urlscan.io logo urlscan.io
SecurityTrails logo

www.gfshomeloans.com Open in urlscan Pro
13.248.165.107  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.gfs.loans/
Effective URL: https://www.gfshomeloans.com/
Submission: On November 23 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 10 domains to perform 39 HTTP transactions. The main IP is 13.248.165.107, located in United States and belongs to AMAZON-02, US. The main domain is www.gfshomeloans.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on November 22nd 2023. Valid for: a year.
This is the only time www.gfshomeloans.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2606:50c0:8002::153 (United States)

ASN54113 (FASTLY, US)
www.gfs.loans
gfs.loans
2    13.248.165.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: a598b6ef85aebb030.awsglobalaccelerator.com
www.gfshomeloans.com
10    2600:9000:21a2:c000:17:7b00:d840:93a1 (United States)

ASN16509 (AMAZON-02, US)
d2vfmc14ehtaht.cloudfront.net
1    54.231.163.193 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
lhp-public-images.s3.amazonaws.com
3    2607:f8b0:4020:805::2004 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.google.com
1    54.192.51.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-129.yul62.r.cloudfront.net
cdn.lenderhomepage.com
7    2a02:6ea0:c400::12 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
cdn.userway.org
2    2607:f8b0:4020:807::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2607:f8b0:4020:805::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2600:9000:211c:6400:8:b943:e5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
d1lndjvmq55t3r.cloudfront.net
3    2607:f8b0:4020:804::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    52.24.20.109 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-24-20-109.us-west-2.compute.amazonaws.com
oov.lenderhomepagecdn.com
4    2600:1f14:5db:eb00:f204:4722:1aec:f4a4 (Boardman, United States)

ASN16509 (AMAZON-02, US)
api.userway.org
Domain Requested by
10 d2vfmc14ehtaht.cloudfront.net www.gfshomeloans.com
d2vfmc14ehtaht.cloudfront.net
7 cdn.userway.org www.gfshomeloans.com
cdn.userway.org
4 api.userway.org cdn.userway.org
3 fonts.gstatic.com fonts.googleapis.com
3 www.gstatic.com www.google.com
3 www.google.com www.gfshomeloans.com
www.gstatic.com
2 fonts.googleapis.com d2vfmc14ehtaht.cloudfront.net
2 www.gfshomeloans.com www.gfshomeloans.com
1 oov.lenderhomepagecdn.com d1lndjvmq55t3r.cloudfront.net
1 d1lndjvmq55t3r.cloudfront.net www.gfshomeloans.com
1 cdn.lenderhomepage.com www.gfshomeloans.com
1 lhp-public-images.s3.amazonaws.com www.gfshomeloans.com
1 gfs.loans
1 www.gfs.loans 1 redirects
39 14
Subject Issuer Validity Valid
gfs.loans
R3		 2023-11-23 -
2024-02-21		 3 months crt.sh
gfshomeloans.com
Amazon RSA 2048 M02		 2023-11-22 -
2024-12-20		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-03		 9 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
lenderhomepage.com
Amazon RSA 2048 M01		 2023-04-17 -
2024-05-15		 a year crt.sh
1667503734.rsc.cdn77.org
R3		 2023-10-10 -
2024-01-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.lenderhomepagecdn.com
Amazon RSA 2048 M01		 2023-08-16 -
2024-09-13		 a year crt.sh
api.userway.org
Amazon RSA 2048 M03		 2023-09-02 -
2024-09-30		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.gfshomeloans.com/
Frame ID: 57A71B8BF30AD6341C96E24AFDFEDFF8
Requests: 34 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeI6qokAAAAANmLslC-uxMj-WP32B1kdCNrFZRM&co=aHR0cHM6Ly93d3cuZ2ZzaG9tZWxvYW5zLmNvbTo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=2kzd1arwsf60
Frame ID: 844FF9A0D77DE6062401A6B61EF6DB6A
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Right Start Mortgage

Page URL History Show full URLs

  1. https://www.gfs.loans/ HTTP 301
    https://gfs.loans/ Page URL
  2. https://www.gfshomeloans.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • cdn\.userway\.org/widget.*\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

39
Requests

100 %
HTTPS

69 %
IPv6

10
Domains

14
Subdomains

13
IPs

2
Countries

2517 kB
Transfer

4077 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.gfs.loans/ HTTP 301
    https://gfs.loans/ Page URL
  2. https://www.gfshomeloans.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.gfs.loans/ HTTP 301
  • https://gfs.loans/

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
gfs.loans/
Redirect Chain
  • https://www.gfs.loans/
  • https://gfs.loans/
223 B
453 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gfs.loans/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
0
cache-control
max-age=600
content-length
223
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 05:07:31 GMT
etag
"655eb968-df"
expires
Thu, 23 Nov 2023 05:17:31 GMT
last-modified
Thu, 23 Nov 2023 02:31:04 GMT
server
GitHub.com
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-fastly-request-id
337584fe56c77b20dc2c76c654910648d4f01a57
x-github-request-id
B6D0:212A:1273C89:179E255:655EDE13
x-proxy-cache
MISS
x-served-by
cache-lga21978-LGA
x-timer
S1700716052.952884,VS0,VE41

