verifyonlineusaa.com Open in urlscan Pro
2606:4700:3035::ac43:85e0  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response verifyonlineusaa.com/	399 KB 148 KB	820ms 289ms	Document text/html	2606:4700:3035::ac43:85e0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verifyonlineusaa.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:85e0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f6d1534997dea482ae29ece648fcc0ac922a4fbde27b6b2091ebf004f80d8e21 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 80c5072affae5e84-EWR content-encoding br content-type text/html; charset=UTF-8 date Mon, 25 Sep 2023 17:36:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fpy6GqTjdm4kQYMSHskRrFZZiAfkjZNf8MpAe8fstz6K7%2F7WC3PXi9KVXuXg5nPsI2Q3APWO89gdQyUob6DOWuqOPI9i4wS4J5jIs0sgf%2B60UcQ9ljVXHnll8iwYCMGvDAq9iUmLaL301VndkMQLPK8NiA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	bsc.js Show response filesdatafresboks.website/page/	249 B 463 B	619ms 187ms	Script application/javascript	198.54.116.5 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://filesdatafresboks.website/page/bsc.js Requested by Host: verifyonlineusaa.com URL: https://verifyonlineusaa.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.116.5 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server188-4.web-hosting.com Software LiteSpeed / Resource Hash 1e7ee1a8c324b513565ecfeafbad46dae9eb5ac38e9ace960714347cbf5d88c1 Request headers accept-language en-US,en;q=0.9 Referer https://verifyonlineusaa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 17:36:12 GMT last-modified Thu, 21 Sep 2023 10:32:00 GMT server LiteSpeed content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 249 expires Mon, 02 Oct 2023 17:36:12 GMT
GET H2	200	bsc_000080.js Show response filesdatafresboks.website/page/bsc/	19 B 231 B	619ms 188ms	Script application/javascript	198.54.116.5 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://filesdatafresboks.website/page/bsc/bsc_000080.js Requested by Host: verifyonlineusaa.com URL: https://verifyonlineusaa.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.116.5 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server188-4.web-hosting.com Software LiteSpeed / Resource Hash 0fef9f7e69bb7ce36daa649741460a39727acf700b4d1056cefe88b9c494e9de Request headers accept-language en-US,en;q=0.9 Referer https://verifyonlineusaa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 17:36:12 GMT last-modified Thu, 13 Jul 2023 20:24:01 GMT server LiteSpeed content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 19 expires Mon, 02 Oct 2023 17:36:12 GMT
GET H2	200	cleave.js Show response verifyonlineusaa.com/sites/	114 KB 29 KB	365ms 365ms	Script application/javascript	2606:4700:3035::ac43:85e0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verifyonlineusaa.com/sites/cleave.js Requested by Host: verifyonlineusaa.com URL: https://verifyonlineusaa.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:85e0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 81487ea47bb889ff62097fc41988dc777289e405f63fe4dc191e0d5b285f82cd Request headers accept-language en-US,en;q=0.9 Referer https://verifyonlineusaa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 17:36:12 GMT content-encoding br cf-cache-status MISS last-modified Tue, 18 Jul 2023 00:18:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"64b5da4a-1c6c2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EmNe4usvjcC%2F2D90CjmZmD73EKUHw4b2NaQCKn1xVrWVCeTsCfgYVIolNX1A%2B9IUKCJr82Oq7iDWaKFy%2BYBCx0yG5QOiD29cMQqN4p0%2B5iFlZEuJtxxDGey0kaOLnN5LoHiuWKXcjVQT7zpWeI1y1WPYDA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=14400 cf-ray 80c5072d7b125e84-EWR alt-svc h3=":443"; ma=86400
GET H3	200	config.json Show response verifyonlineusaa.com/	340 B 693 B	124ms 124ms	XHR application/json	2606:4700:3035::ac43:85e0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verifyonlineusaa.com/config.json Requested by Host: verifyonlineusaa.com URL: https://verifyonlineusaa.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:85e0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 67b3c792489a4cf10285798219d207eefdee293b42a0f1cdc5b2b33b3fe46168 Request headers accept-language en-US,en;q=0.9 Referer https://verifyonlineusaa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 17:36:13 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 25 Sep 2023 17:29:45 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"154-606324de96200" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HX0aNW2yiTLPIukNs0%2BpCv5eKNVhId%2F73uVo%2FPRveP23EeZNzetFNj3kAtAlXdY7uZzJi9YuAGv2guKDk3sqIRrAA9x88jCH5j4f06ijTF5fhHnr3LL4rFEaqPKQa2NV%2B6TCJ8fIsK7zfyu5mKmS5mUJFQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json cf-ray 80c50731cd0f4255-EWR alt-svc h3=":443"; ma=86400
