37 HTTP transactions. The main IP is 146.190.172.126, located in San Francisco, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is userrequired-infoaccess01.ddns.ms.
TLS certificate: Issued by R3 on October 3rd 2023. Valid for: 3 months.

This is the only time userrequired-infoaccess01.ddns.ms was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: USAA (Banking)

Domain & IP information

	IP Address	AS Autonomous System
2 23	146.190.172.126 146.190.172.126	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2600:9000:25c... 2600:9000:25c8:c00:7:f1a3:af00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20ed:1400:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
37	4

23 146.190.172.126 (San Francisco, United States) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

userrequired-infoaccess01.ddns.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:25c8:c00:7:f1a3:af00:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.sjwoe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20ed:1400:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	ddns.ms 2 redirects userrequired-infoaccess01.ddns.ms	1 MB
3	sjwoe.com www.sjwoe.com — Cisco Umbrella Rank: 98331	1 KB
1	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1422	663 B
0	usaa.com Failed content.usaa.com Failed
37	4

	Domain	Requested by
23	userrequired-infoaccess01.ddns.ms	2 redirects userrequired-infoaccess01.ddns.ms
3	www.sjwoe.com	userrequired-infoaccess01.ddns.ms
1	tags.tiqcdn.com	userrequired-infoaccess01.ddns.ms
0	content.usaa.com Failed	userrequired-infoaccess01.ddns.ms
37	4

This site contains no links.

Subject Issuer	Validity	Valid
www.userrequired-infoaccess01.ddns.ms R3	`2023-10-03` - `2024-01-01`	3 months	crt.sh
www.sjwoe.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-12`	10 months	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M01	`2023-04-18` - `2024-05-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48
Frame ID: 06BD051331AF1410FF83476D23C5EEA9
Requests: 37 HTTP requests in this frame

Frame: https://userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/a.htm
Frame ID: BC23CAAAB8F969BE10D6EFD90F88C676
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Member Account Login | USAAUSAA logo. Redirects to USAA home. USAA logousaa-symbol-laurel

Page URL History Show full URLs

https://userrequired-infoaccess01.ddns.ms/ HTTP 302
https://userrequired-infoaccess01.ddns.ms/trip.php Page URL
https://userrequired-infoaccess01.ddns.ms/actions/ HTTP 302
https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Page Statistics

37
Requests

68 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

1130 kB
Transfer

1124 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://userrequired-infoaccess01.ddns.ms/ HTTP 302
https://userrequired-infoaccess01.ddns.ms/trip.php Page URL
https://userrequired-infoaccess01.ddns.ms/actions/ HTTP 302
https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://userrequired-infoaccess01.ddns.ms/ HTTP 302
https://userrequired-infoaccess01.ddns.ms/trip.php

