loandepot.cyberincidentupdate.com Open in urlscan Pro
192.124.249.30 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://loandepot.cyberincidentupdate.com/
Submission: On February 01 via manual (February 1st 2024, 10:04:03 pm UTC) from US — Scanned from US

Summary HTTP 28 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 5 domains to perform 28 HTTP transactions. The main IP is 192.124.249.30, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is loandepot.cyberincidentupdate.com. The Cisco Umbrella rank of the primary domain is 453473.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on January 6th 2024. Valid for: a year.

This is the only time loandepot.cyberincidentupdate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	192.124.249.30 192.124.249.30	30148 (SUCURI-SEC) (SUCURI-SEC)
2	2607:f8b0:400... 2607:f8b0:4006:823::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80f::2008	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
28	6

18 192.124.249.30 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10030.sucuri.net

loandepot.cyberincidentupdate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81e::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	cyberincidentupdate.com loandepot.cyberincidentupdate.com — Cisco Umbrella Rank: 453473	161 KB
4	gstatic.com fonts.gstatic.com	71 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	154 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	3 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	266 B
28	5

	Domain	Requested by
18	loandepot.cyberincidentupdate.com	loandepot.cyberincidentupdate.com
4	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	loandepot.cyberincidentupdate.com www.googletagmanager.com
2	fonts.googleapis.com	loandepot.cyberincidentupdate.com
1	www.google-analytics.com	www.googletagmanager.com
28	5

This site contains links to these domains. Also see Links.

Domain
media.loandepot.com
servicing.loandepot.com
www.mellohome.com
apply.loandepot.com
myheloc.loandepot.com
www.loandepot.com

Subject Issuer	Validity	Valid
loandepot.cyberincidentupdate.com Starfield Secure Certificate Authority - G2	`2024-01-06` - `2025-01-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://loandepot.cyberincidentupdate.com/
Frame ID: 406A2EC5F5845FF23F4CF356A7FCA4E8
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

loanDepot - Mortgage Lender

Page URL History Show full URLs

https://loandepot.cyberincidentupdate.com/ Page URL
https://loandepot.cyberincidentupdate.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

28
Requests

96 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

6
IPs

1
Countries

389 kB
Transfer

834 kB
Size

3
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://media.loandepot.com/news-releases/press-release-details/2024/loanDepot-Provides-Update-on-Cyber-Incident/default.aspx
Title: update

Search URL Search Domain Scan URL

URL: https://servicing.loandepot.com/
Title: Servicing customer portal

Search URL Search Domain Scan URL

URL: https://www.mellohome.com/
Title: website

Search URL Search Domain Scan URL

URL: https://apply.loandepot.com/user/login
Title: MyloanDepot customer portal

Search URL Search Domain Scan URL

URL: https://myheloc.loandepot.com/
Title: HELOC customer portal

Search URL Search Domain Scan URL

URL: https://www.loandepot.com/privacypolicy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://loandepot.cyberincidentupdate.com/ Page URL
https://loandepot.cyberincidentupdate.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 /
loandepot.cyberincidentupdate.com/ 2 KB
2 KB 138ms
26ms Document
text/html 192.124.249.30
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://loandepot.cyberincidentupdate.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.30 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10030.sucuri.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-security-policy: upgrade-insecure-requests;
content-type: text/html
date: Thu, 01 Feb 2024 22:03:57 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-sucuri-id: 20030
x-xss-protection: 1; mode=block

GET
H2 200 Primary Request / Show response
loandepot.cyberincidentupdate.com/ 28 KB
8 KB 174ms
173ms Document
text/html 192.124.249.30
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://loandepot.cyberincidentupdate.com/

Requested by

Host: loandepot.cyberincidentupdate.com
URL: https://loandepot.cyberincidentupdate.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.30 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10030.sucuri.net

Software

nginx /

Resource Hash

5b5a8afbf00b547e1e664de9b4b9a1510e6a3ea82e566ff1b4e5b346a12b8790

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://loandepot.cyberincidentupdate.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84ed7cc98adc2c97-ORD
content-encoding: br
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
date: Thu, 01 Feb 2024 22:03:58 GMT
ki-cache-type: None
ki-cf-cache-status: BYPASS
ki-edge: v=20.2.6;mv=3.0.2
ki-origin: g1p
link: <https://loandepot.cyberincidentupdate.com/wp-json/>; rel="https://api.w.org/", <https://loandepot.cyberincidentupdate.com/wp-json/wp/v2/pages/17>; rel="alternate"; type="application/json", <https://loandepot.cyberincidentupdate.com/>; rel=shortlink
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ukK3UA%2BSHvpSfd4iyMzzfWndcxu6ORCcEAoOxLW%2BxMx6MrkMjLts8zgz7pjylJAD99ksYz9SEJQGIoD%2FHktyEEpmbrkJWPmf0zATgJ4ZM4%2B2iCWQ74bmYKbvE%2B9uEnGQz2AbeR%2Bqlqe%2FTyPbCArl7oj7Iw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-edge-location-klb: 1
x-frame-options: SAMEORIGIN
x-kinsta-cache: HIT
x-sucuri-cache: BYPASS
x-sucuri-id: 20030
x-xss-protection: 1; mode=block