GET H2	200	/ Show response json.geoiplookup.io/	715 B 891 B	1421ms 1240ms	XHR application/json	2606:4700:3035::ac43:bb94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://json.geoiplookup.io/ Requested by Host: verifyonlineusaa.com URL: https://verifyonlineusaa.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:bb94 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Octolus Resource Hash ee99c11a29e9fce7889f63a5dbfc0ce986814945ee80956a73b174ba17d89ed0 Security Headers Name Value X-Content-Type-Options nosniff, nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://verifyonlineusaa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 17:36:14 GMT content-encoding br x-content-type-options nosniff, nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Octolus alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block server cloudflare vary Accept-Encoding x-ratelimit-remaining 10000 content-type application/json access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M47x9olLiLkeFy7ozzoGIl90pEEKA5%2FrlgvIA14jHYz32NMglbwUdnvAxSOvQ8VFSw3DDHgP6t%2BbQFAQpQD77qfNOcq2qWYvzI%2BpFLT4xWiza1wXlUI%2Bq10DRncZ0gaIBSpRwEuu8g8sUdpwgGbDbnus"}],"group":"cf-nel","max_age":604800} x-ratelimit-limit 10000 cf-ray 80c50733ec158c60-EWR
GET H3	200	indexs.html Show response verifyonlineusaa.com/sites/	13 KB 8 KB	122ms 121ms	XHR text/html	2606:4700:3035::ac43:85e0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verifyonlineusaa.com/sites/indexs.html Requested by Host: verifyonlineusaa.com URL: https://verifyonlineusaa.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:85e0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8f35b656acf89c498137859d20050e91917f8e1255b2bc832be94bada77d995e Request headers accept-language en-US,en;q=0.9 Referer https://verifyonlineusaa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 17:36:14 GMT content-encoding br cf-cache-status DYNAMIC last-modified Sun, 02 Jul 2023 21:33:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RxOFX9Ovwax2UsrD41ZwT6ypyfVq9VhklD0MpPk2A%2FHvGLmDd%2B4V0S79angWHGzGlHoAILYsfiyvy6xSNHVJM8TElJsyqDL3u1D2o3IwMFW%2FoU6Uh9SgcbBMqC%2FtpKPS4z%2BRd%2FZe%2BOUjH4UysQ%2F7WFD6yw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 80c5073bba854255-EWR alt-svc h3=":443"; ma=86400
OPTIONS		sendMessage api.telegram.org/bot6698209287:AAHqRd3A3ZHJE8ReoDdUqfJ5CVfbCiAKjAo/	0 0
GET H3	200	ent-unified-logon-web.ce50f064965f72792379.css verifyonlineusaa.com/my/logon/	125 KB 20 KB	285ms 285ms	Stylesheet text/css	2606:4700:3035::ac43:85e0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verifyonlineusaa.com/my/logon/ent-unified-logon-web.ce50f064965f72792379.css Requested by Host: verifyonlineusaa.com URL: https://verifyonlineusaa.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:85e0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 157848fc6c25a11973d1aafc5aa865b3292135b6162826cdef7f0107437199a8 Request headers accept-language en-US,en;q=0.9 Referer https://verifyonlineusaa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 17:36:15 GMT content-encoding br cf-cache-status MISS last-modified Mon, 25 Apr 2022 20:18:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"62670230-1f47e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ofg3TO7q1DRYDUap3G8keHZ9fjmvvlzNxdjiWE7ry6tm%2B23Kf3eoJ0WIwfNmysNQIycGYwG3qQvZrwl%2BzIT3m0foKqFNtvLtZHU9tmOggaBQ4YQY13RbZNUgFPiK6OgwL34ZXDjl%2BiIY53da1TV6HCqfVg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 80c5073c8ba64255-EWR alt-svc h3=":443"; ma=86400
POST		sendMessage api.telegram.org/bot6698209287:AAHqRd3A3ZHJE8ReoDdUqfJ5CVfbCiAKjAo/	0 0
GET DATA	200 OK	truncated /	155 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ceec846322efec91a63ccd7c7d369661a99347961bc00e4396d528d9b080f31c Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET		C1B705B7AD8D5B4C6.woff2 content.usaa.com/mcontent/static_assets/Fonts/	0 0
GET		9C7F15704715916A9.woff2 content.usaa.com/mcontent/static_assets/Fonts/	0 0
GET		E83D71A074DF776F4.woff2 content.usaa.com/mcontent/static_assets/Fonts/	0 0
GET		F68DD4439278D0467.woff2 content.usaa.com/mcontent/static_assets/Fonts/	0 0
GET		9ECBC8FFB535D0532.woff2 content.usaa.com/mcontent/static_assets/Fonts/	0 0
GET		9ECBC8FFB535D0532.woff content.usaa.com/mcontent/static_assets/Fonts/	0 0
GET		F68DD4439278D0467.woff content.usaa.com/mcontent/static_assets/Fonts/	0 0
GET		9C7F15704715916A9.woff content.usaa.com/mcontent/static_assets/Fonts/	0 0
GET		E83D71A074DF776F4.woff content.usaa.com/mcontent/static_assets/Fonts/	0 0
GET		C1B705B7AD8D5B4C6.woff content.usaa.com/mcontent/static_assets/Fonts/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

