usaa.versaic.com Open in urlscan Pro
18.205.45.140  Malicious Activity! Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
5 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login Show response usaa.versaic.com/	93 KB 62 KB	402ms 135ms	Document text/html	18.205.45.140 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://usaa.versaic.com/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.205.45.140 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-205-45-140.compute-1.amazonaws.com Software Server / Resource Hash 566f0cb5c102c4781559dcc1d18f96d164fd68040da9eb48c061159900ac6874 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :method GET :authority usaa.versaic.com :scheme https :path /login pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 10 Jun 2021 16:02:46 GMT content-type text/html; charset=utf-8 content-length 62637 cache-control private content-encoding gzip vary Accept-Encoding server Server set-cookie ASP.NET_SessionId=2crvkj1gmlghnif1gqf0bayr; path=/; secure; HttpOnly; SameSite=Lax request-context appId=cid-v1:0b0765ee-03f1-415c-9a9f-6cd9c358c159 access-control-expose-headers Request-Context x-frame-options SAMEORIGIN x-content-type-options nosniff x-xss-protection 1; mode=block strict-transport-security max-age=31536000
GET H2	200	reset.css usaa.versaic.com/styles/	644 B 769 B	157ms 155ms	Stylesheet text/css	18.205.45.140 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://usaa.versaic.com/styles/reset.css Requested by Host: usaa.versaic.com URL: https://usaa.versaic.com/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.205.45.140 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-205-45-140.compute-1.amazonaws.com Software Server / Resource Hash 92808bd37e111ae309beb1110fed6a87d467c36a0f126c65cb60b83c2eb1c38b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :path /styles/reset.css pragma no-cache cookie ASP.NET_SessionId=2crvkj1gmlghnif1gqf0bayr accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority usaa.versaic.com referer https://usaa.versaic.com/login :scheme https sec-fetch-site same-origin :method GET Referer https://usaa.versaic.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 10 Jun 2021 16:02:46 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 01 Feb 2021 10:01:16 GMT server Server etag "07efc2d81f8d61:0" x-frame-options SAMEORIGIN content-type text/css cache-control max-age=86400 strict-transport-security max-age=31536000 accept-ranges bytes vary Accept-Encoding content-length 460 x-xss-protection 1; mode=block
GET H2	200	default.css usaa.versaic.com/styles/	47 KB 14 KB	206ms 205ms	Stylesheet text/css	18.205.45.140 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://usaa.versaic.com/styles/default.css Requested by Host: usaa.versaic.com URL: https://usaa.versaic.com/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.205.45.140 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-205-45-140.compute-1.amazonaws.com Software Server / Resource Hash a3eccffa9a8a01f4054b733d7be3537a9df749c25a73cc552a7a5dcdcf4f7680 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :path /styles/default.css pragma no-cache cookie ASP.NET_SessionId=2crvkj1gmlghnif1gqf0bayr accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority usaa.versaic.com referer https://usaa.versaic.com/login :scheme https sec-fetch-site same-origin :method GET Referer https://usaa.versaic.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 10 Jun 2021 16:02:46 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 01 Feb 2021 10:01:16 GMT server Server etag "07efc2d81f8d61:0" x-frame-options SAMEORIGIN content-type text/css cache-control max-age=86400 strict-transport-security max-age=31536000 accept-ranges bytes vary Accept-Encoding content-length 14306 x-xss-protection 1; mode=block
GET H2	200	PluginProposalManagement2.css usaa.versaic.com/styles/	44 KB 11 KB	165ms 163ms	Stylesheet text/css	18.205.45.140 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://usaa.versaic.com/styles/PluginProposalManagement2.css Requested by Host: usaa.versaic.com URL: https://usaa.versaic.com/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.205.45.140 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-205-45-140.compute-1.amazonaws.com Software Server / Resource Hash a48a24efa13806294b4e22b1d9c061b2faf9b0626271d66d9a8fbd035ef22d39 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :path /styles/PluginProposalManagement2.css pragma no-cache cookie ASP.NET_SessionId=2crvkj1gmlghnif1gqf0bayr accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority usaa.versaic.com referer https://usaa.versaic.com/login :scheme https sec-fetch-site same-origin :method GET Referer https://usaa.versaic.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 10 Jun 2021 16:02:46 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 01 Feb 2021 10:01:16 GMT server Server etag "07efc2d81f8d61:0" x-frame-options SAMEORIGIN content-type text/css cache-control max-age=86400 strict-transport-security max-age=31536000 accept-ranges bytes vary Accept-Encoding content-length 11172 x-xss-protection 1; mode=block