GET
H2 200 wp-disclaimer-popup-public.css
loandepot.cyberincidentupdate.com/wp-content/plugins/disclaimer-popup/public/css/ 982 B
1 KB 29ms
26ms Stylesheet
text/css 192.124.249.30
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://loandepot.cyberincidentupdate.com/wp-content/plugins/disclaimer-popup/public/css/wp-disclaimer-popup-public.css?ver=1.1.3

Requested by

Host: loandepot.cyberincidentupdate.com
URL: https://loandepot.cyberincidentupdate.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.30 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10030.sucuri.net

Software

nginx /

Resource Hash

e161b6f50760cf515e3ef1dc13eadbc76289ce1f947eb3508b701c36f582541e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://loandepot.cyberincidentupdate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 22:03:58 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff, nosniff
content-security-policy: upgrade-insecure-requests;
cf-cache-status: DYNAMIC
ki-edge: v=20.2.5;mv=3.0.1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
ki-origin: g1p
x-sucuri-cache: HIT
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 07 Jan 2024 05:14:12 GMT
server: nginx
etag: W/"659a3324-3d6"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i77rV44c6yjPQqgdFSUIciKr7pNI3B1VxzFbfScyIerIavMnsQbnlcjXSNTckyyCSpyUeLQ5dEWbPPLtY86kFOckqNjTOXWeRiIkntC64jMeQsw9jx%2F7jk8O5G3EoKOwt3HyweD3u34dZWudg3rQOFufOA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-sucuri-id: 20030
ki-cache-type: None
cf-ray: 843f38c43cef108c-ORD
ki-cf-cache-status: BYPASS
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-disclaimer-popup-public.gen.css
loandepot.cyberincidentupdate.com/wp-content/plugins/disclaimer-popup/public/css/ 1009 B
1 KB 29ms
27ms Stylesheet
text/css 192.124.249.30
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://loandepot.cyberincidentupdate.com/wp-content/plugins/disclaimer-popup/public/css/wp-disclaimer-popup-public.gen.css?ver=1.1.3

Requested by

Host: loandepot.cyberincidentupdate.com
URL: https://loandepot.cyberincidentupdate.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.30 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10030.sucuri.net

Software

nginx /

Resource Hash

14ef68171b34779aefd2a52ac9b00719ae11d27b094a9e8853998d039a7f80aa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://loandepot.cyberincidentupdate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 22:03:58 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff, nosniff
content-security-policy: upgrade-insecure-requests;
cf-cache-status: DYNAMIC
ki-edge: v=20.2.6;mv=3.0.2
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-origin: g1p
x-sucuri-cache: HIT
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 26 Jan 2024 20:04:32 GMT
server: nginx
etag: W/"65b41050-3f1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IM%2F%2BNt8az0KvmwqkVVMvz0hMwg7N40wKNN1rAYn3C3BwahP39cGfQXzpB65mUvkHl%2FuXQHOUFbXhjbgtYhXseShZooMTo6N1vTJrCouQits8VYz7phc5vplc142u9kVENyoKys1SlPlVN8YGcdfpcfRUDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-sucuri-id: 20030
ki-cache-type: None
cf-ray: 84bb6f950c090271-ORD
ki-cf-cache-status: BYPASS
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 magnific-popup.css
loandepot.cyberincidentupdate.com/wp-content/plugins/disclaimer-popup/public/css/ 7 KB
3 KB 30ms
27ms Stylesheet
text/css 192.124.249.30
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://loandepot.cyberincidentupdate.com/wp-content/plugins/disclaimer-popup/public/css/magnific-popup.css?ver=1.1.3

Requested by

Host: loandepot.cyberincidentupdate.com
URL: https://loandepot.cyberincidentupdate.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.30 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10030.sucuri.net