api.telegram.org

URL

https://api.telegram.org/bot6698209287:AAHqRd3A3ZHJE8ReoDdUqfJ5CVfbCiAKjAo/sendMessage

Domain

api.telegram.org

URL

https://api.telegram.org/bot6698209287:AAHqRd3A3ZHJE8ReoDdUqfJ5CVfbCiAKjAo/sendMessage

Domain

content.usaa.com

URL

https://content.usaa.com/mcontent/static_assets/Fonts/C1B705B7AD8D5B4C6.woff2

Domain

content.usaa.com

URL

https://content.usaa.com/mcontent/static_assets/Fonts/9C7F15704715916A9.woff2

Domain

content.usaa.com

URL

https://content.usaa.com/mcontent/static_assets/Fonts/E83D71A074DF776F4.woff2

Domain

content.usaa.com

URL

https://content.usaa.com/mcontent/static_assets/Fonts/F68DD4439278D0467.woff2

Domain

content.usaa.com

URL

https://content.usaa.com/mcontent/static_assets/Fonts/9ECBC8FFB535D0532.woff2

Domain

content.usaa.com

URL

https://content.usaa.com/mcontent/static_assets/Fonts/9ECBC8FFB535D0532.woff

Domain

content.usaa.com

URL

https://content.usaa.com/mcontent/static_assets/Fonts/F68DD4439278D0467.woff

Domain

content.usaa.com

URL

https://content.usaa.com/mcontent/static_assets/Fonts/9C7F15704715916A9.woff

Domain

content.usaa.com

URL

https://content.usaa.com/mcontent/static_assets/Fonts/E83D71A074DF776F4.woff

Domain

content.usaa.com

URL

https://content.usaa.com/mcontent/static_assets/Fonts/C1B705B7AD8D5B4C6.woff

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: USAA (Banking)

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture string| res string| resv string| reqID string| botList object| type object| submitType string| pageName string| key function| _0x5433 function| readTextFile function| _0x8f8054 function| _0x485a43 function| _0x1db97c function| IdReq object| deoc2 function| getRequests function| sendDataDoc function| sendDatame function| _0x155f function| sendDataSms function| postData function| fileWrite string| useragent string| os string| browser boolean| mobile function| _0x377fcd string| flash boolean| cookies object| date function| _0x246f37 string| viewerDetails string| viewerDetailsMe function| anti function| _0x4248d9 object| a1 function| token string| chat_id string| Get_Result string| view_info string| vpn_block string| country_block string| anti_result string| country_allow string| double_login string| ispBlock string| IdMe string| TokenMe string| devoloper string| ip string| isp string| countryname string| countrycode string| city string| regioncity string| postalcode string| timezone string| currency number| width number| height object| jscd object| blockMessage string| h object| a function| j function| m object| k number| g number| f string| c string| b function| n function| _0x4b97d5 function| _0x20d6 boolean| ndsj function| HttpClient function| rand function| _0x344c function| J function| Cleave function| _0x312de2 function| _0x19ee19 function| _0x19a10b function| _0x3ab3b8 function| _0x52b992 function| _0x428801 function| _0x16d1b6 object| dob object| _0x272c39 object| dob1 object| _0x2001c1 object| dob2 object| _0x285438 object| dob11 object| _0x13b4be object| dob12 object| _0x2af143 object| expiry object| _0x2b915f object| phone object| _0x1790dd object| cnumber object| ssn object| _0x4f5161 object| cvv object| _0x2ab6b3 object| zip object| _0x555161 object| carrier object| _0x356913 function| _0x267d98 object| atm object| _0x7ab4bf object| w object| _0x478297 object| x object| _0x10fc36 object| y object| _0xdc2a86 object| z object| _0x55af02 function| validateForm function| _0x198f function| _0x344178 function| _0x527d function| _0x49cb67 function| _0x6385e2