GET H2	200	jquery-ui.bundle.css usaa.versaic.com/bundles/css/jquery-ui/	30 KB 10 KB	160ms 159ms	Stylesheet text/css	18.205.45.140 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://usaa.versaic.com/bundles/css/jquery-ui/jquery-ui.bundle.css Requested by Host: usaa.versaic.com URL: https://usaa.versaic.com/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.205.45.140 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-205-45-140.compute-1.amazonaws.com Software Server / Resource Hash 151352de1594c2a9ad13c1c5b45913db7bad9e258fafb4840c4656d0292f518c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :path /bundles/css/jquery-ui/jquery-ui.bundle.css pragma no-cache cookie ASP.NET_SessionId=2crvkj1gmlghnif1gqf0bayr accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority usaa.versaic.com referer https://usaa.versaic.com/login :scheme https sec-fetch-site same-origin :method GET Referer https://usaa.versaic.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 10 Jun 2021 16:02:46 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 04 Jun 2021 17:38:44 GMT server Server etag "02a14776859d71:0" x-frame-options SAMEORIGIN content-type text/css cache-control max-age=86400 strict-transport-security max-age=31536000 accept-ranges bytes vary Accept-Encoding content-length 9480 x-xss-protection 1; mode=block
GET H2	200	js Show response www.googletagmanager.com/gtag/	119 KB 46 KB	32ms 32ms	Script application/javascript	2a00:1450:4001:801::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-YYFWGWWF5Y Requested by Host: usaa.versaic.com URL: https://usaa.versaic.com/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c088cfd63b5f9c338a24fbf3f022402a5bfae13937f50a96211c7252da5f4dd0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://usaa.versaic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 10 Jun 2021 16:02:46 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 46752 x-xss-protection 0 expires Thu, 10 Jun 2021 16:02:46 GMT
GET H2	200	62a92c37270a66552f72.bundle.css usaa.versaic.com/App_Themes/USAA/	33 KB 24 KB	200ms 199ms	Stylesheet text/css	18.205.45.140 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://usaa.versaic.com/App_Themes/USAA/62a92c37270a66552f72.bundle.css Requested by Host: usaa.versaic.com URL: https://usaa.versaic.com/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.205.45.140 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-205-45-140.compute-1.amazonaws.com Software Server / Resource Hash 5f10b17d21645dd8171653a4febe87b1cac0fa1a841e408aec1aa240fae5c4fa Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :path /App_Themes/USAA/62a92c37270a66552f72.bundle.css pragma no-cache cookie ASP.NET_SessionId=2crvkj1gmlghnif1gqf0bayr accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority usaa.versaic.com referer https://usaa.versaic.com/login :scheme https sec-fetch-site same-origin :method GET Referer https://usaa.versaic.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 10 Jun 2021 16:02:46 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 04 Jun 2021 17:38:42 GMT server Server etag "0fde2756859d71:0" x-frame-options SAMEORIGIN content-type text/css cache-control max-age=86400 strict-transport-security max-age=31536000 accept-ranges bytes vary Accept-Encoding content-length 24009 x-xss-protection 1; mode=block
GET H2	200	WebResource.axd Show response usaa.versaic.com/	23 KB 6 KB	110ms 106ms	Script application/x-javascript	18.205.45.140 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://usaa.versaic.com/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZG9qErAMu9hzszG4Grb60IdqQfqgwhxpqe5z3BvQ2CZAvBTJWg2&t=637454068754849868 Requested by Host: usaa.versaic.com URL: https://usaa.versaic.com/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.205.45.140 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-205-45-140.compute-1.amazonaws.com Software Server / Resource Hash 40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :path /WebResource.axd?d=pynGkmcFUV13He1Qd6_TZG9qErAMu9hzszG4Grb60IdqQfqgwhxpqe5z3BvQ2CZAvBTJWg2&t=637454068754849868 pragma no-cache cookie ASP.NET_SessionId=2crvkj1gmlghnif1gqf0bayr accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority usaa.versaic.com referer https://usaa.versaic.com/login :scheme https sec-fetch-site same-origin :method GET Referer https://usaa.versaic.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 10 Jun 2021 16:02:46 GMT content-encoding gzip x-content-type-options nosniff expires Thu, 09 Jun 2022 13:15:33 GMT last-modified Tue, 05 Jan 2021 01:27:55 GMT server Server x-frame-options SAMEORIGIN content-type application/x-javascript access-control-expose-headers Request-Context cache-control public strict-transport-security max-age=31536000 vary Accept-Encoding content-length 6007 x-xss-protection 1; mode=block request-context appId=cid-v1:0b0765ee-03f1-415c-9a9f-6cd9c358c159