37 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	trip.php userrequired-infoaccess01.ddns.ms/ Redirect Chain https://userrequired-infoaccess01.ddns.ms/ https://userrequired-infoaccess01.ddns.ms/trip.php	297 B 614 B	419ms 418ms	Document text/html	146.190.172.126 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://userrequired-infoaccess01.ddns.ms/trip.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 146.190.172.126 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Tue, 03 Oct 2023 01:36:18 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=99 Pragma no-cache Server Apache Transfer-Encoding chunked Redirect headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Length 0 Content-Type text/html; charset=UTF-8 Date Tue, 03 Oct 2023 01:36:18 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=100 Pragma no-cache Server Apache location trip.php
GET H/1.1	200 OK	Primary Request logon.php Show response userrequired-infoaccess01.ddns.ms/actions/ Redirect Chain https://userrequired-infoaccess01.ddns.ms/actions/ https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48	15 KB 15 KB	75ms 74ms	Document text/html	146.190.172.126 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 146.190.172.126 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash `1b5c3878f388a5d32df1723e3e13b9713ffeffa6f6d1bfaf4c0769294b4697b0` Request headers Referer https://userrequired-infoaccess01.ddns.ms/trip.php Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Tue, 03 Oct 2023 01:36:19 GMT Keep-Alive timeout=5, max=97 Server Apache Transfer-Encoding chunked Redirect headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Length 0 Content-Type text/html; charset=UTF-8 Date Tue, 03 Oct 2023 01:36:19 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=98 Location logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 Pragma no-cache Server Apache
GET H/1.1	200 OK	tag.js Show response userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/	15 KB 15 KB	247ms 75ms	Script application/javascript	146.190.172.126 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/tag.js Requested by Host: userrequired-infoaccess01.ddns.ms URL: https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 146.190.172.126 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash `36c52548471a98a97110e2c65dda3f15e86ea870c4d39f4faefe7213eac19a43` Request headers accept-language en-US,en;q=0.9 Referer https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Date Tue, 03 Oct 2023 01:36:20 GMT Last-Modified Sun, 20 Mar 2022 01:36:44 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 15401
GET H/1.1	200 OK	linkid.js Show response userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/	2 KB 2 KB	249ms 74ms	Script application/javascript	146.190.172.126 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/linkid.js Requested by Host: userrequired-infoaccess01.ddns.ms URL: https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 146.190.172.126 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash `92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54` Request headers accept-language en-US,en;q=0.9 Referer https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Date Tue, 03 Oct 2023 01:36:20 GMT Last-Modified Sun, 20 Mar 2022 01:36:44 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1569
GET H/1.1	200 OK	analytics.js Show response userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/	48 KB 49 KB	302ms 75ms	Script application/javascript	146.190.172.126 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/analytics.js Requested by Host: userrequired-infoaccess01.ddns.ms URL: https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 146.190.172.126 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash `fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62` Request headers accept-language en-US,en;q=0.9 Referer https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Date Tue, 03 Oct 2023 01:36:20 GMT Last-Modified Sun, 20 Mar 2022 01:36:44 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 49529
GET H/1.1	200 OK	ent-unified-logon-web.css userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/	105 KB 105 KB	133ms 74ms	Stylesheet text/css	146.190.172.126 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/ent-unified-logon-web.css Requested by Host: userrequired-infoaccess01.ddns.ms URL: https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 146.190.172.126 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash `cde377f76413880285caf3fb4a40f1ceb4f6cc42692608557971329fb5e327fd` Request headers accept-language en-US,en;q=0.9 Referer https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Date Tue, 03 Oct 2023 01:36:19 GMT Last-Modified Sun, 20 Mar 2022 01:36:44 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 107023
