www.opusloans.co.uk Open in urlscan Pro
52.178.212.17 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.opusloans.co.uk/portal
Submission Tags: @phishunt_io
Submission: On September 24 via api (September 24th 2021, 6:47:53 pm UTC) from DE — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 8 HTTP transactions. The main IP is 52.178.212.17, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.opusloans.co.uk.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on September 7th 2020. Valid for: a year.

This is the only time www.opusloans.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.178.212.17 52.178.212.17	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.186.170 142.250.186.170	15169 (GOOGLE) (GOOGLE)
1	13.69.186.152 13.69.186.152	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.133.178.180 18.133.178.180	16509 (AMAZON-02) (AMAZON-02)
1	13.107.246.44 13.107.246.44	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.253.44 13.107.253.44	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.213.44 13.107.213.44	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	216.58.212.163 216.58.212.163	15169 (GOOGLE) (GOOGLE)
8	8

1 52.178.212.17 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.opusloans.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.69.186.152 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.newday.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.133.178.180 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-178-180.eu-west-2.compute.amazonaws.com

fluid.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.246.44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.aquacard.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.253.44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

applynow2.marbles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.213.44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.opuscard.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.163 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	gstatic.com fonts.gstatic.com	44 KB
1	opuscard.co.uk www.opuscard.co.uk	2 KB
1	marbles.com applynow2.marbles.com	3 KB
1	aquacard.co.uk www.aquacard.co.uk	5 KB
1	fluid.co.uk fluid.co.uk	12 KB
1	newday.co.uk www.newday.co.uk	9 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	opusloans.co.uk www.opusloans.co.uk	6 KB
8	8

	Domain	Requested by
1	fonts.gstatic.com	fonts.googleapis.com
1	www.opuscard.co.uk	www.opusloans.co.uk
1	applynow2.marbles.com	www.opusloans.co.uk
1	www.aquacard.co.uk	www.opusloans.co.uk
1	fluid.co.uk	www.opusloans.co.uk
1	www.newday.co.uk	www.opusloans.co.uk
1	fonts.googleapis.com	www.opusloans.co.uk
1	www.opusloans.co.uk
8	8

This site contains no links.

Subject Issuer	Validity	Valid
www.opusloans.co.uk GlobalSign RSA OV SSL CA 2018	`2020-09-07` - `2021-10-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.newday.co.uk Sectigo RSA Domain Validation Secure Server CA	`2021-09-02` - `2022-10-02`	a year	crt.sh
fluid.co.uk DigiCert TLS RSA SHA256 2020 CA1	`2021-09-13` - `2022-09-13`	a year	crt.sh
www.aquacard.co.uk GlobalSign Extended Validation CA - SHA256 - G3	`2019-10-21` - `2021-11-20`	2 years	crt.sh
applynow2.marbles.com GlobalSign Extended Validation CA - SHA256 - G3	`2020-04-28` - `2022-06-08`	2 years	crt.sh
www.opuscard.co.uk GlobalSign Extended Validation CA - SHA256 - G3	`2021-07-30` - `2022-08-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.opusloans.co.uk/portal
Frame ID: 62C19739D309420AB7A6EED0CA9258C8
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Thank you for contacting NewDay

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

8
IPs

3
Countries

82 kB
Transfer

111 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request portal Show response
www.opusloans.co.uk/ 27 KB
6 KB 461ms
47ms Document
text/html 52.178.212.17
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.opusloans.co.uk/portal

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.178.212.17 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