GET H2	200	ScriptResource.axd Show response usaa.versaic.com/	26 KB 6 KB	125ms 121ms	Script application/x-javascript	18.205.45.140 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://usaa.versaic.com/ScriptResource.axd?d=nv7asgRUU0tRmHNR2D6t1HEyW8solwncwQY1We-FTSzzzJzKnO774o1OfAeizZZ-c96_bRFaVqmiXczJnQJ0mbTKQETtNjeHw3umyDhCzKHe6iKIqICL53TtDjn5oQhrnHe6FQ2&t=ffffffffe191061b Requested by Host: usaa.versaic.com URL: https://usaa.versaic.com/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.205.45.140 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-205-45-140.compute-1.amazonaws.com Software Server / Resource Hash ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :path /ScriptResource.axd?d=nv7asgRUU0tRmHNR2D6t1HEyW8solwncwQY1We-FTSzzzJzKnO774o1OfAeizZZ-c96_bRFaVqmiXczJnQJ0mbTKQETtNjeHw3umyDhCzKHe6iKIqICL53TtDjn5oQhrnHe6FQ2&t=ffffffffe191061b pragma no-cache cookie ASP.NET_SessionId=2crvkj1gmlghnif1gqf0bayr accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority usaa.versaic.com referer https://usaa.versaic.com/login :scheme https sec-fetch-site same-origin :method GET Referer https://usaa.versaic.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 10 Jun 2021 16:02:46 GMT content-encoding gzip x-content-type-options nosniff expires Thu, 09 Jun 2022 13:15:33 GMT last-modified Wed, 09 Jun 2021 13:15:33 GMT server Server x-frame-options SAMEORIGIN content-type application/x-javascript access-control-expose-headers Request-Context cache-control public strict-transport-security max-age=31536000 content-length 5479 x-xss-protection 1; mode=block request-context appId=cid-v1:0b0765ee-03f1-415c-9a9f-6cd9c358c159
GET H2	200	ScriptResource.axd Show response usaa.versaic.com/	87 KB 27 KB	117ms 113ms	Script application/x-javascript	18.205.45.140 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://usaa.versaic.com/ScriptResource.axd?d=x6wALODbMJK5e0eRC_p1LWbPkZg8pfMnBt5yNeuh5yiUiFAZgrWT4G80Xr5rlQLvvSADeCNQ68m6fofr_RSNieKzXSj_P7GElmfMMuqJZn0qQKk40&t=fffffffff2b1ef38 Requested by Host: usaa.versaic.com URL: https://usaa.versaic.com/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.205.45.140 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-205-45-140.compute-1.amazonaws.com Software Server / Resource Hash 9f9425c961900c8d8b3b30085c3969eef0c845a11c5be9fad704d160c64a12f5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :path /ScriptResource.axd?d=x6wALODbMJK5e0eRC_p1LWbPkZg8pfMnBt5yNeuh5yiUiFAZgrWT4G80Xr5rlQLvvSADeCNQ68m6fofr_RSNieKzXSj_P7GElmfMMuqJZn0qQKk40&t=fffffffff2b1ef38 pragma no-cache cookie ASP.NET_SessionId=2crvkj1gmlghnif1gqf0bayr accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority usaa.versaic.com referer https://usaa.versaic.com/login :scheme https sec-fetch-site same-origin :method GET Referer https://usaa.versaic.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 10 Jun 2021 16:02:46 GMT content-encoding gzip x-content-type-options nosniff expires Thu, 09 Jun 2022 13:15:33 GMT last-modified Wed, 09 Jun 2021 13:15:33 GMT server Server x-frame-options SAMEORIGIN content-type application/x-javascript access-control-expose-headers Request-Context cache-control public strict-transport-security max-age=31536000 content-length 27722 x-xss-protection 1; mode=block request-context appId=cid-v1:0b0765ee-03f1-415c-9a9f-6cd9c358c159
GET H2	200	ScriptResource.axd Show response usaa.versaic.com/	36 KB 10 KB	112ms 109ms	Script application/x-javascript	18.205.45.140 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://usaa.versaic.com/ScriptResource.axd?d=P5lTttoqSeZXoYRLQMIScFXNASCx7Q2lcSvYHkNZEaHdW-bOEyipBAmraZY30jk3xFrOLso_5ROhVt5gZz2WsqoNeLpx1NFLD8WIGYQYmcEqxu-k0&t=fffffffff2b1ef38 Requested by Host: usaa.versaic.com URL: https://usaa.versaic.com/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.205.45.140 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-205-45-140.compute-1.amazonaws.com Software Server / Resource Hash e44c3b782978c44af9885b97302632e45ff19d01ecb745e91d21cf597c22cb29 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :path /ScriptResource.axd?d=P5lTttoqSeZXoYRLQMIScFXNASCx7Q2lcSvYHkNZEaHdW-bOEyipBAmraZY30jk3xFrOLso_5ROhVt5gZz2WsqoNeLpx1NFLD8WIGYQYmcEqxu-k0&t=fffffffff2b1ef38 pragma no-cache cookie ASP.NET_SessionId=2crvkj1gmlghnif1gqf0bayr accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority usaa.versaic.com referer https://usaa.versaic.com/login :scheme https sec-fetch-site same-origin :method GET Referer https://usaa.versaic.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 10 Jun 2021 16:02:46 GMT content-encoding gzip x-content-type-options nosniff expires Thu, 09 Jun 2022 13:15:33 GMT last-modified Wed, 09 Jun 2021 13:15:33 GMT server Server x-frame-options SAMEORIGIN content-type application/x-javascript access-control-expose-headers Request-Context cache-control public strict-transport-security max-age=31536000 content-length 9936 x-xss-protection 1; mode=block request-context appId=cid-v1:0b0765ee-03f1-415c-9a9f-6cd9c358c159