GET H/1.1	200 OK	utag_008.js Show response userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/	254 KB 254 KB	305ms 77ms	Script application/javascript	146.190.172.126 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/utag_008.js Requested by Host: userrequired-infoaccess01.ddns.ms URL: https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 146.190.172.126 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash `d8c439ca54cd5d787a34d51463538201159bc5cee831ee6e4eb0ad3733685561` Request headers accept-language en-US,en;q=0.9 Referer https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Date Tue, 03 Oct 2023 01:36:20 GMT Last-Modified Sun, 20 Mar 2022 01:36:44 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 259825
GET H/1.1	200 OK	ent-unified-logon-web_002.js Show response userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/	273 B 527 B	328ms 79ms	Script application/javascript	146.190.172.126 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/ent-unified-logon-web_002.js Requested by Host: userrequired-infoaccess01.ddns.ms URL: https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 146.190.172.126 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash `12823479e57e579d5eb7af45a060336db24bfb84bf0af53a1099d6ca016973f2` Request headers accept-language en-US,en;q=0.9 Referer https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Date Tue, 03 Oct 2023 01:36:20 GMT Last-Modified Sun, 20 Mar 2022 01:36:44 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 273
GET H/1.1	200 OK	utag_004.js Show response userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/	314 KB 314 KB	75ms 74ms	Script application/javascript	146.190.172.126 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/utag_004.js Requested by Host: userrequired-infoaccess01.ddns.ms URL: https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 146.190.172.126 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash `b1a2c3d6d8afefcb778f8496e527ff3dfe612c3fd184ac453b1a79026ba26608` Request headers accept-language en-US,en;q=0.9 Referer https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Date Tue, 03 Oct 2023 01:36:20 GMT Last-Modified Sun, 20 Mar 2022 01:36:44 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 321346
GET H/1.1	200 OK	utag_002.js Show response userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/	31 KB 32 KB	77ms 75ms	Script application/javascript	146.190.172.126 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/utag_002.js Requested by Host: userrequired-infoaccess01.ddns.ms URL: https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 146.190.172.126 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash `a475ea2b9dd647f74a7cdf96bdad2daf7ad4418482a3895378a4f5d078d4ab29` Request headers accept-language en-US,en;q=0.9 Referer https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Date Tue, 03 Oct 2023 01:36:20 GMT Last-Modified Sun, 20 Mar 2022 01:36:44 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=94 Content-Length 32231
GET H/1.1	200 OK	utag_006.js Show response userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/	107 KB 107 KB	76ms 76ms	Script application/javascript	146.190.172.126 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/utag_006.js Requested by Host: userrequired-infoaccess01.ddns.ms URL: https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 146.190.172.126 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash `6b3f1b6c5c1576c9b4850adcc24661d92a6359ca9a25d849bd0c7dc1a8e9d55e` Request headers accept-language en-US,en;q=0.9 Referer https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Date Tue, 03 Oct 2023 01:36:20 GMT Last-Modified Sun, 20 Mar 2022 01:36:44 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 109284
GET H/1.1	200 OK	utag.js Show response userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/	6 KB 7 KB	76ms 76ms	Script application/javascript	146.190.172.126 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/utag.js Requested by Host: userrequired-infoaccess01.ddns.ms URL: https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 146.190.172.126 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash `2a75a418e0d98ee457f863d4907ea0b623304a732d0aa4f6e7e840f58571be49` Request headers accept-language en-US,en;q=0.9 Referer https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Date Tue, 03 Oct 2023 01:36:20 GMT Last-Modified Sun, 20 Mar 2022 01:36:44 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=92 Content-Length 6412