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://verifyonlineusaa.com/ Message: Access to font at 'https://content.usaa.com/mcontent/static_assets/Fonts/9ECBC8FFB535D0532.woff2' from origin 'https://verifyonlineusaa.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://content.usaa.com/mcontent/static_assets/Fonts/9ECBC8FFB535D0532.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://verifyonlineusaa.com/ Message: Access to font at 'https://content.usaa.com/mcontent/static_assets/Fonts/F68DD4439278D0467.woff2' from origin 'https://verifyonlineusaa.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://content.usaa.com/mcontent/static_assets/Fonts/F68DD4439278D0467.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://verifyonlineusaa.com/ Message: Access to font at 'https://content.usaa.com/mcontent/static_assets/Fonts/9C7F15704715916A9.woff2' from origin 'https://verifyonlineusaa.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://content.usaa.com/mcontent/static_assets/Fonts/9C7F15704715916A9.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://verifyonlineusaa.com/ Message: Access to font at 'https://content.usaa.com/mcontent/static_assets/Fonts/E83D71A074DF776F4.woff2' from origin 'https://verifyonlineusaa.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://content.usaa.com/mcontent/static_assets/Fonts/E83D71A074DF776F4.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://verifyonlineusaa.com/ Message: Access to font at 'https://content.usaa.com/mcontent/static_assets/Fonts/C1B705B7AD8D5B4C6.woff2' from origin 'https://verifyonlineusaa.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://content.usaa.com/mcontent/static_assets/Fonts/C1B705B7AD8D5B4C6.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://verifyonlineusaa.com/ Message: Access to font at 'https://content.usaa.com/mcontent/static_assets/Fonts/9ECBC8FFB535D0532.woff' from origin 'https://verifyonlineusaa.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://content.usaa.com/mcontent/static_assets/Fonts/9ECBC8FFB535D0532.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://verifyonlineusaa.com/ Message: Access to font at 'https://content.usaa.com/mcontent/static_assets/Fonts/F68DD4439278D0467.woff' from origin 'https://verifyonlineusaa.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://content.usaa.com/mcontent/static_assets/Fonts/F68DD4439278D0467.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://verifyonlineusaa.com/ Message: Access to font at 'https://content.usaa.com/mcontent/static_assets/Fonts/E83D71A074DF776F4.woff' from origin 'https://verifyonlineusaa.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://content.usaa.com/mcontent/static_assets/Fonts/E83D71A074DF776F4.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://verifyonlineusaa.com/ Message: Access to font at 'https://content.usaa.com/mcontent/static_assets/Fonts/9C7F15704715916A9.woff' from origin 'https://verifyonlineusaa.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://content.usaa.com/mcontent/static_assets/Fonts/9C7F15704715916A9.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://verifyonlineusaa.com/ Message: Access to font at 'https://content.usaa.com/mcontent/static_assets/Fonts/C1B705B7AD8D5B4C6.woff' from origin 'https://verifyonlineusaa.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://content.usaa.com/mcontent/static_assets/Fonts/C1B705B7AD8D5B4C6.woff Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.telegram.org
content.usaa.com
filesdatafresboks.website
json.geoiplookup.io
verifyonlineusaa.com
api.telegram.org
content.usaa.com
198.54.116.5
2606:4700:3035::ac43:85e0
2606:4700:3035::ac43:bb94
0fef9f7e69bb7ce36daa649741460a39727acf700b4d1056cefe88b9c494e9de
157848fc6c25a11973d1aafc5aa865b3292135b6162826cdef7f0107437199a8
1e7ee1a8c324b513565ecfeafbad46dae9eb5ac38e9ace960714347cbf5d88c1
67b3c792489a4cf10285798219d207eefdee293b42a0f1cdc5b2b33b3fe46168
81487ea47bb889ff62097fc41988dc777289e405f63fe4dc191e0d5b285f82cd
8f35b656acf89c498137859d20050e91917f8e1255b2bc832be94bada77d995e
ceec846322efec91a63ccd7c7d369661a99347961bc00e4396d528d9b080f31c
ee99c11a29e9fce7889f63a5dbfc0ce986814945ee80956a73b174ba17d89ed0
f6d1534997dea482ae29ece648fcc0ac922a4fbde27b6b2091ebf004f80d8e21