Redirect headers

accept-ranges
bytes
age
0
content-length
162
content-type
text/html
date
Thu, 23 Nov 2023 05:07:31 GMT
location
https://gfs.loans/
server
GitHub.com
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-fastly-request-id
ca18bcd2faba91621f078cce4dbb1d0d8460e74a
x-github-request-id
8656:744D:134B860:187608F:655EDE12
x-served-by
cache-lga21978-LGA
x-timer
S1700716052.896302,VS0,VE17
Primary Request /
www.gfshomeloans.com/ 		38 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gfshomeloans.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.165.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a598b6ef85aebb030.awsglobalaccelerator.com
Software
openresty /
Resource Hash
bd34da14a075c93d76299f44e9e09eb7c9040e6ac756257cd0155009e5317aec

Request headers

Referer
https://gfs.loans/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 23 Nov 2023 05:07:32 GMT
server
openresty
3773fe84671bdc3225e773f7499e31ecd22d1d0e.css
d2vfmc14ehtaht.cloudfront.net/optimized/css/ 		302 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2vfmc14ehtaht.cloudfront.net/optimized/css/3773fe84671bdc3225e773f7499e31ecd22d1d0e.css
Requested by
Host: www.gfshomeloans.com
URL: https://www.gfshomeloans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:c000:17:7b00:d840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
10e4202bdc9fd0fab7bdf9ca9c11a153747fd3b42eea552e5922b0b0a6fe79bb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gfshomeloans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 22:05:49 GMT
content-encoding
br
via
1.1 13a23f310e3fbe72fa9a84a5fd5d4b88.cloudfront.net (CloudFront)
last-modified
Wed, 22 Nov 2023 16:13:28 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
age
25304
etag
W/"2c2656c504d1013d2269c5eb3ef452d7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
axSYBGg782r5VkPwlC59iOP345EkNWZknVeiHIAZzJym-WC97Qf_8g==
d9rZneUOzFto3hdxuXW2mW31Pbtn2i70EWmqP4gB.png
lhp-public-images.s3.amazonaws.com/sso/ 		779 KB
779 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lhp-public-images.s3.amazonaws.com/sso/d9rZneUOzFto3hdxuXW2mW31Pbtn2i70EWmqP4gB.png
Requested by
Host: www.gfshomeloans.com
URL: https://www.gfshomeloans.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.163.193 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
2d93989ed0f2d422b996bb9bd61e318831629e54f3e2e9e0a24397b1ccdc7934

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gfshomeloans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 05:07:33 GMT
Last-Modified
Sun, 12 Nov 2023 22:45:14 GMT
Server
AmazonS3
x-amz-request-id
NDB8A09T67HRJ1WB
ETag
"668e655531ce7a843d19a1e9550e1401"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
797620
x-amz-id-2
AOGQzPBNZUnygqzLXHZVtKvN73XUu4RwMfipaJBk/sRJf7OehuXJ9a5OEMQW4RIPOJ3gA68leL4=
phone-frame.png
d2vfmc14ehtaht.cloudfront.net/images/stackables/composite-phone/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2vfmc14ehtaht.cloudfront.net/images/stackables/composite-phone/phone-frame.png?format=webp
Requested by
Host: www.gfshomeloans.com
URL: https://www.gfshomeloans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:c000:17:7b00:d840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e592ea45f0672bd49377c0d6c88ab0663cb9b942f5112a03113b42047b0025c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gfshomeloans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 12:35:00 GMT
via
1.1 13a23f310e3fbe72fa9a84a5fd5d4b88.cloudfront.net (CloudFront)
last-modified
Fri, 28 Apr 2023 21:27:59 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
age
59553
x-amz-server-side-encryption
AES256
etag
"a89b57a1723dfc8659e6aad81baeeda9"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/webp
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
4658
x-amz-cf-id
dGzQ5SiPh1g0pjAtrEOH71EDZ1jP-0mjHLABOuQ5lwPxuylqTdcLOA==
phone-content.png
d2vfmc14ehtaht.cloudfront.net/images/stackables/composite-phone/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2vfmc14ehtaht.cloudfront.net/images/stackables/composite-phone/phone-content.png?format=webp
Requested by
Host: www.gfshomeloans.com
URL: https://www.gfshomeloans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:c000:17:7b00:d840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e16fc72f7a3fba2695867f5501cdaa8a23fca7aec9a3bce8760fb2d302b71bd2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gfshomeloans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 12:34:59 GMT
via
1.1 13a23f310e3fbe72fa9a84a5fd5d4b88.cloudfront.net (CloudFront)
last-modified
Fri, 28 Apr 2023 21:27:58 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
age
59553
x-amz-server-side-encryption
AES256
etag
"cbe6a46a10fa03baef10adf06636346d"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/webp
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
7058
x-amz-cf-id
XG4gU2Uc5ANZyPaPdezpnjQ6i963qCIwuB1IFZRsshDaU2Vv0mLqSw==
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LeI6qokAAAAANmLslC-uxMj-WP32B1kdCNrFZRM
Requested by
Host: www.gfshomeloans.com
URL: https://www.gfshomeloans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f774e29869b160e795860bc73217ba5e33e6191149030cff9760342e1c014a70
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gfshomeloans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 05:07:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 23 Nov 2023 05:07:32 GMT
equal-housing-lender-white-outline.png
d2vfmc14ehtaht.cloudfront.net/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2vfmc14ehtaht.cloudfront.net/images/equal-housing-lender-white-outline.png?format=webp
Requested by
Host: www.gfshomeloans.com
URL: https://www.gfshomeloans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:c000:17:7b00:d840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d77b90e4ef412fcaa0047cfb8ba60e5174e20007148a4cd49d9af285e1e74e9c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gfshomeloans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 07:52:07 GMT
via
1.1 13a23f310e3fbe72fa9a84a5fd5d4b88.cloudfront.net (CloudFront)
last-modified
Sat, 22 Oct 2022 01:01:58 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
age
76525
etag
"0a8ccb9d8086c7b2baf8e6e0f7fc0ec4"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/webp
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
2306
x-amz-cf-id
AHMx4jz6yUL4YL4H40Pd8I6xY_aNLEeRbk8gnlSA7fGVLTG6yrBByA==
poweredby.png
cdn.lenderhomepage.com/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.lenderhomepage.com/images/poweredby.png
Requested by
Host: www.gfshomeloans.com
URL: https://www.gfshomeloans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-129.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ade424a86f7a33999d9393d9428707e5e188afd62797a42ba5a9a47edc76b626