GET H/1.1	200 OK	utag_003.js Show response userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/	13 KB 13 KB	77ms 73ms	Script application/javascript	146.190.172.126 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/utag_003.js Requested by Host: userrequired-infoaccess01.ddns.ms URL: https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 146.190.172.126 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash `645391277c14209dcc4ec39a4d52a0e2cdb6ddc1074314a148df6d7393a70097` Request headers accept-language en-US,en;q=0.9 Referer https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Date Tue, 03 Oct 2023 01:36:20 GMT Last-Modified Sun, 20 Mar 2022 01:36:44 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 12806
GET H/1.1	200 OK	utag_007.js Show response userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/	4 KB 4 KB	76ms 73ms	Script application/javascript	146.190.172.126 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/utag_007.js Requested by Host: userrequired-infoaccess01.ddns.ms URL: https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 146.190.172.126 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash `27251eea3752bb55c61e9b65c879d439ca6e19f25049528899cf7867ed51f919` Request headers accept-language en-US,en;q=0.9 Referer https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Date Tue, 03 Oct 2023 01:36:20 GMT Last-Modified Sun, 20 Mar 2022 01:36:44 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=91 Content-Length 3758
GET H/1.1	200 OK	utag_005.js Show response userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/	4 KB 4 KB	74ms 74ms	Script application/javascript	146.190.172.126 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/utag_005.js Requested by Host: userrequired-infoaccess01.ddns.ms URL: https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 146.190.172.126 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash `35abe2cba4169f0f749f077a756bfdccac0fdeca35cfc3c422fd4625d23e9007` Request headers accept-language en-US,en;q=0.9 Referer https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Date Tue, 03 Oct 2023 01:36:20 GMT Last-Modified Sun, 20 Mar 2022 01:36:44 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 3957
GET H/1.1	200 OK	a.htm Show response userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/ Frame BC23	297 B 539 B	208ms 76ms	Document text/html	146.190.172.126 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/a.htm Requested by Host: userrequired-infoaccess01.ddns.ms URL: https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 146.190.172.126 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash `e1c36ec0c7541c2e1f63ff0ed7cac7147e5aeeeab95128901c82d7877a6946b6` Request headers Referer https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Length 297 Content-Type text/html Date Tue, 03 Oct 2023 01:36:20 GMT Keep-Alive timeout=5, max=100 Last-Modified Sun, 20 Mar 2022 01:36:44 GMT Server Apache
GET H/1.1	200 OK	reactreact-dom.js Show response userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/	128 KB 128 KB	188ms 81ms	Script application/javascript	146.190.172.126 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/reactreact-dom.js Requested by Host: userrequired-infoaccess01.ddns.ms URL: https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 146.190.172.126 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash `7cf48ba5fa58d06a10de7433d6661e879108dfd449ea1686e6d8c84a83eb181e` Request headers accept-language en-US,en;q=0.9 Referer https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Date Tue, 03 Oct 2023 01:36:20 GMT Last-Modified Sun, 20 Mar 2022 01:36:44 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 131121
GET H/1.1	200 OK	AkSkQoX1k Show response userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/	77 KB 77 KB	186ms 78ms	Script text/plain	146.190.172.126 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/AkSkQoX1k Requested by Host: userrequired-infoaccess01.ddns.ms URL: https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 146.190.172.126 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash `7923c5df4689d8e2b03d4b24349057eb7415f9d70b6cd91975fd19814b402821` Request headers accept-language en-US,en;q=0.9 Referer https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Date Tue, 03 Oct 2023 01:36:20 GMT Last-Modified Sun, 20 Mar 2022 01:36:44 GMT Server Apache Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 78590
GET DATA	200 OK	truncated /	155 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `ceec846322efec91a63ccd7c7d369661a99347961bc00e4396d528d9b080f31c` Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET		C1B705B7AD8D5B4C6.woff2 content.usaa.com/mcontent/static_assets/Fonts/	0 0