Software

nginx /

Resource Hash

45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://loandepot.cyberincidentupdate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 22:03:58 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff, nosniff
content-security-policy: upgrade-insecure-requests;
cf-cache-status: DYNAMIC
ki-edge: v=20.2.5;mv=3.0.1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
ki-origin: g1p
x-sucuri-cache: HIT
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 07 Jan 2024 05:14:12 GMT
server: nginx
etag: W/"659a3324-1b27"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QICnuWYsgBso0Aa5kgkAKzXZwq7Sa7mflsqll4gRHwA9GrazWox38iHXt8KtFayCzhaHjKMZOFuiPt0V0xlTInDVHq%2BbUJDHselcuRZC489k%2Fttu%2BadCu4KkGnLU7Z4JNLE428LH06m3UsBUW9P7AnEdFg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-sucuri-id: 20030
ki-cache-type: None
cf-ray: 843f38c458a52a00-ORD
ki-cf-cache-status: BYPASS
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
614 B 111ms
54ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins%3Awght%40300%3B400%3B500%3B700&display=swap&ver=6.4.3

Requested by

Host: loandepot.cyberincidentupdate.com
URL: https://loandepot.cyberincidentupdate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46f8cce0826f2b934c7ef9af81e9667f64a36dca24ff6782e09b298e79480cbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://loandepot.cyberincidentupdate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 01 Feb 2024 22:03:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 20:18:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Feb 2024 22:03:58 GMT

GET
H2 200 css2
fonts.googleapis.com/ 17 KB
2 KB 98ms
41ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans%3Awght%40300%3B700%3B800&display=swap&ver=6.4.3

Requested by

Host: loandepot.cyberincidentupdate.com
URL: https://loandepot.cyberincidentupdate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3653380c55b7741b1752ba421713b5890d1afd7ea0f21da5eadd61403aa9a2ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://loandepot.cyberincidentupdate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 01 Feb 2024 22:03:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 22:03:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Feb 2024 22:03:58 GMT

GET
H2 200 theme.css
loandepot.cyberincidentupdate.com/wp-content/themes/ns-fgs-ld/css/ 23 KB
7 KB 30ms
28ms Stylesheet
text/css 192.124.249.30
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://loandepot.cyberincidentupdate.com/wp-content/themes/ns-fgs-ld/css/theme.css?ver=1704918897

Requested by

Host: loandepot.cyberincidentupdate.com
URL: https://loandepot.cyberincidentupdate.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.30 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10030.sucuri.net

Software

nginx /

Resource Hash

11343d75b42d0c0ea6c3313e7901f9e8497bb6a4a463fb70e994391fc37911d1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://loandepot.cyberincidentupdate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 22:03:58 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff, nosniff
content-security-policy: upgrade-insecure-requests;
cf-cache-status: DYNAMIC
ki-edge: v=20.2.5;mv=3.0.1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
ki-origin: g1p
x-sucuri-cache: HIT
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Jan 2024 20:34:57 GMT
server: nginx
etag: W/"659eff71-5c80"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hgv1fXd7SxkHCuvjaJzgy0kXZwFMJaRU2lotf5blbKM08SJcnl2zkg2oglW%2Fs2WSVM4k1rW3DNBrsPSep6muYUzoK5MIFNqBDwdwT9bacRt770zRSVNnsjxY%2BVBnfpxNYbloSE0SuCZhhbaY0xGyPA6X%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-sucuri-id: 20030
ki-cache-type: None
cf-ray: 843f38c45c77113e-ORD
ki-cf-cache-status: BYPASS
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
loandepot.cyberincidentupdate.com/wp-content/themes/ns-fgs-ld/ 438 B
1 KB 30ms
29ms Stylesheet
text/css 192.124.249.30
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://loandepot.cyberincidentupdate.com/wp-content/themes/ns-fgs-ld/style.css?ver=1704918897

Requested by

Host: loandepot.cyberincidentupdate.com
URL: https://loandepot.cyberincidentupdate.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.30 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10030.sucuri.net

Software

nginx /

Resource Hash

64a4a111bda44f99f3ea3fb53d2ee0c152787389a60f7a7ac9059acd3adfc30c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://loandepot.cyberincidentupdate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 22:03:58 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff, nosniff
content-security-policy: upgrade-insecure-requests;
cf-cache-status: DYNAMIC
ki-edge: v=20.2.5;mv=3.0.1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
ki-origin: g1p
x-sucuri-cache: HIT
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Jan 2024 20:34:57 GMT
server: nginx
etag: W/"659eff71-1b6"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=04hrvoCw8u5YAlyoLnCAZjF7eP%2FErh%2F7n%2FI2yBaizo7zh1F1%2FHI5cFlPuFOwNxRtZR0yA%2FgSkacXNvCQwWwwZTlgBlvPsLqu4PfZUVY1KI63p4GjU7yjVnMqS5niifDS5Yuwwasnz6gTPYaiOX6oVfmAiw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-sucuri-id: 20030
ki-cache-type: None
cf-ray: 843f38c45de12c13-ORD
ki-cf-cache-status: BYPASS
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
loandepot.cyberincidentupdate.com/wp-includes/js/jquery/ 86 KB
32 KB 92ms
91ms Script
application/javascript 192.124.249.30
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://loandepot.cyberincidentupdate.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: loandepot.cyberincidentupdate.com
URL: https://loandepot.cyberincidentupdate.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.30 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10030.sucuri.net