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gfshomeloans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 10:22:00 GMT
via
1.1 981fd743d9643ae0100d9c3fcfb96f78.cloudfront.net (CloudFront)
last-modified
Wed, 08 Nov 2023 23:15:31 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
age
67533
x-amz-server-side-encryption
AES256
etag
"198d74396c284282ba4d5b9ef33ef682"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3679
x-amz-cf-id
OLLR1nhYwEK9CtsRIM8yoB2oCHZ354uBzEtS-szhW_4l2D-cg96Ctw==
app.js
www.gfshomeloans.com/js/f03dc1cce48afaf4/ 		468 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gfshomeloans.com/js/f03dc1cce48afaf4/app.js
Requested by
Host: www.gfshomeloans.com
URL: https://www.gfshomeloans.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.165.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a598b6ef85aebb030.awsglobalaccelerator.com
Software
openresty /
Resource Hash
eacc5419abac6abcac11473315e588c9bd47c3e5608c7abcf9e21eb6206cc9a7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gfshomeloans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 05:07:32 GMT
content-encoding
gzip
last-modified
Wed, 22 Nov 2023 21:38:26 GMT
server
openresty
etag
W/"655e74d2-74e28"
content-type
application/javascript
cache-control
max-age=432000
expires
Tue, 28 Nov 2023 05:07:32 GMT
widget.js
cdn.userway.org/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widget.js
Requested by
Host: www.gfshomeloans.com
URL: https://www.gfshomeloans.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
1f637d0980f60e38526eb52c1eded0301992f01976c16b8e8b6ef52d3d1f23b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gfshomeloans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Thu, 23 Nov 2023 05:07:32 GMT
via
1.1 4ec5361277f6487ae5a8f880297d598c.cloudfront.net (CloudFront)
content-encoding
gzip
x-age-lb
3123
x-amz-cf-pop
PHL50-C1
age
125
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-accel-date
1700712929
x-77-nzt
EgwBWbuxDwH3MwwAAAwBnJI73wH3VgQAAA
x-accel-expires
@1700716529
x-77-age
4233
x-cache-lb
HIT
last-modified
Wed, 22 Nov 2023 09:51:49 GMT
server
CDN77-Turbo
etag
W/"412807eace3f18a928be08a6aa1a1395"
x-77-nzt-ray
49be14082260095514de5e65ac04e02a
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=3600, public
content-type
application/javascript
x-amz-cf-id
Hb__lOgDdhsncWNROMfoG-uPQjPrKJ9PGcyxGbVt5vXzWC_P3MOa1g==
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Requested by
Host: d2vfmc14ehtaht.cloudfront.net
URL: https://d2vfmc14ehtaht.cloudfront.net/optimized/css/3773fe84671bdc3225e773f7499e31ecd22d1d0e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
886e1e675050878cd1710ba030a7787613e5bbbe02a2b099683306c16ac8c8cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d2vfmc14ehtaht.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 23 Nov 2023 05:07:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 23 Nov 2023 03:33:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Nov 2023 05:07:33 GMT
css2
fonts.googleapis.com/ 		9 KB
749 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;700;800&display=swap
Requested by
Host: d2vfmc14ehtaht.cloudfront.net
URL: https://d2vfmc14ehtaht.cloudfront.net/optimized/css/3773fe84671bdc3225e773f7499e31ecd22d1d0e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
04bf72ef2325c9239b6c623daf974cd3ba383b2f105b404b57544dd90d89a0d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d2vfmc14ehtaht.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 23 Nov 2023 05:07:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 23 Nov 2023 04:29:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Nov 2023 05:07:33 GMT
fortawesome.css
d2vfmc14ehtaht.cloudfront.net/css/ 		175 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2vfmc14ehtaht.cloudfront.net/css/fortawesome.css
Requested by
Host: d2vfmc14ehtaht.cloudfront.net
URL: https://d2vfmc14ehtaht.cloudfront.net/optimized/css/3773fe84671bdc3225e773f7499e31ecd22d1d0e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:c000:17:7b00:d840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e94c59bef895d4cd0c8d7b39eb3fb04dbc8a9b78507e274771a46578ea2041d1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d2vfmc14ehtaht.cloudfront.net/optimized/css/3773fe84671bdc3225e773f7499e31ecd22d1d0e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 13:23:27 GMT
content-encoding
gzip
via
1.1 13a23f310e3fbe72fa9a84a5fd5d4b88.cloudfront.net (CloudFront)
last-modified
Mon, 20 Nov 2023 21:56:11 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
age
56646
x-amz-server-side-encryption
AES256
etag
W/"b28a13930e7b30a2e8cb42ab8f528950"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
c6u5aj267P-Mvya61k_OM87BaANDd5WCtxXGS4Vd46j9fQmzKLO5OQ==
recaptcha__en.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ 		465 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeI6qokAAAAANmLslC-uxMj-WP32B1kdCNrFZRM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gfshomeloans.com/
Origin
https://www.gfshomeloans.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 06:38:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80950
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
190682
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Nov 2024 06:38:23 GMT
matomo.js
d1lndjvmq55t3r.cloudfront.net/ 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1lndjvmq55t3r.cloudfront.net/matomo.js
Requested by
Host: www.gfshomeloans.com
URL: https://www.gfshomeloans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:6400:8:b943:e5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gfshomeloans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 04:59:31 GMT
content-encoding
gzip
via
1.1 a5ec1cc448d0ca618712f253b7a7adba.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
age
484
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
pragma
public
last-modified
Mon, 13 Feb 2023 19:03:33 GMT
server
nginx
etag
W/"63ea8985-10132"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public
x-amz-cf-id
5U8Bdfkikie2zMRaX5F2oxqUpa_msj0SBmUbAklXWLLnuBq9fgpm9Q==
expires
Thu, 23 Nov 2023 05:59:29 GMT
blue-family-ownership.jpg
d2vfmc14ehtaht.cloudfront.net/images/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2vfmc14ehtaht.cloudfront.net/images/blue-family-ownership.jpg?format=webp
Requested by
Host: www.gfshomeloans.com
URL: https://www.gfshomeloans.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:21a2:c000:17:7b00:d840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8bad1aff615b8e3b5504f01b64a411a361a6c49b6f6c98ae48d38c3d9dd4b2f1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gfshomeloans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 12:35:04 GMT
via
1.1 637dba6131a9a1e300cf019b0a0edd44.cloudfront.net (CloudFront)
last-modified
Sat, 22 Oct 2022 01:12:52 GMT
server
AmazonS3
age
59550
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
etag
"5b9c6404162cc6b57a95caa35e8239b8"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/webp
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
72302
x-amz-cf-id
Ed55tGIYLGqlAAhxmbclx8wzhJlWplReSWqlUlfBon-DcEy9KgADPQ==
cta-card-j.png
d2vfmc14ehtaht.cloudfront.net/images/stackables/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2vfmc14ehtaht.cloudfront.net/images/stackables/cta-card-j.png?format=webp
Requested by
Host: www.gfshomeloans.com
URL: https://www.gfshomeloans.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:21a2:c000:17:7b00:d840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9576ed8391a6745a9fe10be667c10001cf668b591faea485cb85c9bf9247475f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gfshomeloans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 05:07:33 GMT
via
1.1 637dba6131a9a1e300cf019b0a0edd44.cloudfront.net (CloudFront)
last-modified
Mon, 10 Jul 2023 21:55:32 GMT
server
AmazonS3
age
21825
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
etag
"6fd2a18fdeedaeb819fe5c66dd19ba88"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/webp
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
19168
x-amz-cf-id
nBmm10Y9cEErdZWogmS6ECZvkiYlpOllFwu_iH3wvV3bcTgnPET6Iw==
webfa-solid-900.woff2
d2vfmc14ehtaht.cloudfront.net/fonts/vendor/@fortawesome/fontawesome-pro/ 		320 KB
321 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2vfmc14ehtaht.cloudfront.net/fonts/vendor/@fortawesome/fontawesome-pro/webfa-solid-900.woff2?2f8c37423114769918ded8b5ec9ef160
Requested by
Host: d2vfmc14ehtaht.cloudfront.net
URL: https://d2vfmc14ehtaht.cloudfront.net/css/fortawesome.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:21a2:c000:17:7b00:d840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdb9ca4674e16a180ad38ba1b55ea1224a38677e604f5c5e560b85194970b85a