GET		9C7F15704715916A9.woff2 content.usaa.com/mcontent/static_assets/Fonts/	0 0

GET		E83D71A074DF776F4.woff2 content.usaa.com/mcontent/static_assets/Fonts/	0 0

GET		F68DD4439278D0467.woff2 content.usaa.com/mcontent/static_assets/Fonts/	0 0

GET		12C383965421BC56F.woff2 content.usaa.com/mcontent/static_assets/Fonts/	0 0

GET		9ECBC8FFB535D0532.woff2 content.usaa.com/mcontent/static_assets/Fonts/	0 0

GET H2	200	policy Show response www.sjwoe.com/	48 B 448 B	87ms 9ms	XHR application/json	2600:9000:25c8:c00:7:f1a3:af00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.sjwoe.com/policy Requested by Host: userrequired-infoaccess01.ddns.ms URL: https://userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/tag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:25c8:c00:7:f1a3:af00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash `9e460f3d2ddf0f31c9445ea3874a6aac8ce30f9f284a03526429ac2181935cbe` Request headers accept-language en-US,en;q=0.9 Referer https://userrequired-infoaccess01.ddns.ms/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 02 Oct 2023 18:55:31 GMT via 1.1 ca0fc43bc87ea655f66615a99ef77b4e.cloudfront.net (CloudFront) x-amz-cf-pop PHL51-P1 age 24049 x-amzn-trace-id Root=1-651b1223-5d9261ac6baefedc34aca738;Sampled=0;lineage=36ff8a84:0 x-amzn-requestid 379468f1-995f-4aee-ad76-a55c4461e0c2 x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=3600 x-amz-apigw-id ML_FiE61oAMEv4w= content-length 48 x-amz-cf-id o1Nhiqwb5wDTZF39mfUj9P0DF8v-N0kE0oija28g6Kx_5z7d70NOvQ==
GET H2	200	policy Show response www.sjwoe.com/	48 B 449 B	83ms 10ms	XHR application/json	2600:9000:25c8:c00:7:f1a3:af00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.sjwoe.com/policy Requested by Host: userrequired-infoaccess01.ddns.ms URL: https://userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/tag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:25c8:c00:7:f1a3:af00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash `9e460f3d2ddf0f31c9445ea3874a6aac8ce30f9f284a03526429ac2181935cbe` Request headers accept-language en-US,en;q=0.9 Referer https://userrequired-infoaccess01.ddns.ms/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 02 Oct 2023 18:55:31 GMT via 1.1 ca0fc43bc87ea655f66615a99ef77b4e.cloudfront.net (CloudFront) x-amz-cf-pop PHL51-P1 age 24049 x-amzn-trace-id Root=1-651b1223-5d9261ac6baefedc34aca738;Sampled=0;lineage=36ff8a84:0 x-amzn-requestid 379468f1-995f-4aee-ad76-a55c4461e0c2 x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=3600 x-amz-apigw-id ML_FiE61oAMEv4w= content-length 48 x-amz-cf-id SPrefQzC7S3oeWlw-sf9sZkyi4CvRCvoWBvwtvgUzzVNUVZ8Q4cbIQ==
GET H2	200	policy Show response www.sjwoe.com/	48 B 448 B	82ms 10ms	XHR application/json	2600:9000:25c8:c00:7:f1a3:af00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.sjwoe.com/policy Requested by Host: userrequired-infoaccess01.ddns.ms URL: https://userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/tag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:25c8:c00:7:f1a3:af00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash `9e460f3d2ddf0f31c9445ea3874a6aac8ce30f9f284a03526429ac2181935cbe` Request headers accept-language en-US,en;q=0.9 Referer https://userrequired-infoaccess01.ddns.ms/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 02 Oct 2023 18:55:31 GMT via 1.1 ca0fc43bc87ea655f66615a99ef77b4e.cloudfront.net (CloudFront) x-amz-cf-pop PHL51-P1 age 24049 x-amzn-trace-id Root=1-651b1223-5d9261ac6baefedc34aca738;Sampled=0;lineage=36ff8a84:0 x-amzn-requestid 379468f1-995f-4aee-ad76-a55c4461e0c2 x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=3600 x-amz-apigw-id ML_FiE61oAMEv4w= content-length 48 x-amz-cf-id AJRGyVWrhWHsmX1YOPNbgBuXSvJFRhQi48akghFoM-AtfeBciP3Mzw==
GET		C1B705B7AD8D5B4C6.woff content.usaa.com/mcontent/static_assets/Fonts/	0 0

