6dtb7j2u.loanjet.us - urlscan.io

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 6 HTTP transactions. The main IP is 2606:4700:3031::6815:3bcd, located in United States and belongs to CLOUDFLARENET, US. The main domain is 6dtb7j2u.loanjet.us.
TLS certificate: Issued by GTS CA 1P5 on May 22nd 2024. Valid for: 3 months.

This is the only time 6dtb7j2u.loanjet.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700:303... 2606:4700:3036::6815:1ff5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 7	2606:4700:303... 2606:4700:3031::6815:3bcd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2

2 2606:4700:3036::6815:1ff5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

fwdto.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3031::6815:3bcd (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

6dtb7j2u.loanjet.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	loanjet.us 2 redirects 6dtb7j2u.loanjet.us	81 KB
2	fwdto.us 1 redirects fwdto.us	2 KB
6	2

	Domain	Requested by
7	6dtb7j2u.loanjet.us	2 redirects 6dtb7j2u.loanjet.us
2	fwdto.us	1 redirects 6dtb7j2u.loanjet.us
6	2

This site contains no links.

Subject Issuer	Validity	Valid
loanjet.us GTS CA 1P5	`2024-05-22` - `2024-08-20`	3 months	crt.sh
fwdto.us E1	`2024-05-22` - `2024-08-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://6dtb7j2u.loanjet.us/request-confirmation?a=18&oc=1&clickid=9b8aa995-4a09-45e0-b258-b69b06dbf3be&source=3xCV&token=6dtb7j2u
Frame ID: CB929DDDC0747610A99B13539E7F89D9
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Confirm your request | loanjet.us

Page URL History Show full URLs

https://fwdto.us/6dtb7j2u HTTP 302
https://6dtb7j2u.loanjet.us/pre?a=18&oc=1&clickid=9b8aa995-4a09-45e0-b258-b69b06dbf3be&source=3xCV HTTP 302
https://6dtb7j2u.loanjet.us/login?a=18&oc=1&clickid=9b8aa995-4a09-45e0-b258-b69b06dbf3be&source=3xCV&tok... HTTP 302
https://6dtb7j2u.loanjet.us/request-confirmation?a=18&oc=1&clickid=9b8aa995-4a09-45e0-b258-b69b06dbf3be&... Page URL