Request headers

Referer
https://d2vfmc14ehtaht.cloudfront.net/css/fortawesome.css
Origin
https://www.gfshomeloans.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 14:58:54 GMT
via
1.1 0af7b45c1245bf01064b3a3ce0d489f6.cloudfront.net (CloudFront)
age
50920
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
327824
last-modified
Mon, 20 Nov 2023 21:56:12 GMT
server
AmazonS3
etag
"e0f1f10202002bf91422fd3768c2d744"
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
t4mM_GCCjfx9tmmWZR0xbUB5m02AX0_aOt72oao5AjMZq4LPap2nGA==
webfa-brands-400.woff2
d2vfmc14ehtaht.cloudfront.net/fonts/vendor/@fortawesome/fontawesome-pro/ 		108 KB
109 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2vfmc14ehtaht.cloudfront.net/fonts/vendor/@fortawesome/fontawesome-pro/webfa-brands-400.woff2?e24fcc1b7ece401606b1ce88f377554a
Requested by
Host: d2vfmc14ehtaht.cloudfront.net
URL: https://d2vfmc14ehtaht.cloudfront.net/css/fortawesome.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:21a2:c000:17:7b00:d840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
063b9237e402c98dfb77a66e5de0d02d953640fc8fe44911808c2fdcb80df26e