GET		E83D71A074DF776F4.woff content.usaa.com/mcontent/static_assets/Fonts/	0 0

GET		F68DD4439278D0467.woff content.usaa.com/mcontent/static_assets/Fonts/	0 0

GET		12C383965421BC56F.woff content.usaa.com/mcontent/static_assets/Fonts/	0 0

GET		9ECBC8FFB535D0532.woff content.usaa.com/mcontent/static_assets/Fonts/	0 0

GET		9C7F15704715916A9.woff content.usaa.com/mcontent/static_assets/Fonts/	0 0

POST H/1.1	404 Not Found	pageInfo Show response userrequired-infoaccess01.ddns.ms/11168/	315 B 515 B	80ms 73ms	XHR text/html	146.190.172.126 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://userrequired-infoaccess01.ddns.ms/11168/pageInfo Requested by Host: userrequired-infoaccess01.ddns.ms URL: https://userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/tag.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 146.190.172.126 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers Accept / Referer https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers Date Tue, 03 Oct 2023 01:36:20 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=93 Content-Length 315 Content-Type text/html; charset=iso-8859-1
POST H/1.1	404 Not Found	pageInfo Show response userrequired-infoaccess01.ddns.ms/11168/	315 B 515 B	110ms 84ms	XHR text/html	146.190.172.126 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://userrequired-infoaccess01.ddns.ms/11168/pageInfo Requested by Host: userrequired-infoaccess01.ddns.ms URL: https://userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/tag.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 146.190.172.126 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers Accept / Referer https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers Date Tue, 03 Oct 2023 01:36:20 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 315 Content-Type text/html; charset=iso-8859-1
POST H/1.1	404 Not Found	pageInfo Show response userrequired-infoaccess01.ddns.ms/11168/	315 B 515 B	386ms 349ms	XHR text/html	146.190.172.126 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://userrequired-infoaccess01.ddns.ms/11168/pageInfo Requested by Host: userrequired-infoaccess01.ddns.ms URL: https://userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/tag.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 146.190.172.126 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers Accept / Referer https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers Date Tue, 03 Oct 2023 01:36:20 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=98 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H2	200	ent-unified-logon-web.js Show response tags.tiqcdn.com/dle/usaa/nw/	273 B 663 B	149ms 11ms	Script application/javascript	2600:9000:20ed:1400:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/dle/usaa/nw/ent-unified-logon-web.js Requested by Host: userrequired-infoaccess01.ddns.ms URL: https://userrequired-infoaccess01.ddns.ms/actions/thyassets/tm/utag_008.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20ed:1400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `12823479e57e579d5eb7af45a060336db24bfb84bf0af53a1099d6ca016973f2` Request headers accept-language en-US,en;q=0.9 Referer https://userrequired-infoaccess01.ddns.ms/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Tue, 03 Oct 2023 00:49:02 GMT via 1.1 a3553fd14d7dc73d33a5426ee64abf1c.cloudfront.net (CloudFront) last-modified Tue, 24 Nov 2020 19:54:16 GMT server AmazonS3 x-amz-cf-pop PHL50-C1 age 2839 x-amz-server-side-encryption AES256 etag "1a6e4c1aade1d02a22faec181b827e84" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=300 accept-ranges bytes content-length 273 x-amz-cf-id Cqd574DOl5o0uax9tkkPtVFVUsen0B4tTCOrX-3pxl8j8QWBKjuPxQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: content.usaa.com
URL: https://content.usaa.com/mcontent/static_assets/Fonts/C1B705B7AD8D5B4C6.woff2

Domain: content.usaa.com
URL: https://content.usaa.com/mcontent/static_assets/Fonts/9C7F15704715916A9.woff2

Domain: content.usaa.com
URL: https://content.usaa.com/mcontent/static_assets/Fonts/E83D71A074DF776F4.woff2

Domain: content.usaa.com
URL: https://content.usaa.com/mcontent/static_assets/Fonts/F68DD4439278D0467.woff2

Domain: content.usaa.com
URL: https://content.usaa.com/mcontent/static_assets/Fonts/12C383965421BC56F.woff2

Domain: content.usaa.com
URL: https://content.usaa.com/mcontent/static_assets/Fonts/9ECBC8FFB535D0532.woff2

Domain: content.usaa.com
URL: https://content.usaa.com/mcontent/static_assets/Fonts/C1B705B7AD8D5B4C6.woff

Domain: content.usaa.com
URL: https://content.usaa.com/mcontent/static_assets/Fonts/E83D71A074DF776F4.woff

Domain: content.usaa.com
URL: https://content.usaa.com/mcontent/static_assets/Fonts/F68DD4439278D0467.woff

Domain: content.usaa.com
URL: https://content.usaa.com/mcontent/static_assets/Fonts/12C383965421BC56F.woff

Domain: content.usaa.com
URL: https://content.usaa.com/mcontent/static_assets/Fonts/9ECBC8FFB535D0532.woff