GET H2	200	vendors~builder~paymentdetails~paymentmanager~proposalhistoryaudit~utils.4ea44197653d7f95378a.bundle.js Show response usaa.versaic.com/bundles/js/vendors~builder~paymentdetails~paymentmanager~proposalhistoryaudit~utils/	131 KB 53 KB	153ms 150ms	Script application/javascript	18.205.45.140 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://usaa.versaic.com/bundles/js/vendors~builder~paymentdetails~paymentmanager~proposalhistoryaudit~utils/vendors~builder~paymentdetails~paymentmanager~proposalhistoryaudit~utils.4ea44197653d7f95378a.bundle.js Requested by Host: usaa.versaic.com URL: https://usaa.versaic.com/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.205.45.140 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-205-45-140.compute-1.amazonaws.com Software Server / Resource Hash 924cc6191727d53c1e245c4ea7a6580c7b6ba448532005146f33acaab87fe704 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :path /bundles/js/vendors~builder~paymentdetails~paymentmanager~proposalhistoryaudit~utils/vendors~builder~paymentdetails~paymentmanager~proposalhistoryaudit~utils.4ea44197653d7f95378a.bundle.js pragma no-cache cookie ASP.NET_SessionId=2crvkj1gmlghnif1gqf0bayr accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority usaa.versaic.com referer https://usaa.versaic.com/login :scheme https sec-fetch-site same-origin :method GET Referer https://usaa.versaic.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 10 Jun 2021 16:02:46 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 04 Jun 2021 17:38:48 GMT server Server etag "08476796859d71:0" x-frame-options SAMEORIGIN content-type application/javascript cache-control max-age=86400 strict-transport-security max-age=31536000 accept-ranges bytes vary Accept-Encoding content-length 53797 x-xss-protection 1; mode=block
GET H2	200	vendors~builder~paymentmanager~utils.27a85f6a3ba469bf4dd2.bundle.js Show response usaa.versaic.com/bundles/js/vendors~builder~paymentmanager~utils/	18 KB 9 KB	137ms 134ms	Script application/javascript	18.205.45.140 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://usaa.versaic.com/bundles/js/vendors~builder~paymentmanager~utils/vendors~builder~paymentmanager~utils.27a85f6a3ba469bf4dd2.bundle.js Requested by Host: usaa.versaic.com URL: https://usaa.versaic.com/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.205.45.140 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-205-45-140.compute-1.amazonaws.com Software Server / Resource Hash 15ca61daf6075326522f17f68bf78b58e3b799fc8b1e299f8cd20512a6b9a594 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :path /bundles/js/vendors~builder~paymentmanager~utils/vendors~builder~paymentmanager~utils.27a85f6a3ba469bf4dd2.bundle.js pragma no-cache cookie ASP.NET_SessionId=2crvkj1gmlghnif1gqf0bayr accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority usaa.versaic.com referer https://usaa.versaic.com/login :scheme https sec-fetch-site same-origin :method GET Referer https://usaa.versaic.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 10 Jun 2021 16:02:46 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 04 Jun 2021 17:38:48 GMT server Server etag "08476796859d71:0" x-frame-options SAMEORIGIN content-type application/javascript cache-control max-age=86400 strict-transport-security max-age=31536000 accept-ranges bytes vary Accept-Encoding content-length 8625 x-xss-protection 1; mode=block
GET H2	200	vendors~paymentmanager~utils.e37c6bdc0bf8094e9e50.bundle.js Show response usaa.versaic.com/bundles/js/vendors~paymentmanager~utils/	2 MB 816 KB	189ms 186ms	Script application/javascript	18.205.45.140 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://usaa.versaic.com/bundles/js/vendors~paymentmanager~utils/vendors~paymentmanager~utils.e37c6bdc0bf8094e9e50.bundle.js Requested by Host: usaa.versaic.com URL: https://usaa.versaic.com/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.205.45.140 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-205-45-140.compute-1.amazonaws.com Software Server / Resource Hash fab645c5a96e81c55f3227eea84ddd3a7b4a6c007e0eb62aa2183d39b17f4e6d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :path /bundles/js/vendors~paymentmanager~utils/vendors~paymentmanager~utils.e37c6bdc0bf8094e9e50.bundle.js pragma no-cache cookie ASP.NET_SessionId=2crvkj1gmlghnif1gqf0bayr accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority usaa.versaic.com referer https://usaa.versaic.com/login :scheme https sec-fetch-site same-origin :method GET Referer https://usaa.versaic.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 10 Jun 2021 16:02:46 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 04 Jun 2021 17:38:50 GMT server Server etag "0b1a77a6859d71:0" x-frame-options SAMEORIGIN content-type application/javascript cache-control max-age=86400 strict-transport-security max-age=31536000 accept-ranges bytes vary Accept-Encoding x-xss-protection 1; mode=block