Software

nginx /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://loandepot.cyberincidentupdate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 22:03:58 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff, nosniff
content-security-policy: upgrade-insecure-requests;
cf-cache-status: DYNAMIC
ki-edge: v=20.2.5;mv=3.0.1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
ki-origin: g1p
x-sucuri-cache: REVALIDATED
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 06 Jan 2024 00:07:30 GMT
server: nginx
etag: W/"659899c2-15601"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y2Siw%2FSNLHoX4VItqJQWY6UugxjAyiDDgturZmOXxi9oom6u%2BPmaQGgHyhIqkObqy4t4fEyX6g2jQFxYuclHOik2AJMjEfwL5mWX5ZePO63t4DM8N14U%2Fw2%2FhFhifCTXln4vk7Usjv6SEVd7SwqSw79tgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-sucuri-id: 20030
ki-cache-type: None
cf-ray: 843f38c45d736321-ORD
ki-cf-cache-status: BYPASS
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
loandepot.cyberincidentupdate.com/wp-includes/js/jquery/ 13 KB
6 KB 209ms
208ms Script
application/javascript 192.124.249.30
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://loandepot.cyberincidentupdate.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: loandepot.cyberincidentupdate.com
URL: https://loandepot.cyberincidentupdate.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.30 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10030.sucuri.net

Software

nginx /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://loandepot.cyberincidentupdate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 22:03:58 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff, nosniff
content-security-policy: upgrade-insecure-requests;
cf-cache-status: DYNAMIC
ki-edge: v=20.2.5;mv=3.0.1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
ki-origin: g1p
x-sucuri-cache: REVALIDATED
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 06 Jan 2024 00:07:30 GMT
server: nginx
etag: W/"659899c2-3509"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UFBrrbr6GgArpECX%2BPSAO1dJNPxFkcdYhqyfup2bXD86okM5Yu3T5tawSHDyEPq5Caj6n28kjSfqnrtKgPiKbNaE%2F9GO06a2ImQThU%2F7JXw4sN8o9dTX%2B52V2fsqud5%2FWhXqkv333A9HnyaDjmiFhyiEcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-sucuri-id: 20030
ki-cache-type: None
cf-ray: 843f38c45eb32d88-ORD
ki-cf-cache-status: BYPASS
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-disclaimer-popup-public.js Show response
loandepot.cyberincidentupdate.com/wp-content/plugins/disclaimer-popup/public/js/ 806 B
1 KB 224ms
223ms Script
application/javascript 192.124.249.30
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://loandepot.cyberincidentupdate.com/wp-content/plugins/disclaimer-popup/public/js/wp-disclaimer-popup-public.js?ver=1.1.3

Requested by

Host: loandepot.cyberincidentupdate.com
URL: https://loandepot.cyberincidentupdate.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.30 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10030.sucuri.net

Software

nginx /

Resource Hash

02548d1eeff2e982503c490ad2fce9f8bc9f31c6a2a535a1961d6e3b0ca5ff59

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://loandepot.cyberincidentupdate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 22:03:58 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff, nosniff
content-security-policy: upgrade-insecure-requests;
cf-cache-status: DYNAMIC
ki-edge: v=20.2.5;mv=3.0.1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
ki-origin: g1p
x-sucuri-cache: REVALIDATED
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 07 Jan 2024 05:14:12 GMT
server: nginx
etag: W/"659a3324-326"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=De6OShmNa0TVEV8wkCa4sQfMvux%2FxXX9HyOSk4k5O9GQvaw9w9X3lZQKP9dXiNdABs%2FCXZ5mdLGRMxMAF2CHVRdfWUsXbTDjh%2B3tO9Lwf7Et%2FXG1hhXXQpVKM4F%2Bo6k1S5rgMz6J6gwf8PIkJc4cqEoYOw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-sucuri-id: 20030
ki-cache-type: None
cf-ray: 843f38c45bfe0298-ORD
ki-cf-cache-status: BYPASS
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 admin-min.js Show response
loandepot.cyberincidentupdate.com/wp-content/themes/ns-core-theme/js/ 139 B
993 B 52ms
51ms Script
application/javascript 192.124.249.30
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://loandepot.cyberincidentupdate.com/wp-content/themes/ns-core-theme/js/admin-min.js?ver=6.4.3