17c394ba474abf4b3b5f0f2e36711db6071a3b7f8ccdb7d2768a0392520be079

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: https://dc.services.visualstudio.com https://www.google.com/ https://www.google-analytics.com https://stats.g.doubleclick.net https://o2.mouseflow.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com ajax.googleapis.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/api2/v1559543665173/recaptcha__en.js .visualwebsiteoptimizer.com .typekit.net .vo.msecnd.net www.googletagmanager.com tagmanager.google.com https://cdn.mouseflow.com https://www.googleadservices.com https://.cloudfront.net https://connect.facebook.net https://c5.adalyser.com https://s.yimg.com https://bat.bing.com https://sp.analytics.yahoo.com; style-src * 'self' 'unsafe-inline' ; img-src * ; font-src 'self' data: https://fonts.gstatic.com https://*.typekit.net; object-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.opusloans.co.uk
:scheme: https
:path: /portal
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: private
content-length: 5109
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
request-context: appId=cid-v1:f914376d-6590-4d94-9021-04327b3bace4
access-control-expose-headers: Request-Context
expect-ct: enforce, max-age=86400, report-uri='https://www.pentestpartners.com/report'
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' data: https://dc.services.visualstudio.com https://www.google.com/ https://www.google-analytics.com https://stats.g.doubleclick.net https://o2.mouseflow.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com ajax.googleapis.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/api2/v1559543665173/recaptcha__en.js *.visualwebsiteoptimizer.com *.typekit.net *.vo.msecnd.net www.googletagmanager.com tagmanager.google.com https://cdn.mouseflow.com https://www.googleadservices.com https://*.cloudfront.net https://connect.facebook.net https://c5.adalyser.com https://s.yimg.com https://bat.bing.com https://sp.analytics.yahoo.com; style-src * 'self' 'unsafe-inline' ; img-src * ; font-src 'self' data: https://fonts.gstatic.com https://*.typekit.net; object-src 'self' blob:;
strict-transport-security: max-age=31536000; includeSubDomains
set-cookie: ARRAffinity=dfe204985d60020443d40d713d1edf4d185b36a773d4908315d2271732a6d1f4;Path=/;HttpOnly;Secure;Domain=www.opusloans.co.uk ARRAffinitySameSite=dfe204985d60020443d40d713d1edf4d185b36a773d4908315d2271732a6d1f4;Path=/;HttpOnly;SameSite=None;Secure;Domain=www.opusloans.co.uk
date: Fri, 24 Sep 2021 18:47:48 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 93ms
32ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&display=swap

Requested by

Host: www.opusloans.co.uk
URL: https://www.opusloans.co.uk/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

24d38ffafe555e5e99d87f14a1af8b17f927ae22a16cc632a3efe457fe52d749

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 24 Sep 2021 17:58:51 GMT
server: ESF
date: Fri, 24 Sep 2021 18:47:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Sep 2021 18:47:49 GMT

GET
H/1.1 200
OK nd-logo.svg
www.newday.co.uk/img/ 13 KB
9 KB 325ms
40ms Image
image/svg+xml 13.69.186.152
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newday.co.uk/img/nd-logo.svg

Requested by

Host: www.opusloans.co.uk
URL: https://www.opusloans.co.uk/portal

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.186.152 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ccfb76e4beaf7261c4c35c6993737911a5706e325d9235188ffb5c448b5baa66

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' 'report-sample' 'self' https://careers.static.pageuppeople.com/ https://careers.pageuppeople.com/ https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/api.js https://careers.static.pageuppeople.com/ https://www.youtube.com/ https://ajax.googleapis.com/ https://f.vimeocdn.com/ https://www.youtube.com/iframe_api https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/ https://cc.cdn.civiccomputing.com/ http://cdnjs.cloudflare.com/ajax/libs/ https://tools.eurolandir.com/ https://maps.googleapis.com/ http://s7.addthis.com/js/300/addthis_widget.js z.moatads.com v1.addthisedge.com m.addthis.com tools.euroland.com ajax.aspnetcdn.com; style-src 'report-sample' 'unsafe-inline' 'self' https://fonts.googleapis.com http://hello.myfonts.net; object-src 'none'; base-uri 'self'; connect-src 'self' https://apikeys.civiccomputing.com/ https://clapi.civiccomputing.com/ https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://www.googletagmanager.com/ m.addthis.com; font-src 'self' https://fonts.gstatic.com; frame-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google.com/ https://tools.eurolandir.com/ https://player.vimeo.com/ https://www.youtube.com/ https://my.matterport.com/ s7.addthis.com gamma.euroland.com; img-src 'self' 'unsafe-inline' 'unsafe-eval' https://i.vimeocdn.com/ https://www.googletagmanager.com/a https://www.googletagmanager.com/ https://dashboard.umbraco.org https://www.google-analytics.com/ https://www.google.co.uk/ https://accounts.google.co.uk/ https://maps.googleapis.com https://emperor.works/; manifest-src 'self'; media-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.opusloans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Length: 5386
X-XSS-Protection: 1; mode=block
X-UA-Compatible: ie=edge
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 15 Jun 2021 07:50:00 GMT
Date: Fri, 24 Sep 2021 18:47:48 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, POST
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Permissions-Policy: microphone=(), payment=(), sync-xhr=(self)
ETag: "0c4e0abb61d71:0"
Content-Security-Policy: default-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' 'report-sample' 'self' https://careers.static.pageuppeople.com/ https://careers.pageuppeople.com/ https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/api.js https://careers.static.pageuppeople.com/ https://www.youtube.com/ https://ajax.googleapis.com/ https://f.vimeocdn.com/ https://www.youtube.com/iframe_api https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/ https://cc.cdn.civiccomputing.com/ http://cdnjs.cloudflare.com/ajax/libs/ https://tools.eurolandir.com/ https://maps.googleapis.com/ http://s7.addthis.com/js/300/addthis_widget.js z.moatads.com v1.addthisedge.com m.addthis.com tools.euroland.com ajax.aspnetcdn.com; style-src 'report-sample' 'unsafe-inline' 'self' https://fonts.googleapis.com http://hello.myfonts.net; object-src 'none'; base-uri 'self'; connect-src 'self' https://apikeys.civiccomputing.com/ https://clapi.civiccomputing.com/ https://www.google-analytics.com/ https://stats.g.doubleclick.net/ https://www.googletagmanager.com/ m.addthis.com; font-src 'self' https://fonts.gstatic.com; frame-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google.com/ https://tools.eurolandir.com/ https://player.vimeo.com/ https://www.youtube.com/ https://my.matterport.com/ s7.addthis.com gamma.euroland.com; img-src 'self' 'unsafe-inline' 'unsafe-eval' https://i.vimeocdn.com/ https://www.googletagmanager.com/a https://www.googletagmanager.com/ https://dashboard.umbraco.org https://www.google-analytics.com/ https://www.google.co.uk/ https://accounts.google.co.uk/ https://maps.googleapis.com https://emperor.works/; manifest-src 'self'; media-src 'self';
Accept-Ranges: bytes
Access-Control-Allow-Headers: Authorization