GET H2	200	utils.85fc5fb50c323257c0e0.bundle.js Show response usaa.versaic.com/bundles/js/utils/	110 KB 24 KB	147ms 144ms	Script application/javascript	18.205.45.140 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://usaa.versaic.com/bundles/js/utils/utils.85fc5fb50c323257c0e0.bundle.js Requested by Host: usaa.versaic.com URL: https://usaa.versaic.com/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.205.45.140 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-205-45-140.compute-1.amazonaws.com Software Server / Resource Hash d972dc3c50ab6bad23fcb15ae1a7bc034eacfd12abeb60976d7b53f99545b61e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :path /bundles/js/utils/utils.85fc5fb50c323257c0e0.bundle.js pragma no-cache cookie ASP.NET_SessionId=2crvkj1gmlghnif1gqf0bayr accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority usaa.versaic.com referer https://usaa.versaic.com/login :scheme https sec-fetch-site same-origin :method GET Referer https://usaa.versaic.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 10 Jun 2021 16:02:46 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 04 Jun 2021 17:38:48 GMT server Server etag "08476796859d71:0" x-frame-options SAMEORIGIN content-type application/javascript cache-control max-age=86400 strict-transport-security max-age=31536000 accept-ranges bytes vary Accept-Encoding content-length 24520 x-xss-protection 1; mode=block
GET H2	200	fontawesome.286c18383b1d9092fb9a.bundle.js Show response usaa.versaic.com/bundles/js/fontawesome/	182 KB 45 KB	197ms 194ms	Script application/javascript	18.205.45.140 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://usaa.versaic.com/bundles/js/fontawesome/fontawesome.286c18383b1d9092fb9a.bundle.js Requested by Host: usaa.versaic.com URL: https://usaa.versaic.com/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.205.45.140 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-205-45-140.compute-1.amazonaws.com Software Server / Resource Hash 9fad519998a5206fe55799368ca31bfa8576eaa82447e542053a8a563b2a2d0f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :path /bundles/js/fontawesome/fontawesome.286c18383b1d9092fb9a.bundle.js pragma no-cache cookie ASP.NET_SessionId=2crvkj1gmlghnif1gqf0bayr accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority usaa.versaic.com referer https://usaa.versaic.com/login :scheme https sec-fetch-site same-origin :method GET Referer https://usaa.versaic.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 10 Jun 2021 16:02:46 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 04 Jun 2021 17:38:44 GMT server Server etag "02a14776859d71:0" x-frame-options SAMEORIGIN content-type application/javascript cache-control max-age=86400 strict-transport-security max-age=31536000 accept-ranges bytes vary Accept-Encoding content-length 45688 x-xss-protection 1; mode=block
GET H2	200	62a92c37270a66552f72.bundle.js Show response usaa.versaic.com/App_Themes/USAA/	1 KB 980 B	122ms 119ms	Script application/javascript	18.205.45.140 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://usaa.versaic.com/App_Themes/USAA/62a92c37270a66552f72.bundle.js Requested by Host: usaa.versaic.com URL: https://usaa.versaic.com/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.205.45.140 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-205-45-140.compute-1.amazonaws.com Software Server / Resource Hash 6bcdc71b0e91b5fe41d2965849e698ab043edb81ea07ea87c291b50f906cc5e3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :path /App_Themes/USAA/62a92c37270a66552f72.bundle.js pragma no-cache cookie ASP.NET_SessionId=2crvkj1gmlghnif1gqf0bayr accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority usaa.versaic.com referer https://usaa.versaic.com/login :scheme https sec-fetch-site same-origin :method GET Referer https://usaa.versaic.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 10 Jun 2021 16:02:46 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 04 Jun 2021 17:38:42 GMT server Server etag "0fde2756859d71:0" x-frame-options SAMEORIGIN content-type application/javascript cache-control max-age=86400 strict-transport-security max-age=31536000 accept-ranges bytes vary Accept-Encoding content-length 661 x-xss-protection 1; mode=block