Requested by

Host: loandepot.cyberincidentupdate.com
URL: https://loandepot.cyberincidentupdate.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.30 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10030.sucuri.net

Software

nginx /

Resource Hash

9a87d07465ace1dcf768a3d5538ae9348957e13280103b10e9d43281a2f0772c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://loandepot.cyberincidentupdate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 22:03:58 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff, nosniff
content-security-policy: upgrade-insecure-requests;
cf-cache-status: DYNAMIC
ki-edge: v=20.2.6;mv=3.0.2
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-origin: g1p
x-sucuri-cache: HIT
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Jan 2024 20:34:57 GMT
server: nginx
etag: W/"659eff71-8b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=csj8BZVWR7%2B6ICToScHfQUKa99foP67FlP8uKvD0pMvyIutVMKAMzjSwbyCluoX64oSTZ42KLKHz3VKiK5Gm4sWoEIvLTfP0ewgZDBuKIlEfScwVKu70NEhqtg5jFwHgL%2F5u6Lg99ifgiQCUbJFI9xoe7g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-sucuri-id: 20030
ki-cache-type: None
cf-ray: 84de53118dce108c-ORD
ki-cf-cache-status: BYPASS
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo-loanDepot-178x35-1.svg
loandepot.cyberincidentupdate.com/wp-content/uploads/2024/01/ 25 KB
19 KB 162ms
161ms Image
image/svg+xml 192.124.249.30
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://loandepot.cyberincidentupdate.com/wp-content/uploads/2024/01/logo-loanDepot-178x35-1.svg

Requested by

Host: loandepot.cyberincidentupdate.com
URL: https://loandepot.cyberincidentupdate.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.30 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10030.sucuri.net

Software

nginx /

Resource Hash

89dd474565a538dff1416950be42fa6dfb3733039a511c6ef5f4e9c8d5708d00

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://loandepot.cyberincidentupdate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 22:03:58 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff, nosniff
content-security-policy: upgrade-insecure-requests;
cf-cache-status: DYNAMIC
ki-edge: v=20.2.5;mv=3.0.1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
ki-origin: g1p
x-sucuri-cache: REVALIDATED
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 07 Jan 2024 05:21:44 GMT
server: nginx
etag: W/"659a34e8-6281"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LYYBXDbVUST9rmOzJnndvs5fzpQaHOcAmy1BZkDlcWLmAIqX4xSlEL8o3ZHJUVIK1CK11OWDvff%2BqAEH0SccxqJXlnamWAT18YjrVBoB840jjpgtRWRUBw7M102Z2OVghtUf5kUrCW7dFMbLVVy0v48dxw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-sucuri-id: 20030
ki-cache-type: None
cf-ray: 843f38c45c4422c9-ORD
ki-cf-cache-status: BYPASS
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo-loanDepot-white-142x28-1.svg
loandepot.cyberincidentupdate.com/wp-content/uploads/2024/01/ 14 KB
11 KB 254ms
253ms Image
image/svg+xml 192.124.249.30
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://loandepot.cyberincidentupdate.com/wp-content/uploads/2024/01/logo-loanDepot-white-142x28-1.svg

Requested by

Host: loandepot.cyberincidentupdate.com
URL: https://loandepot.cyberincidentupdate.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.30 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10030.sucuri.net

Software

nginx /

Resource Hash

1ac17587ac81b17a5c010ce3ffcc1a200ef9462db285f673f5cdf520561369ab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://loandepot.cyberincidentupdate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 22:03:58 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff, nosniff
content-security-policy: upgrade-insecure-requests;
cf-cache-status: DYNAMIC
ki-edge: v=20.2.5;mv=3.0.1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
ki-origin: g1p
x-sucuri-cache: REVALIDATED
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 07 Jan 2024 05:16:24 GMT
server: nginx
etag: W/"659a33a8-3798"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=78vVP1nOgXAifgxguCwe3q7eBW6plvS6ibo%2FNxsABs%2BcEuOuEIYfCPLTioc2DWbRwJHaF6QvKVdqg59zn7VS3Uqjc3rugT%2F79pOxuhiaFqlnRJdQDqZfDXgzix96ubr9zDQ9QlcNYD8JVIzeO1zJ2Wy9pg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-sucuri-id: 20030
ki-cache-type: None
cf-ray: 843f38c4582a13ff-ORD
ki-cf-cache-status: BYPASS
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.magnific-popup.min.js Show response
loandepot.cyberincidentupdate.com/wp-content/plugins/disclaimer-popup/public/js/ 20 KB
8 KB 89ms
89ms Script
application/javascript 192.124.249.30
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://loandepot.cyberincidentupdate.com/wp-content/plugins/disclaimer-popup/public/js/jquery.magnific-popup.min.js?ver=1.1.3