Request headers

Referer
https://d2vfmc14ehtaht.cloudfront.net/css/fortawesome.css
Origin
https://www.gfshomeloans.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 14:59:03 GMT
via
1.1 0af7b45c1245bf01064b3a3ce0d489f6.cloudfront.net (CloudFront)
age
50911
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
110932
last-modified
Mon, 20 Nov 2023 21:56:12 GMT
server
AmazonS3
etag
"f022fca674f561d3f3f9f187a7fa3222"
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
DtzEeDNI44LSGX5y8XVbZy26-3wonzXtZcuKnVhkuwOcGCeYaTZGnA==
webfa-regular-400.woff2
d2vfmc14ehtaht.cloudfront.net/fonts/vendor/@fortawesome/fontawesome-pro/ 		386 KB
387 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2vfmc14ehtaht.cloudfront.net/fonts/vendor/@fortawesome/fontawesome-pro/webfa-regular-400.woff2?e4bb547bebf70ca2cb4948560f59302a
Requested by
Host: d2vfmc14ehtaht.cloudfront.net
URL: https://d2vfmc14ehtaht.cloudfront.net/css/fortawesome.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:21a2:c000:17:7b00:d840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b85c4d4bcb7be039d30281d940426203622394a85d4cd2b43048b57a924a7d51

Request headers

Referer
https://d2vfmc14ehtaht.cloudfront.net/css/fortawesome.css
Origin
https://www.gfshomeloans.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:50:09 GMT
via
1.1 0af7b45c1245bf01064b3a3ce0d489f6.cloudfront.net (CloudFront)
age
7881
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
395444
last-modified
Thu, 16 Nov 2023 00:50:57 GMT
server
AmazonS3
etag
"f3100ca1d6b8939d47fe7e23a831bcd3"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
YFdzP2698CMGraZQAZk-V59YYBVLjxCwdp8Q0rQvTeVgLQuloecw3g==
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gfshomeloans.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:58:11 GMT
x-content-type-options
nosniff
age
29362
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Nov 2024 20:58:11 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gfshomeloans.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:55:39 GMT
x-content-type-options
nosniff
age
29514
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Nov 2024 20:55:39 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gfshomeloans.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:55:30 GMT
x-content-type-options
nosniff
age
29523
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Nov 2024 20:55:30 GMT
widget_app_base_1700646578772.js
cdn.userway.org/widgetapp/2023-11-22-09-49-38/ 		135 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2023-11-22-09-49-38/widget_app_base_1700646578772.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
eb4fe9443246c199928a2a20d76afdb14a50cbc4aba6ea79ae7e390c1bd8a163

Request headers

Referer
https://www.gfshomeloans.com/
Origin
https://www.gfshomeloans.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Thu, 23 Nov 2023 05:07:33 GMT
via
1.1 a3553fd14d7dc73d33a5426ee64abf1c.cloudfront.net (CloudFront)
content-encoding
gzip
x-age-lb
50034
x-amz-cf-pop
PHL50-C1
age
3
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-accel-date
1700666019
x-77-nzt
EgwBWbuxDwH3csMAAAwBnJI73wH3IEsAAA
x-accel-expires
@1726566787
x-77-age
69266
x-cache-lb
HIT
last-modified
Wed, 22 Nov 2023 09:51:44 GMT
server
CDN77-Turbo
etag
W/"5e786c7129a8f5651515e410b12f0473"
x-77-nzt-ray
49be1408564e1f5915de5e65bb45530d
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/javascript
x-amz-cf-id
R79Ep-MRaX1kVjo--bUJdI8oKbxoVcsMPE5Z8mXzbUcwmjtHGUtCzA==
matomo.php
oov.lenderhomepagecdn.com/ 		0
204 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://oov.lenderhomepagecdn.com/matomo.php?action_name=Right%20Start%20Mortgage&idsite=45943&rec=1&r=247770&h=19&m=7&s=33&url=https%3A%2F%2Fwww.gfshomeloans.com%2F&urlref=https%3A%2F%2Fgfs.loans%2F&_id=fee7b7d39cb496bb&_idn=1&send_image=0&_refts=1700716053&_ref=https%3A%2F%2Fgfs.loans%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=nHqrSI&pf_net=247&pf_srv=122&pf_tfr=1&pf_dm1=525&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: d1lndjvmq55t3r.cloudfront.net
URL: https://d1lndjvmq55t3r.cloudfront.net/matomo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.20.109 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-20-109.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gfshomeloans.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Thu, 23 Nov 2023 05:07:33 GMT
content-encoding
none
referrer-policy
origin
x-content-type-options
nosniff
server
nginx
access-control-allow-origin
https://www.gfshomeloans.com
access-control-allow-credentials
true
x-xss-protection
1; mode=block
anchor
www.google.com/recaptcha/api2/ Frame 844F 		60 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeI6qokAAAAANmLslC-uxMj-WP32B1kdCNrFZRM&co=aHR0cHM6Ly93d3cuZ2ZzaG9tZWxvYW5zLmNvbTo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=2kzd1arwsf60
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c4473e1b5cb0cb98951b7fb7c91eac83a6284cdb7bf1b68f8c5118dd52733fe5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Vo3dxnRaquDZpvRRfp11VQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gfshomeloans.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Vo3dxnRaquDZpvRRfp11VQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 05:07:33 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
che6LPcYj9
api.userway.org/api/tunings/ 		206 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/tunings/che6LPcYj9
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-11-22-09-49-38/widget_app_base_1700646578772.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb00:f204:4722:1aec:f4a4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ff310191f9d47df6da8c8b07e373f852b7d9efc1e325dd7a97939475fbc5cfb7