GET H2	200	jquery.bundle.js Show response usaa.versaic.com/bundles/js/jquery/	274 KB 108 KB	218ms 216ms	Script application/javascript	18.205.45.140 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://usaa.versaic.com/bundles/js/jquery/jquery.bundle.js Requested by Host: usaa.versaic.com URL: https://usaa.versaic.com/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.205.45.140 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-205-45-140.compute-1.amazonaws.com Software Server / Resource Hash 5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :path /bundles/js/jquery/jquery.bundle.js pragma no-cache cookie ASP.NET_SessionId=2crvkj1gmlghnif1gqf0bayr accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority usaa.versaic.com referer https://usaa.versaic.com/login :scheme https sec-fetch-site same-origin :method GET Referer https://usaa.versaic.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 10 Jun 2021 16:02:46 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 04 Jun 2021 17:38:44 GMT server Server etag "02a14776859d71:0" x-frame-options SAMEORIGIN content-type application/javascript cache-control max-age=86400 strict-transport-security max-age=31536000 accept-ranges bytes vary Accept-Encoding x-xss-protection 1; mode=block
GET H2	200	jqueryui.8830b0a36b62b21a6219.bundle.js Show response usaa.versaic.com/bundles/js/jqueryui/	364 KB 122 KB	230ms 227ms	Script application/javascript	18.205.45.140 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://usaa.versaic.com/bundles/js/jqueryui/jqueryui.8830b0a36b62b21a6219.bundle.js Requested by Host: usaa.versaic.com URL: https://usaa.versaic.com/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.205.45.140 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-205-45-140.compute-1.amazonaws.com Software Server / Resource Hash 7b1d7be1e7a5cbb230384a5ad0a04c16d19d0e2ef34494b6088ae17cccc12bcf Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :path /bundles/js/jqueryui/jqueryui.8830b0a36b62b21a6219.bundle.js pragma no-cache cookie ASP.NET_SessionId=2crvkj1gmlghnif1gqf0bayr accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority usaa.versaic.com referer https://usaa.versaic.com/login :scheme https sec-fetch-site same-origin :method GET Referer https://usaa.versaic.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 10 Jun 2021 16:02:46 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 04 Jun 2021 17:38:44 GMT server Server etag "02a14776859d71:0" x-frame-options SAMEORIGIN content-type application/javascript cache-control max-age=86400 strict-transport-security max-age=31536000 accept-ranges bytes vary Accept-Encoding x-xss-protection 1; mode=block
GET H2	200	ai.0.js Show response az416426.vo.msecnd.net/scripts/a/	94 KB 22 KB	7ms 6ms	Script application/x-javascript	2606:2800:233:1cb7:261b:1f9c:2074:3c EDGECAST
General Check archive.org Show headers Download Go to Full URL https://az416426.vo.msecnd.net/scripts/a/ai.0.js Requested by Host: usaa.versaic.com URL: https://usaa.versaic.com/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/8FA5) / Resource Hash 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e Request headers Referer https://usaa.versaic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 10 Jun 2021 16:02:46 GMT content-encoding gzip x-ms-meta-lastmodified 2020-10-01 19:31:04 content-md5 HdY95yzx9wIyQkVEGES+Ew== age 337 x-cache HIT content-length 22495 x-ms-lease-status unlocked last-modified Thu, 11 Mar 2021 07:46:59 GMT server ECAcc (frc/8FA5) etag 0x8D8E461DA1A5889 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 9bb70958-201e-0042-4511-5e51f5000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding cache-control public, max-age=1800 x-ms-version 2009-09-19 expires Thu, 10 Jun 2021 16:32:46 GMT
GET DATA	200 OK	truncated /	371 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e35546735eb03b4dbe9fe43f58282233b86bdd17c0ff7cc18cd43c23b79d304d Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
POST H2	204	collect www.google-analytics.com/g/	0 72 B	13ms 13ms	Ping text/plain	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-YYFWGWWF5Y&gtm=2oe621&_p=1891376661&sr=1600x1200&ul=en-us&cid=1316701328.1623340967&_s=1&dl=https%3A%2F%2Fusaa.versaic.com%2Flogin&dt=Login&sid=1623340966&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-YYFWGWWF5Y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://usaa.versaic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Thu, 10 Jun 2021 16:02:46 GMT server Golfe2 content-type text/plain access-control-allow-origin https://usaa.versaic.