Requested by

Host: loandepot.cyberincidentupdate.com
URL: https://loandepot.cyberincidentupdate.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.30 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10030.sucuri.net

Software

nginx /

Resource Hash

3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://loandepot.cyberincidentupdate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 22:03:58 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff, nosniff
content-security-policy: upgrade-insecure-requests;
cf-cache-status: DYNAMIC
ki-edge: v=20.2.5;mv=3.0.1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
ki-origin: g1p
x-sucuri-cache: REVALIDATED
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 07 Jan 2024 05:14:12 GMT
server: nginx
etag: W/"659a3324-4ef8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vEM8DDI5gYow%2FbG0fql0IH%2BmiqqBga88h0FfDqO5ZzBqrKrayB1rL%2FJZqHq3dRXKX%2F3m%2FVcCiYZQWlWk7gCB7McQ8e9NXTa63euH7hDN4dHuoZzaDwK2r%2BJQGFg1faPSHt6VXsMN7L6SYtHxMxLRkhBfsw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-sucuri-id: 20030
ki-cache-type: None
cf-ray: 843f38c5ae2422c9-ORD
ki-cf-cache-status: BYPASS
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js.cookie.js Show response
loandepot.cyberincidentupdate.com/wp-content/plugins/disclaimer-popup/public/js/ 4 KB
2 KB 93ms
92ms Script
application/javascript 192.124.249.30
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://loandepot.cyberincidentupdate.com/wp-content/plugins/disclaimer-popup/public/js/js.cookie.js?ver=1.1.3

Requested by

Host: loandepot.cyberincidentupdate.com
URL: https://loandepot.cyberincidentupdate.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.30 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10030.sucuri.net

Software

nginx /

Resource Hash

3fc8d8f8c09ee97d9c8cd4a6178ad0bd921a9cbe55c14513e0c06738c9dc8d15

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://loandepot.cyberincidentupdate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 22:03:58 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff, nosniff
content-security-policy: upgrade-insecure-requests;
cf-cache-status: DYNAMIC
ki-edge: v=20.2.5;mv=3.0.1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
ki-origin: g1p
x-sucuri-cache: REVALIDATED
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 07 Jan 2024 05:14:12 GMT
server: nginx
etag: W/"659a3324-f2b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EjGGsklIhneRxQXszQzYTjzUvoAfD6OJGOgTeXeI5QBalhIdLhwEnMXnE2Es%2ByEqw8Ph7oGYCb9%2FH716qlKO6NXy%2FjEjVtZZArDkiGbeuQ6FOxEx8ZNAWU0n4Lc0owW3yNwsFcnG%2FHUqvnJ82wVYJGhSDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-sucuri-id: 20030
ki-cache-type: None
cf-ray: 843f38c61af313ff-ORD
ki-cf-cache-status: BYPASS
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 site-min.js Show response
loandepot.cyberincidentupdate.com/wp-content/themes/ns-fgs-ld/js/ 312 B
1 KB 96ms
95ms Script
application/javascript 192.124.249.30
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://loandepot.cyberincidentupdate.com/wp-content/themes/ns-fgs-ld/js/site-min.js?ver=1704918897

Requested by

Host: loandepot.cyberincidentupdate.com
URL: https://loandepot.cyberincidentupdate.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.30 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10030.sucuri.net