Page Statistics

6
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

81 kB
Transfer

261 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://fwdto.us/6dtb7j2u HTTP 302
https://6dtb7j2u.loanjet.us/pre?a=18&oc=1&clickid=9b8aa995-4a09-45e0-b258-b69b06dbf3be&source=3xCV HTTP 302
https://6dtb7j2u.loanjet.us/login?a=18&oc=1&clickid=9b8aa995-4a09-45e0-b258-b69b06dbf3be&source=3xCV&token=6dtb7j2u HTTP 302
https://6dtb7j2u.loanjet.us/request-confirmation?a=18&oc=1&clickid=9b8aa995-4a09-45e0-b258-b69b06dbf3be&source=3xCV&token=6dtb7j2u Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request request-confirmation Show response 6dtb7j2u.loanjet.us/ Redirect Chain https://fwdto.us/6dtb7j2u https://6dtb7j2u.loanjet.us/pre?a=18&oc=1&clickid=9b8aa995-4a09-45e0-b258-b69b06dbf3be&source=3xCV https://6dtb7j2u.loanjet.us/login?a=18&oc=1&clickid=9b8aa995-4a09-45e0-b258-b69b06dbf3be&source=3xCV&token=6dtb7j2u https://6dtb7j2u.loanjet.us/request-confirmation?a=18&oc=1&clickid=9b8aa995-4a09-45e0-b258-b69b06dbf3be&source=3xCV&token=6dtb7j2u	7 KB 2 KB	252ms 251ms	Document text/html	2606:4700:3031::6815:3bcd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6dtb7j2u.loanjet.us/request-confirmation?a=18&oc=1&clickid=9b8aa995-4a09-45e0-b258-b69b06dbf3be&source=3xCV&token=6dtb7j2u Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:3bcd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4c7bdf6aa55bb8c922ce64b49fabae17f73e135789b96c4d4a0addb5bb550174` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8a1c5c275eed7c9f-EWR content-encoding br content-type text/html; charset=UTF-8 date Thu, 11 Jul 2024 22:51:45 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w1ZNRRhUxWT3ya7nlZrZ1VYCM21n50OmmbmwB%2BMY5zpj0ce6warArjngQTPbniR2QS1KATfLxN3zkA523WqIV%2FnRVTTJA4aWPi%2FlxaMz2yTMNnHe9v4BNK8y0KP2UxbssK9sfCLPkxGD4Wmicm45wrwd"}],"group":"cf-nel","max_age":604800} server cloudflare Redirect headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8a1c5c26be527c9f-EWR content-type text/html; charset=UTF-8 date Thu, 11 Jul 2024 22:51:45 GMT location /request-confirmation?a=18&oc=1&clickid=9b8aa995-4a09-45e0-b258-b69b06dbf3be&source=3xCV&token=6dtb7j2u nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BX4oBQYRIiWjEGh4bkvzDuZcTS4OB6oRD29oZJgauo7P%2BzQPEP9Lj2V35rYAZbimyOI3V2V3VSjgTXgvkCRuotY7oEqbEhGdAjXeHieGMlAQgEwq0Z4w%2FxSAUFPOe3lCb2i6e5KNtgEOY4sIIBWR%2B0mx"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H3	200	main.css 6dtb7j2u.loanjet.us/assets/dist/	51 KB 11 KB	340ms 338ms	Stylesheet text/css	2606:4700:3031::6815:3bcd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6dtb7j2u.loanjet.us/assets/dist/main.css?34 Requested by Host: 6dtb7j2u.loanjet.us URL: https://6dtb7j2u.loanjet.us/request-confirmation?a=18&oc=1&clickid=9b8aa995-4a09-45e0-b258-b69b06dbf3be&source=3xCV&token=6dtb7j2u Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:3bcd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2d79b0e2d99f7f6dd123e6acf2cefa4eb4b6a40e758ed5600daac3942e7afbcc` Request headers Referer https://6dtb7j2u.loanjet.us/request-confirmation?a=18&oc=1&clickid=9b8aa995-4a09-45e0-b258-b69b06dbf3be&source=3xCV&token=6dtb7j2u User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 22:51:45 GMT content-encoding br cf-cache-status MISS last-modified Tue, 14 May 2024 10:35:11 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"66433e5f-cb66" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3xLHWY9bcETojhxYSaPgMXiJGLrGJIh6mZa9W2iUvNh7bIbKr3YwKnL6gNj3UyjKpPzlcjgOfckL5pwW6stwPhxAid5onRduv58CSmVxAiFp4uNL8eryAE4o666VO2u1fq3RtKF%2FROEpaqinaO4uFgGr"}],"group":"cf-nel","max_age":604800} content-type text/css cf-ray 8a1c5c28f8907c9f-EWR alt-svc h3=":443"; ma=86400
GET H3	200	main.js Show response 6dtb7j2u.loanjet.us/assets/dist/	179 KB 59 KB	424ms 422ms	Script application/javascript	2606:4700:3031::6815:3bcd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6dtb7j2u.loanjet.us/assets/dist/main.js?34 Requested by Host: 6dtb7j2u.loanjet.us URL: https://6dtb7j2u.loanjet.us/request-confirmation?a=18&oc=1&clickid=9b8aa995-4a09-45e0-b258-b69b06dbf3be&source=3xCV&token=6dtb7j2u Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:3bcd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `07442e2d07246b3198f44a4659939b015fa3d962e9f982e3dd23e4e430d9c721` Request headers Referer https://6dtb7j2u.loanjet.us/request-confirmation?a=18&oc=1&clickid=9b8aa995-4a09-45e0-b258-b69b06dbf3be&source=3xCV&token=6dtb7j2u User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 22:51:45 GMT content-encoding br cf-cache-status MISS last-modified Tue, 14 May 2024 10:35:11 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"66433e5f-2ca79" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eEuQTPn8TqrBLBnPe0%2BUvwVn9ijhDJZEjYty1jsHEl%2FiCClY3oHNy8ykdbWRHUk%2B27qt3rh65H6dGTN1LwasT%2FVBUoXccYExDC%2F8tXhDn01k1RfNJdc6G1xN1BkwpM%2FuBvP3ASR5PAWAz9ROTZVaAr%2Ff"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cf-ray 8a1c5c28f8927c9f-EWR alt-svc h3=":443"; ma=86400