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated /	9 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 13691a9c891152f816fb92e724ffd600219dc90470d7351d19960e16258076a1 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	782 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 68284c567ffbfa72b264ea6e3a1525e39dafcf61d6b5c9550d1b4e8811497008 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	244 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e48418b4f6e3f9acc39af4e716cc1bbe3d6902c7f4161601e34991c3bb8a8a79 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	318 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a8133ad006eaf7f2fc78705a54df99db898f21f723d6c9069008d08eee27efda Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H2	200	benevity_logo.svg usaa.versaic.com/styles/images/	8 KB 9 KB	104ms 104ms	Image image/svg+xml	18.205.45.140 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://usaa.versaic.com/styles/images/benevity_logo.svg Requested by Host: usaa.versaic.com URL: https://usaa.versaic.com/styles/default.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.205.45.140 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-205-45-140.compute-1.amazonaws.com Software Server / Resource Hash 74fea8c1e5e859484088a657b396e86a35eac6601ba1c294b43b82e6da11423d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :path /styles/images/benevity_logo.svg pragma no-cache cookie ASP.NET_SessionId=2crvkj1gmlghnif1gqf0bayr; ai_user=nVTrx|2021-06-10T16:02:46.494Z; _ga_YYFWGWWF5Y=GS1.1.1623340966.1.0.1623340966.0; _ga=GA1.1.1316701328.1623340967 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority usaa.versaic.com referer https://usaa.versaic.com/styles/default.css :scheme https sec-fetch-site same-origin :method GET Referer https://usaa.versaic.com/styles/default.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 10 Jun 2021 16:02:47 GMT x-content-type-options nosniff last-modified Mon, 01 Feb 2021 10:01:16 GMT server Server etag "07efc2d81f8d61:0" x-frame-options SAMEORIGIN content-type image/svg+xml cache-control max-age=86400 strict-transport-security max-age=31536000 accept-ranges bytes content-length 8595 x-xss-protection 1; mode=block
GET H2	200	Rovensys.ttf usaa.versaic.com/styles/	70 KB 70 KB	101ms 101ms	Font application/octet-stream	18.205.45.140 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://usaa.versaic.com/styles/Rovensys.ttf? Requested by Host: usaa.versaic.com URL: https://usaa.versaic.com/styles/default.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.205.45.140 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-205-45-140.compute-1.amazonaws.com Software Server / Resource Hash 79312795be893a40ed1788bbf521325a8b258af4233a261a6dbb8bf93ec4e224 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-fetch-mode cors origin https://usaa.versaic.com accept-encoding gzip, deflate, br accept-language en-US sec-fetch-dest font cookie ASP.NET_SessionId=2crvkj1gmlghnif1gqf0bayr; ai_user=nVTrx|2021-06-10T16:02:46.494Z; _ga_YYFWGWWF5Y=GS1.1.1623340966.1.0.1623340966.0; _ga=GA1.1.1316701328.1623340967 :path /styles/Rovensys.ttf? pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept */* cache-control no-cache :authority usaa.versaic.com referer https://usaa.versaic.com/styles/default.css :scheme https sec-fetch-site same-origin :method GET Origin https://usaa.versaic.com Referer https://usaa.versaic.com/styles/default.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 10 Jun 2021 16:02:47 GMT x-content-type-options nosniff last-modified Mon, 01 Feb 2021 10:01:16 GMT server Server etag "07efc2d81f8d61:0" x-frame-options SAMEORIGIN content-type application/octet-stream cache-control max-age=86400 strict-transport-security max-age=31536000 accept-ranges bytes content-length 71204 x-xss-protection 1; mode=block
OPTIONS H2	200	track dc.services.visualstudio.com/v2/	0 0	32ms 32ms	Preflight	52.236.186.210 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dc.services.visualstudio.com/v2/track Protocol H2 Server 52.236.186.210 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type,sdk-context Origin https://usaa.versaic.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers access-control-allow-methods POST access-control-allow-headers Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context access-control-allow-origin * access-control-max-age 3600 x-content-type-options nosniff date Thu, 10 Jun 2021 16:02:47 GMT content-length 0
POST H2	200	track Show response dc.services.visualstudio.com/v2/	96 B 163 B	412ms 412ms	XHR application/json	52.236.186.210 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dc.services.visualstudio.com/v2/track Requested by Host: az416426.vo.msecnd.net URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.236.186.210 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 4a05f02d49016963077e2e2ebe06fe2092df3798d75cb86bc876bea3daded035 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://usaa.versaic.com/ Sdk-Context appId User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-type application/json Response headers x-ms-session-id FEA2C0DC-2215-41D4-A424-AD6598C699E4 strict-transport-security max-age=31536000 x-content-type-options nosniff date Thu, 10 Jun 2021 16:02:47 GMT access-control-max-age 3600 content-type application/json; charset=utf-8 access-control-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context content-length 96