Software

nginx /

Resource Hash

398b36a89dd380280e846cf2c99e219d776eb26150fe8fdb58330a9874453e54

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://loandepot.cyberincidentupdate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 22:03:58 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff, nosniff
content-security-policy: upgrade-insecure-requests;
cf-cache-status: DYNAMIC
ki-edge: v=20.2.5;mv=3.0.1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
ki-origin: g1p
x-sucuri-cache: REVALIDATED
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Jan 2024 20:34:57 GMT
server: nginx
etag: W/"659eff71-138"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n8z7DzWwQ3Rgy3B%2FH5VPNUgOjA8BwhWV5dHp55PlSNFXNKb5x7aD9YSbBOJuUD56kWzcrdp%2FXeF6b1hYHNDVcImTIFNP3DED1c03iWW6neSroaqNEtWpqnnfUoGW1R7avaTo2aa1K4vONxqHd7UF%2FUrFFA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-sucuri-id: 20030
ki-cache-type: None
cf-ray: 843f38c69b5a2a00-ORD
ki-cf-cache-status: BYPASS
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
BLOB 200
OK a3e128ba-4906-4396-b849-f88aefd1137b
https://loandepot.cyberincidentupdate.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://loandepot.cyberincidentupdate.com/a3e128ba-4906-4396-b849-f88aefd1137b
Requested by: Host: loandepot.cyberincidentupdate.com
URL: https://loandepot.cyberincidentupdate.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 172 KB
62 KB 120ms
63ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MJ9W79N3

Requested by

Host: loandepot.cyberincidentupdate.com
URL: https://loandepot.cyberincidentupdate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

61664bc32bf0120923459d3228bb11b7fba24aa2fea983e4069a62af6a8a42db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://loandepot.cyberincidentupdate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 22:03:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63155
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 21:29:50 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 01 Feb 2024 22:03:58 GMT

GET
H2 200 img-banner-multimedia-1440-scaled.jpg
loandepot.cyberincidentupdate.com/wp-content/uploads/2024/01/ 49 KB
50 KB 95ms
95ms Image
image/jpeg 192.124.249.30
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://loandepot.cyberincidentupdate.com/wp-content/uploads/2024/01/img-banner-multimedia-1440-scaled.jpg

Requested by

Host: loandepot.cyberincidentupdate.com
URL: https://loandepot.cyberincidentupdate.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.30 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10030.sucuri.net

Software

nginx /

Resource Hash

8605369997e147452c23d8722a3c45e1b65aa01fe8ca7bc29c76180f088efba5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://loandepot.cyberincidentupdate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 22:03:58 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff, nosniff
content-security-policy: upgrade-insecure-requests;
cf-cache-status: DYNAMIC
ki-edge: v=20.2.5;mv=3.0.1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-origin: g1p
x-sucuri-cache: REVALIDATED
alt-svc: h3=":443"; ma=86400
content-length: 50288
x-xss-protection: 1; mode=block
last-modified: Sun, 07 Jan 2024 05:19:13 GMT
server: nginx
etag: "659a3451-c470"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jv1UF3eYUixkSwZEJBD5OdshUBB3JGw6rW3XeZ82rhwCNa9xI138L5RUArb9B3ZTNnp77RD7I%2FrfeaT6Ee1DXX%2FvzdhDP8q6yayuKcTfqAuozkSZtoevi3ZgXFYEZjsKRDASgrfetWjphb2fPWEINspb9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 20030
ki-cache-type: None
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 843f38c72beb2a00-ORD
ki-cf-cache-status: BYPASS
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 86ms
27ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins%3Awght%40300%3B400%3B500%3B700&display=swap&ver=6.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://loandepot.cyberincidentupdate.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:11:18 GMT
x-content-type-options: nosniff
age: 46360
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:11:18 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 88ms
30ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans%3Awght%40300%3B700%3B800&display=swap&ver=6.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://loandepot.cyberincidentupdate.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:34:03 GMT
x-content-type-options: nosniff
age: 44995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:34:03 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 116ms
58ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins%3Awght%40300%3B400%3B500%3B700&display=swap&ver=6.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://loandepot.cyberincidentupdate.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:25:28 GMT
x-content-type-options: nosniff
age: 45510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7840
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:25:28 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 120ms
63ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins%3Awght%40300%3B400%3B500%3B700&display=swap&ver=6.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://loandepot.cyberincidentupdate.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:25:29 GMT
x-content-type-options: nosniff
age: 45509
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:25:29 GMT

GET
H2 200 wp-emoji-release.min.js Show response
loandepot.cyberincidentupdate.com/wp-includes/js/ 18 KB
5 KB 26ms
26ms Script
application/javascript 192.124.249.30
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://loandepot.cyberincidentupdate.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: loandepot.cyberincidentupdate.com
URL: https://loandepot.cyberincidentupdate.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.30 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10030.sucuri.net