Domain: content.usaa.com
URL: https://content.usaa.com/mcontent/static_assets/Fonts/9C7F15704715916A9.woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: USAA (Banking)

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
userrequired-infoaccess01.ddns.ms/	1969-12-31 23:59:59	Name: PHPSESSID Value: ef51d5164eb2cab170987380072b81ad
userrequired-infoaccess01.ddns.ms/	1970-01-20 15:54:48	Name: 5075140835d0bc504791c76b04c33d2bck Value: c327b49efdca2668f28cd7b4beee54b3y3r
userrequired-infoaccess01.ddns.ms/	1970-01-20 15:54:48	Name: ce114cdc5e387191210f3b519dfb118bck Value: 1696296978
userrequired-infoaccess01.ddns.ms/	1969-12-31 23:59:59	Name: ssww Value: 1600
userrequired-infoaccess01.ddns.ms/	1969-12-31 23:59:59	Name: sshh Value: 1200
.ddns.ms/	1970-01-21 00:40:24	Name: cjConsent Value: MHxOfDB8Tnww
.ddns.ms/	1970-01-20 23:57:12	Name: utag_main Value: v_id:018af32dd01d001bb6c2fcbbbef903074006206c00b08$_sn:1$_se:1$_ss:1$_st:1696298780511$ses_id:1696296980511%3Bexp-session$_pn:1%3Bexp-session

27 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 Message: Access to font at 'https://content.usaa.com/mcontent/static_assets/Fonts/C1B705B7AD8D5B4C6.woff2' from origin 'https://userrequired-infoaccess01.ddns.ms' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://content.usaa.com/mcontent/static_assets/Fonts/C1B705B7AD8D5B4C6.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 Message: Access to font at 'https://content.usaa.com/mcontent/static_assets/Fonts/E83D71A074DF776F4.woff2' from origin 'https://userrequired-infoaccess01.ddns.ms' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://content.usaa.com/mcontent/static_assets/Fonts/E83D71A074DF776F4.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 Message: Access to font at 'https://content.usaa.com/mcontent/static_assets/Fonts/F68DD4439278D0467.woff2' from origin 'https://userrequired-infoaccess01.ddns.ms' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://content.usaa.com/mcontent/static_assets/Fonts/F68DD4439278D0467.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 Message: Access to font at 'https://content.usaa.com/mcontent/static_assets/Fonts/12C383965421BC56F.woff2' from origin 'https://userrequired-infoaccess01.ddns.ms' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://content.usaa.com/mcontent/static_assets/Fonts/12C383965421BC56F.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 Message: Access to font at 'https://content.usaa.com/mcontent/static_assets/Fonts/9ECBC8FFB535D0532.woff2' from origin 'https://userrequired-infoaccess01.ddns.ms' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://content.usaa.com/mcontent/static_assets/Fonts/9ECBC8FFB535D0532.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 Message: Access to font at 'https://content.usaa.com/mcontent/static_assets/Fonts/9C7F15704715916A9.woff2' from origin 'https://userrequired-infoaccess01.ddns.ms' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://content.usaa.com/mcontent/static_assets/Fonts/9C7F15704715916A9.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 Message: Access to font at 'https://content.usaa.com/mcontent/static_assets/Fonts/C1B705B7AD8D5B4C6.woff' from origin 'https://userrequired-infoaccess01.ddns.ms' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://content.usaa.com/mcontent/static_assets/Fonts/C1B705B7AD8D5B4C6.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 Message: Access to font at 'https://content.usaa.com/mcontent/static_assets/Fonts/E83D71A074DF776F4.woff' from origin 'https://userrequired-infoaccess01.ddns.ms' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://content.usaa.com/mcontent/static_assets/Fonts/E83D71A074DF776F4.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 Message: Access to font at 'https://content.usaa.com/mcontent/static_assets/Fonts/F68DD4439278D0467.woff' from origin 'https://userrequired-infoaccess01.ddns.ms' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://content.usaa.com/mcontent/static_assets/Fonts/F68DD4439278D0467.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 Message: Access to font at 'https://content.usaa.com/mcontent/static_assets/Fonts/12C383965421BC56F.woff' from origin 'https://userrequired-infoaccess01.ddns.ms' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://content.usaa.com/mcontent/static_assets/Fonts/12C383965421BC56F.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 Message: Access to font at 'https://content.usaa.com/mcontent/static_assets/Fonts/9ECBC8FFB535D0532.woff' from origin 'https://userrequired-infoaccess01.ddns.ms' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://content.usaa.com/mcontent/static_assets/Fonts/9ECBC8FFB535D0532.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://userrequired-infoaccess01.ddns.ms/actions/logon.php?usaaa=09b15d48a1514d8209b192a8b8f34e48 Message: Access to font at 'https://content.usaa.com/mcontent/static_assets/Fonts/9C7F15704715916A9.woff' from origin 'https://userrequired-infoaccess01.ddns.ms' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://content.usaa.com/mcontent/static_assets/Fonts/9C7F15704715916A9.woff Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://userrequired-infoaccess01.ddns.ms/11168/pageInfo Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://userrequired-infoaccess01.ddns.ms/11168/pageInfo Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://userrequired-infoaccess01.ddns.ms/11168/pageInfo Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