Request headers

Referer
https://www.gfshomeloans.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 23 Nov 2023 05:07:33 GMT
etag
W/"ce-Ky4tZuc8Z5Oj3XAFB+hsWUIn9Jc"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-service-request-id
usr65544a18b590431
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
206
x-service-version
uw-pr
styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 844F 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeI6qokAAAAANmLslC-uxMj-WP32B1kdCNrFZRM&co=aHR0cHM6Ly93d3cuZ2ZzaG9tZWxvYW5zLmNvbTo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=2kzd1arwsf60
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 06:38:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80952
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Nov 2024 06:38:21 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 844F 		465 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeI6qokAAAAANmLslC-uxMj-WP32B1kdCNrFZRM&co=aHR0cHM6Ly93d3cuZ2ZzaG9tZWxvYW5zLmNvbTo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=2kzd1arwsf60
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 06:38:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80950
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
190682
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Nov 2024 06:38:23 GMT
en-US.json
cdn.userway.org/widgetapp/2023-11-22-09-49-38/locales/ 		500 B
952 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2023-11-22-09-49-38/locales/en-US.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-11-22-09-49-38/widget_app_base_1700646578772.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
588e561c1b630cc0c94b479e3a0479c7557e4d6991a1bacb5b2acd7f32906f56

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gfshomeloans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Thu, 23 Nov 2023 05:07:33 GMT
via
1.1 cf426d8f6e10e609055662f292295434.cloudfront.net (CloudFront)
content-encoding
gzip
x-age-lb
50034
x-amz-cf-pop
PHL50-C1
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-accel-date
1700666019
x-77-nzt
EgwBWbuxDwH3csMAAAwBnJI73wH3H0sAAA
x-accel-expires
@1726566788
x-77-age
69265
x-cache-lb
HIT
last-modified
Wed, 22 Nov 2023 09:51:43 GMT
server
CDN77-Turbo
etag
W/"6c501e56c0883817da65e6df9f4417ee"
x-77-nzt-ray
49be1408564e1f5915de5e654976c22b
access-control-max-age
3000
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/json
x-amz-cf-id
WuANR3ok1-JWzLI-44fRczhKrSxZhxz4rsFAFwORh10fFkg4675IhA==
webworker.js
www.google.com/recaptcha/api2/ Frame 844F 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b62f36160407c81030404ab242125afd42fa0da6626ef11e5f406dda12acf144
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeI6qokAAAAANmLslC-uxMj-WP32B1kdCNrFZRM&co=aHR0cHM6Ly93d3cuZ2ZzaG9tZWxvYW5zLmNvbTo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=2kzd1arwsf60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 05:07:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 23 Nov 2023 05:07:34 GMT
remediation-tool-free.js
cdn.userway.org/remediation/free/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/remediation/free/remediation-tool-free.js?ts=1700646578772
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-11-22-09-49-38/widget_app_base_1700646578772.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7f2e2714579a69e34bcba270bda00fdd56792c49f14e59dd5941d4ba957af180

Request headers

Referer
https://www.gfshomeloans.com/
Origin
https://www.gfshomeloans.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Thu, 23 Nov 2023 05:07:34 GMT
via
1.1 cf88880413082302757828626cf7b020.cloudfront.net (CloudFront)
content-encoding
gzip
x-age-lb
50035
x-amz-cf-pop
PHL50-C1
age
4
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-accel-date
1700666019
x-77-nzt
EgwBWbuxDwH3c8MAAAwBnJI73wH3HksAAA
x-accel-expires
@1726566789
x-77-age
69265
x-cache-lb
HIT
last-modified
Wed, 22 Nov 2023 09:51:48 GMT
server
CDN77-Turbo
etag
W/"bbe746ad3322d09d2a348f58079a58bb"
x-77-nzt-ray
49be1408564e1f5916de5e65cf0f250e
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/javascript
x-amz-cf-id
TC7LCQ8KGlJtjm5eaDfoFiTV23NHxDxEO8rAA18mK5-PwvjyA74GAA==
body_wh.svg
cdn.userway.org/widgetapp/images/ 		931 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gfshomeloans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Thu, 23 Nov 2023 05:07:34 GMT
via
1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
content-encoding
gzip
x-age-lb
50035
x-amz-cf-pop
PHL50-C1
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-accel-date
1700666019
x-77-nzt
Alm7sQ83Nzf/c8MAAJySO+I3Nzf/AwAAAA
x-accel-expires
@1726586016
x-77-age
50038
x-cache-lb
HIT
last-modified
Fri, 13 Jan 2023 11:00:14 GMT
server
CDN77-Turbo
etag
W/"2ec2767a3bb93656fb9b75c893d7be75"
x-77-nzt-ray
49be14082260095516de5e6546758f0f
access-control-max-age
3000
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
image/svg+xml
x-amz-cf-id
iN2OCcP54aQros02XwBZp5fUtkP8je5IeOieZkl56GAgA_z2crDhrg==
spin_wh.svg
cdn.userway.org/widgetapp/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gfshomeloans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Thu, 23 Nov 2023 05:07:34 GMT
via
1.1 cf426d8f6e10e609055662f292295434.cloudfront.net (CloudFront)
content-encoding
gzip
x-age-lb
50035
x-amz-cf-pop
PHL50-C1
age
19142
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-accel-date
1700666019
x-77-nzt
EgwBWbuxDwH3c8MAAAwBnJI73wH3AwAAAA
x-accel-expires
@1726586016
x-77-age
50038
x-cache-lb
HIT
last-modified
Fri, 13 Jan 2023 11:00:14 GMT
server
CDN77-Turbo
etag
W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray
49be14082260095516de5e6522e5930f
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
image/svg+xml
x-amz-cf-id
aaHpgofXLaO8pndeULTcXzP9S_3VZbcZxUD-BLhECUp7HT2PqORjXw==
status
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.gfshomeloans.com%2F/DESKTOP/WIDGET_OFF/ 		77 B
455 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.gfshomeloans.com%2F/DESKTOP/WIDGET_OFF/status
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-11-22-09-49-38/widget_app_base_1700646578772.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb00:f204:4722:1aec:f4a4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
55bdb1700149e5204204c06b154ee3d44990039e1227e75da7193378d160de01