GET H3	200	/ Show response fwdto.us/i/	1 KB 1 KB	253ms 234ms	Script application/javascript	2606:4700:3036::6815:1ff5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fwdto.us/i/ Requested by Host: 6dtb7j2u.loanjet.us URL: https://6dtb7j2u.loanjet.us/request-confirmation?a=18&oc=1&clickid=9b8aa995-4a09-45e0-b258-b69b06dbf3be&source=3xCV&token=6dtb7j2u Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:1ff5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `3d5eedf3a8ebcb39d43e12cbc9c9807e92fdf501e781423b4f450e596dedf75f` Request headers Referer https://6dtb7j2u.loanjet.us/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 22:51:45 GMT content-encoding br cf-cache-status DYNAMIC last-modified Tue, 14 May 2024 10:50:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"4a4-18f76b933c0" x-powered-by Express report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tIT1niISKdCy3cvY%2F2ND9RycZa%2BLYujcJBpe37QjONi4H2s%2FtAEqmzLKuXrcPc1QXganeAcu2jDriAJ9sTf5QugA0qNoZfel7xNHnSOkrc03zR7xC8X5AhsDShLFFSh0L3XjTP59MQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 cf-ray 8a1c5c291a7543c4-EWR alt-svc h3=":443"; ma=86400
GET H3	200	icons.svg 6dtb7j2u.loanjet.us/assets/images/	9 KB 4 KB	284ms 283ms	Other image/svg+xml	2606:4700:3031::6815:3bcd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6dtb7j2u.loanjet.us/assets/images/icons.svg?34 Requested by Host: 6dtb7j2u.loanjet.us URL: https://6dtb7j2u.loanjet.us/request-confirmation?a=18&oc=1&clickid=9b8aa995-4a09-45e0-b258-b69b06dbf3be&source=3xCV&token=6dtb7j2u Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:3bcd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `186379553d9b940b1f88d62103a4570146bcbe66a4e50ec07f05b8314bb3131c` Request headers Referer https://6dtb7j2u.loanjet.us/request-confirmation?a=18&oc=1&clickid=9b8aa995-4a09-45e0-b258-b69b06dbf3be&source=3xCV&token=6dtb7j2u User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 22:51:46 GMT content-encoding br cf-cache-status MISS last-modified Tue, 14 May 2024 10:34:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"66433e2e-22fe" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UQon0r%2FTivDTvr5qE2sSnezqQo0X6Rx1qs1RmHG2EujV2RzC6wHzFXTjSSsFat06MfZzV0aHar%2FY%2B2GFP3RgVyYzh62XNXUTeK5dxyTO9%2BshiNZ9BXY4OfJa07vB29tcUHFjMpDPIxWB6HceMZGejVFt"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cf-ray 8a1c5c2b2b207c9f-EWR alt-svc h3=":443"; ma=86400
GET H3	200	favicon.ico 6dtb7j2u.loanjet.us/assets/favicons/	15 KB 3 KB	284ms 283ms	Other image/x-icon	2606:4700:3031::6815:3bcd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6dtb7j2u.loanjet.us/assets/favicons/favicon.ico?34 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:3bcd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a9bec011d0906e9ca90e01fef6f308351084571d0bbb6de26a829784ed891644` Request headers Referer https://6dtb7j2u.loanjet.us/request-confirmation?a=18&oc=1&clickid=9b8aa995-4a09-45e0-b258-b69b06dbf3be&source=3xCV&token=6dtb7j2u User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 11 Jul 2024 22:51:46 GMT content-encoding br cf-cache-status MISS last-modified Tue, 14 May 2024 10:34:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"66433e2e-3aee" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VEwJ0Puhgy8R2pn2mgKBfl0qWkgx0MDwK6Hz0KXtttOcy4dbHOl0Je5obE7lUQ0UrfYFGWMSfimVKuQcNkmes%2FqDwGH2q8omgr%2Bg8LhzPwwcLv2znO%2FBW9bBx84WYVIc8mxeFVyyY5hm5J8zkcUKThdJ"}],"group":"cf-nel","max_age":604800} content-type image/x-icon cf-ray 8a1c5c2cfd487c9f-EWR alt-svc h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			fwdto.us/	1970-01-20 21:59:09	Name: cid Value: 9b8aa995-4a09-45e0-b258-b69b06dbf3be
			6dtb7j2u.loanjet.us/	1970-01-20 21:59:09	Name: lblapp Value: 76e2f66fb9a7ec01dbc3a8f7c241d097

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6dtb7j2u.loanjet.us
fwdto.us
2606:4700:3031::6815:3bcd
2606:4700:3036::6815:1ff5
07442e2d07246b3198f44a4659939b015fa3d962e9f982e3dd23e4e430d9c721
186379553d9b940b1f88d62103a4570146bcbe66a4e50ec07f05b8314bb3131c
2d79b0e2d99f7f6dd123e6acf2cefa4eb4b6a40e758ed5600daac3942e7afbcc
3d5eedf3a8ebcb39d43e12cbc9c9807e92fdf501e781423b4f450e596dedf75f
4c7bdf6aa55bb8c922ce64b49fabae17f73e135789b96c4d4a0addb5bb550174
a9bec011d0906e9ca90e01fef6f308351084571d0bbb6de26a829784ed891644

6dtb7j2u.loanjet.us Open in urlscan Pro 2606:4700:3031::6815:3bcd Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

6 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

81 kBTransfer

261 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

2 Cookies

Indicators

6dtb7j2u.loanjet.us Open in urlscan Pro
2606:4700:3031::6815:3bcd Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

81 kB
Transfer

261 kB
Size

2
Cookies

6 HTTP transactions
0 data transactions