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: USAA (Banking)

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| gtag object| dataLayer object| appInsights object| theForm function| __doPostBack object| AI object| Microsoft function| __extends function| _endsWith function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY object| google_tag_manager string| Page_ValidationVer boolean| Page_IsValid boolean| Page_BlockSubmit object| Page_InvalidControlToBeFocused object| Page_TextTypes function| ValidatorUpdateDisplay function| ValidatorUpdateIsValid function| AllValidatorsValid function| ValidatorHookupControlID function| ValidatorHookupControl function| ValidatorHookupEvent function| ValidatorGetValue function| ValidatorGetValueRecursive function| Page_ClientValidate function| ValidatorCommonOnSubmit function| ValidatorEnable function| ValidatorOnChange function| ValidatedTextBoxOnKeyPress function| ValidatedControlOnBlur function| ValidatorValidate function| ValidatorSetFocus function| IsInVisibleContainer function| IsValidationGroupMatch function| ValidatorOnLoad function| ValidatorConvert function| ValidatorCompare function| CompareValidatorEvaluateIsValid function| CustomValidatorEvaluateIsValid function| RegularExpressionValidatorEvaluateIsValid function| ValidatorTrim function| RequiredFieldValidatorEvaluateIsValid function| RangeValidatorEvaluateIsValid function| ValidationSummaryOnSubmit function| $get function| $create function| $addHandler function| $addHandlers function| $clearHandlers object| Sys function| Type function| $removeHandler object| _events function| $find object| google_tag_data object| gaGlobal object| webpackJsonp_name_ object| utils object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| fontawesome object| lib_USAA function| $ function| jQuery object| jqueryui function| WebForm_OnSubmit function| onYouTubeIframeAPIReady

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.versaic.com/	1970-01-20 12:26:52	Name: _ga_YYFWGWWF5Y Value: GS1.1.1623340966.1.0.1623340966.0
			.versaic.com/	1970-01-20 12:26:52	Name: _ga Value: GA1.1.1316701328.1623340967
			usaa.versaic.com/	1970-01-20 03:41:16	Name: ai_user Value: nVTrx|2021-06-10T16:02:46.494Z
			usaa.versaic.com/	1970-01-19 18:55:42	Name: ai_session Value: +FYFn|1623340967396.8|1623340967396.8
			usaa.versaic.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 2crvkj1gmlghnif1gqf0bayr

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
dc.services.visualstudio.com
usaa.versaic.com
www.google-analytics.com
www.googletagmanager.com
18.205.45.140
2606:2800:233:1cb7:261b:1f9c:2074:3c
2a00:1450:4001:801::2008
2a00:1450:4001:813::200e
52.236.186.210
13691a9c891152f816fb92e724ffd600219dc90470d7351d19960e16258076a1
151352de1594c2a9ad13c1c5b45913db7bad9e258fafb4840c4656d0292f518c
15ca61daf6075326522f17f68bf78b58e3b799fc8b1e299f8cd20512a6b9a594
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
4a05f02d49016963077e2e2ebe06fe2092df3798d75cb86bc876bea3daded035
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
566f0cb5c102c4781559dcc1d18f96d164fd68040da9eb48c061159900ac6874
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55
5f10b17d21645dd8171653a4febe87b1cac0fa1a841e408aec1aa240fae5c4fa
68284c567ffbfa72b264ea6e3a1525e39dafcf61d6b5c9550d1b4e8811497008
6bcdc71b0e91b5fe41d2965849e698ab043edb81ea07ea87c291b50f906cc5e3
74fea8c1e5e859484088a657b396e86a35eac6601ba1c294b43b82e6da11423d
79312795be893a40ed1788bbf521325a8b258af4233a261a6dbb8bf93ec4e224
7b1d7be1e7a5cbb230384a5ad0a04c16d19d0e2ef34494b6088ae17cccc12bcf
924cc6191727d53c1e245c4ea7a6580c7b6ba448532005146f33acaab87fe704
92808bd37e111ae309beb1110fed6a87d467c36a0f126c65cb60b83c2eb1c38b
9f9425c961900c8d8b3b30085c3969eef0c845a11c5be9fad704d160c64a12f5
9fad519998a5206fe55799368ca31bfa8576eaa82447e542053a8a563b2a2d0f
a3eccffa9a8a01f4054b733d7be3537a9df749c25a73cc552a7a5dcdcf4f7680
a48a24efa13806294b4e22b1d9c061b2faf9b0626271d66d9a8fbd035ef22d39
a8133ad006eaf7f2fc78705a54df99db898f21f723d6c9069008d08eee27efda
c088cfd63b5f9c338a24fbf3f022402a5bfae13937f50a96211c7252da5f4dd0
d972dc3c50ab6bad23fcb15ae1a7bc034eacfd12abeb60976d7b53f99545b61e
e35546735eb03b4dbe9fe43f58282233b86bdd17c0ff7cc18cd43c23b79d304d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44c3b782978c44af9885b97302632e45ff19d01ecb745e91d21cf597c22cb29
e48418b4f6e3f9acc39af4e716cc1bbe3d6902c7f4161601e34991c3bb8a8a79
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
fab645c5a96e81c55f3227eea84ddd3a7b4a6c007e0eb62aa2183d39b17f4e6d