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gfshomeloans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 05:07:39 GMT
etag
W/"4d-LFMdxGwYZe/xj6Qk5mJ4pvoM+ew"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
vary
Accept-Encoding
access-control-allow-headers
*
content-length
77
x-service-version
seo-w-809f5266
scan_1700646578772.js
cdn.userway.org/widgetapp/2023-11-22-09-49-38/scan/ 		53 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2023-11-22-09-49-38/scan/scan_1700646578772.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-11-22-09-49-38/widget_app_base_1700646578772.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
771b265798b85ee594754f3c9ff0fc845c2e287b6742181a4855d891b3ef1ac4

Request headers

Referer
https://www.gfshomeloans.com/
Origin
https://www.gfshomeloans.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Thu, 23 Nov 2023 05:07:39 GMT
via
1.1 558a7274c3bf9c351a26dc5ddb8c820a.cloudfront.net (CloudFront)
content-encoding
gzip
x-age-lb
50039
x-amz-cf-pop
PHL50-C1
age
19217
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-accel-date
1700666020
x-77-nzt
Alm7sQ83Nzf/d8MAAJySO+I3Nzf/BAAAAA
x-accel-expires
@1726586016
x-77-age
50043
x-cache-lb
HIT
last-modified
Wed, 22 Nov 2023 09:51:44 GMT
server
CDN77-Turbo
etag
W/"5f3ef1d42a27c5de1d1c341f70d833e7"
x-77-nzt-ray
49be1408564e1f591bde5e655f7c9c15
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/javascript
x-amz-cf-id
dwvoP0EQnNeTgBaM3ti0DvuEpM0NkQJ2hP6E0LMxwc9WCNUDs-2-PA==
contrib
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.gfshomeloans.com%2F/DESKTOP/ 		77 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.gfshomeloans.com%2F/DESKTOP/contrib
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-11-22-09-49-38/widget_app_base_1700646578772.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb00:f204:4722:1aec:f4a4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c

Request headers

Referer
https://www.gfshomeloans.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Nov 2023 05:07:39 GMT
etag
W/"4d-wYLRLrbWidRwnfhEvoB+Y2U04NY"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
vary
Accept-Encoding
access-control-allow-headers
*
content-length
77
x-service-version
seo-w-809f5266
contrib
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.gfshomeloans.com%2F/DESKTOP/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.gfshomeloans.com%2F/DESKTOP/contrib
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb00:f204:4722:1aec:f4a4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://www.gfshomeloans.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
access-control-max-age
3000
cache-control
max-age=604800
date
Thu, 23 Nov 2023 05:07:39 GMT
x-service-version
seo-w-809f5266

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| _paq object| _userway_config object| UserWayWidgetApp function| jQuery function| $ number| step undefined| currIndex function| axios object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| recaptcha object| closure_lm_581268 function| __read function| __spreadArray function| __values string| LS_KEY string| CDN_BASE string| LOCALES string| VERSION object| FuncKeys object| DEFAULT_OPEN_HOTKEY object| userwaySupportedLanguages object| userwayMapToSupportedLanguages object| userwaySupportedLocales string| USERWAY_DEFAULT_FALLBACK_LANGUAGE function| userwaySupports function| formatLangCode function| __assign function| __rest object| messageStream boolean| _userway object| UserWay function| __defProp function| __defProps function| __getOwnPropDescs function| __getOwnPropSymbols function| __hasOwnProp function| __propIsEnum function| __defNormalProp function| __spreadValues function| __spreadProps function| __objRest function| __async