Software

nginx /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://loandepot.cyberincidentupdate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 22:03:58 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff, nosniff
content-security-policy: upgrade-insecure-requests;
cf-cache-status: DYNAMIC
ki-edge: v=20.2.6;mv=3.0.2
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-origin: g1p
x-sucuri-cache: HIT
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 06 Jan 2024 00:07:30 GMT
server: nginx
etag: W/"659899c2-4904"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fdhmLfyDnNgoYXfSMWRlGByNzdeX3D%2BDQMDxwNwclbSDheWEpUoDu%2Ffq9mqJ2K4tJpJManj6AO%2FNSW5wb8OI4QadoYgZGZTOg57iQfGrwbJm2BhLxGs2x9gBdKWQ8vm8d8yN%2BMoVjk6OVP3NmkdfT2D%2FtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-sucuri-id: 20030
ki-cache-type: None
cf-ray: 84de531bfa84108c-ORD
ki-cf-cache-status: BYPASS
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 278 KB
92 KB 67ms
66ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JJLS3X39RS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJ9W79N3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c2aaf66089e78580b7861715f36150b1a9a428e8a554713005510fd0ffffba5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://loandepot.cyberincidentupdate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 22:03:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Feb 2024 22:03:58 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
266 B 103ms
40ms Ping
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-JJLS3X39RS&gtm=45je41v0v9174687717z89174685788za200&_p=1706825038709&gcd=11l1l1l1l1&npa=0&dma=0&cid=102827286.1706825039&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706825039&sct=1&seg=0&dl=https%3A%2F%2Floandepot.cyberincidentupdate.com%2F&dr=https%3A%2F%2Floandepot.cyberincidentupdate.com%2F&dt=loanDepot%20-%20Mortgage%20Lender&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=752
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JJLS3X39RS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://loandepot.cyberincidentupdate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 22:03:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://loandepot.cyberincidentupdate.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
loandepot.cyberincidentupdate.com/	1970-01-20 18:08:31	Name: sucuri_cloudproxy_uuid_a4af2829e Value: 4045c8cf119c38002e2e759eef8f34c3
.cyberincidentupdate.com/	1970-01-21 03:43:05	Name: _ga_JJLS3X39RS Value: GS1.1.1706825039.1.0.1706825039.0.0.0
.cyberincidentupdate.com/	1970-01-21 03:43:05	Name: _ga Value: GA1.1.102827286.1706825039

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
loandepot.cyberincidentupdate.com
www.google-analytics.com
www.googletagmanager.com
192.124.249.30
2001:4860:4802:38::178
2607:f8b0:4006:80f::2008
2607:f8b0:4006:81e::2003
2607:f8b0:4006:823::200a
02548d1eeff2e982503c490ad2fce9f8bc9f31c6a2a535a1961d6e3b0ca5ff59
11343d75b42d0c0ea6c3313e7901f9e8497bb6a4a463fb70e994391fc37911d1
14ef68171b34779aefd2a52ac9b00719ae11d27b094a9e8853998d039a7f80aa
1ac17587ac81b17a5c010ce3ffcc1a200ef9462db285f673f5cdf520561369ab
3653380c55b7741b1752ba421713b5890d1afd7ea0f21da5eadd61403aa9a2ab
398b36a89dd380280e846cf2c99e219d776eb26150fe8fdb58330a9874453e54
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3fc8d8f8c09ee97d9c8cd4a6178ad0bd921a9cbe55c14513e0c06738c9dc8d15
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
46f8cce0826f2b934c7ef9af81e9667f64a36dca24ff6782e09b298e79480cbc
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5b5a8afbf00b547e1e664de9b4b9a1510e6a3ea82e566ff1b4e5b346a12b8790
61664bc32bf0120923459d3228bb11b7fba24aa2fea983e4069a62af6a8a42db
64a4a111bda44f99f3ea3fb53d2ee0c152787389a60f7a7ac9059acd3adfc30c
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8605369997e147452c23d8722a3c45e1b65aa01fe8ca7bc29c76180f088efba5
89dd474565a538dff1416950be42fa6dfb3733039a511c6ef5f4e9c8d5708d00
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9a87d07465ace1dcf768a3d5538ae9348957e13280103b10e9d43281a2f0772c
c2aaf66089e78580b7861715f36150b1a9a428e8a554713005510fd0ffffba5a
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
e161b6f50760cf515e3ef1dc13eadbc76289ce1f947eb3508b701c36f582541e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

loandepot.cyberincidentupdate.com Open in urlscan Pro 192.124.249.30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

96 %HTTPS

80 %IPv6

5 Domains

5 Subdomains

6 IPs

1 Countries

389 kBTransfer

834 kBSize

3 Cookies

6 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

loandepot.cyberincidentupdate.com Open in urlscan Pro
192.124.249.30 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

96 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

6
IPs

1
Countries

389 kB
Transfer

834 kB
Size

3
Cookies

28 HTTP transactions
0 data transactions