content.usaa.com
tags.tiqcdn.com
userrequired-infoaccess01.ddns.ms
www.sjwoe.com
content.usaa.com
146.190.172.126
2600:9000:20ed:1400:7:2bfb:7c00:93a1
2600:9000:25c8:c00:7:f1a3:af00:93a1
12823479e57e579d5eb7af45a060336db24bfb84bf0af53a1099d6ca016973f2
1b5c3878f388a5d32df1723e3e13b9713ffeffa6f6d1bfaf4c0769294b4697b0
27251eea3752bb55c61e9b65c879d439ca6e19f25049528899cf7867ed51f919
2a75a418e0d98ee457f863d4907ea0b623304a732d0aa4f6e7e840f58571be49
35abe2cba4169f0f749f077a756bfdccac0fdeca35cfc3c422fd4625d23e9007
36c52548471a98a97110e2c65dda3f15e86ea870c4d39f4faefe7213eac19a43
645391277c14209dcc4ec39a4d52a0e2cdb6ddc1074314a148df6d7393a70097
6b3f1b6c5c1576c9b4850adcc24661d92a6359ca9a25d849bd0c7dc1a8e9d55e
7923c5df4689d8e2b03d4b24349057eb7415f9d70b6cd91975fd19814b402821
7cf48ba5fa58d06a10de7433d6661e879108dfd449ea1686e6d8c84a83eb181e
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9e460f3d2ddf0f31c9445ea3874a6aac8ce30f9f284a03526429ac2181935cbe
a475ea2b9dd647f74a7cdf96bdad2daf7ad4418482a3895378a4f5d078d4ab29
b1a2c3d6d8afefcb778f8496e527ff3dfe612c3fd184ac453b1a79026ba26608
cde377f76413880285caf3fb4a40f1ceb4f6cc42692608557971329fb5e327fd
ceec846322efec91a63ccd7c7d369661a99347961bc00e4396d528d9b080f31c
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d8c439ca54cd5d787a34d51463538201159bc5cee831ee6e4eb0ad3733685561
e1c36ec0c7541c2e1f63ff0ed7cac7147e5aeeeab95128901c82d7877a6946b6
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

userrequired-infoaccess01.ddns.ms Open in urlscan Pro 146.190.172.126 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

68 %HTTPS

67 %IPv6

4 Domains

4 Subdomains

4 IPs

1 Countries

1130 kBTransfer

1124 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

userrequired-infoaccess01.ddns.ms Open in urlscan Pro
146.190.172.126 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

68 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

1130 kB
Transfer

1124 kB
Size

7
Cookies

37 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!