5 Cookies

Domain/Path Name / Value
www.gfshomeloans.com/ Name: XSRF-TOKEN
Value: eyJpdiI6ImRhbzRBZHVsTWNWclBJdUZnRUtNK3c9PSIsInZhbHVlIjoiUDFSMDhsUjdUaWZSUGI5dEFaZ2d2SU9QTUJqbkNBeDlleGsrN2htbTZTUnIyRVFlRTdsQzRKc21VNEMxb3FaZ0pJdU5sTGxSK2wzQmFJNnh2MlpSMTZoOGx3OC9wdTNpTEJKclY4ckhaQzlMTW85Mk1VdWR3aC83QUQxWlpkbWEiLCJtYWMiOiJjNTg2ZjZjNmFkNGM4MGQ5NzE5MzUyZGVlN2E3NDFjMWU5NjA5MTNiNTFjNjA0MGEyZDc0YmYwOGFhMjUyZmU0IiwidGFnIjoiIn0%3D
www.gfshomeloans.com/ Name: blueprint_session
Value: eyJpdiI6ImZmeDhrdjg4LzM5VytuREF1UENucFE9PSIsInZhbHVlIjoialBGaFNzYmN1R0ZxL216RGplM3I4eGhEOS93d05aQ1luRGR4bHR5SFR5Tmo5aEtkaTlzUW1VNlNYekUxTjFrcGx6N3V1QWV4eGVkKyt2aHk3MlJESVU5VHdDUzVVVW5BbjhyNi9FV0xLUWM5eVVkdjdUYXdheldEaFl0Tm1MOWMiLCJtYWMiOiI0NmE5YzMwNDY2N2RmNWM3NWM0MWNhYjNmZTk5OTY1YWEyZThiZWZkYjAzNjk4ZTUxNjM2NWNmYTc1Nzc3Yzg2IiwidGFnIjoiIn0%3D
www.gfshomeloans.com/ Name: _pk_ref.45943.15f5
Value: %5B%22%22%2C%22%22%2C1700716053%2C%22https%3A%2F%2Fgfs.loans%2F%22%5D
www.gfshomeloans.com/ Name: _pk_id.45943.15f5
Value: fee7b7d39cb496bb.1700716053.
www.gfshomeloans.com/ Name: _pk_ses.45943.15f5
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.userway.org
cdn.lenderhomepage.com
cdn.userway.org
d1lndjvmq55t3r.cloudfront.net
d2vfmc14ehtaht.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
gfs.loans
lhp-public-images.s3.amazonaws.com
oov.lenderhomepagecdn.com
www.gfs.loans
www.gfshomeloans.com
www.google.com
www.gstatic.com
13.248.165.107
2600:1f14:5db:eb00:f204:4722:1aec:f4a4
2600:9000:211c:6400:8:b943:e5c0:93a1
2600:9000:21a2:c000:17:7b00:d840:93a1
2606:50c0:8002::153
2607:f8b0:4020:804::2003
2607:f8b0:4020:805::2003
2607:f8b0:4020:805::2004
2607:f8b0:4020:807::200a
2a02:6ea0:c400::12
52.24.20.109
54.192.51.129
54.231.163.193
04bf72ef2325c9239b6c623daf974cd3ba383b2f105b404b57544dd90d89a0d9
063b9237e402c98dfb77a66e5de0d02d953640fc8fe44911808c2fdcb80df26e
10e4202bdc9fd0fab7bdf9ca9c11a153747fd3b42eea552e5922b0b0a6fe79bb
1f637d0980f60e38526eb52c1eded0301992f01976c16b8e8b6ef52d3d1f23b9
2d93989ed0f2d422b996bb9bd61e318831629e54f3e2e9e0a24397b1ccdc7934
2e592ea45f0672bd49377c0d6c88ab0663cb9b942f5112a03113b42047b0025c
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
55bdb1700149e5204204c06b154ee3d44990039e1227e75da7193378d160de01
588e561c1b630cc0c94b479e3a0479c7557e4d6991a1bacb5b2acd7f32906f56
771b265798b85ee594754f3c9ff0fc845c2e287b6742181a4855d891b3ef1ac4
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7f2e2714579a69e34bcba270bda00fdd56792c49f14e59dd5941d4ba957af180
886e1e675050878cd1710ba030a7787613e5bbbe02a2b099683306c16ac8c8cd
8bad1aff615b8e3b5504f01b64a411a361a6c49b6f6c98ae48d38c3d9dd4b2f1
9576ed8391a6745a9fe10be667c10001cf668b591faea485cb85c9bf9247475f
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
ade424a86f7a33999d9393d9428707e5e188afd62797a42ba5a9a47edc76b626
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b62f36160407c81030404ab242125afd42fa0da6626ef11e5f406dda12acf144
b85c4d4bcb7be039d30281d940426203622394a85d4cd2b43048b57a924a7d51
bd34da14a075c93d76299f44e9e09eb7c9040e6ac756257cd0155009e5317aec
bdb9ca4674e16a180ad38ba1b55ea1224a38677e604f5c5e560b85194970b85a
c4473e1b5cb0cb98951b7fb7c91eac83a6284cdb7bf1b68f8c5118dd52733fe5
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c
d77b90e4ef412fcaa0047cfb8ba60e5174e20007148a4cd49d9af285e1e74e9c
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
e16fc72f7a3fba2695867f5501cdaa8a23fca7aec9a3bce8760fb2d302b71bd2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e94c59bef895d4cd0c8d7b39eb3fb04dbc8a9b78507e274771a46578ea2041d1
eacc5419abac6abcac11473315e588c9bd47c3e5608c7abcf9e21eb6206cc9a7
eb4fe9443246c199928a2a20d76afdb14a50cbc4aba6ea79ae7e390c1bd8a163
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f774e29869b160e795860bc73217ba5e33e6191149030cff9760342e1c014a70
ff310191f9d47df6da8c8b07e373f852b7d9efc1e325dd7a97939475fbc5cfb7