GET
H2 200 fl-logo--purple.svg
fluid.co.uk/homepage-assets/svg/ 11 KB
12 KB 114ms
40ms Image
image/svg+xml 18.133.178.180
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fluid.co.uk/homepage-assets/svg/fl-logo--purple.svg

Requested by

Host: www.opusloans.co.uk
URL: https://www.opusloans.co.uk/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.133.178.180 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-178-180.eu-west-2.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

b4eb79a6b0ac56a4aabcc9f223382db571dec8ffe9cb435bd09b934ea39cb697

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.opusloans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 18:47:49 GMT
etag: W/"2d6e-17bcf3b53e8"
last-modified: Fri, 10 Sep 2021 10:22:57 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 11630

GET
H2 200 aqua-logo.png
www.aquacard.co.uk/assets/img/ 5 KB
5 KB 446ms
13ms Image
image/png 13.107.246.44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aquacard.co.uk/assets/img/aqua-logo.png
Requested by: Host: www.opusloans.co.uk
URL: https://www.opusloans.co.uk/portal
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.246.44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 92043390002b28eca5180788fbec1a5d0888197d211a79216cdf3948bdab75c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.opusloans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 18:47:48 GMT
last-modified: Tue, 27 Jul 2021 20:02:32 GMT
x-azure-ref-originshield: 0kRVMYQAAAADJWEDmk2Q/QYyxZCJuxH6ATE9OMjFFREdFMDExNQAxMWIxNGM2NC0xN2YzLTQ5YmYtOTI2MS1kYjgxNDFmYThlMjM=
etag: "03ca9552283d71:0"
x-azure-ref: 0VR1OYQAAAAChmgUBeSDcQ5iK0dZWg4VYRlJBMzFFREdFMDMxNgAxMWIxNGM2NC0xN2YzLTQ5YmYtOTI2MS1kYjgxNDFmYThlMjM=
x-cache: TCP_HIT
content-type: image/png
access-control-expose-headers: Request-Context
cache-control: public,max-age=604800
accept-ranges: bytes
content-length: 4676
request-context: appId=cid-v1:86253034-5759-4c6e-ba7c-848cc9af4d4a

GET
H2 200 marblesLogo.svg
applynow2.marbles.com/assets/marbles/images/ 3 KB
3 KB 273ms
26ms Image
image/svg+xml 13.107.253.44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://applynow2.marbles.com/assets/marbles/images/marblesLogo.svg

Requested by

Host: www.opusloans.co.uk
URL: https://www.opusloans.co.uk/portal

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.253.44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3c8c7673507621a92863004a3b2686fec2c8c9b3e1578f83ea6acf3836d650da

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https://dev.visualwebsiteoptimizer.com/ https://h.online-metrix.net/ https://www.tag4arm.com https://stats.g.doubleclick.net/ .doubleclick.net https://scontent.marbles.com/ https://dc.services.visualstudio.com https://o2.mouseflow.com https://servedby.flashtalking.com/ https://www.google-analytics.com/ https://s.yimg.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dev.visualwebsiteoptimizer.com/ https://scontent.marbles.com/ https://googleads.g.doubleclick.net/ www.google-analytics.com ajax.googleapis.com .typekit.net .vo.msecnd.net www.googletagmanager.com tagmanager.google.com https://dev.visualwebsiteoptimizer.com https://cdn.mouseflow.com https://www.googleadservices.com https://.cloudfront.net https://connect.facebook.net https://c5.adalyser.com https://s.yimg.com https://bat.bing.com https://sp.analytics.yahoo.com https://www.tag4arm.com https://sc-static.net/scevent.min.js; style-src * 'self' 'unsafe-inline' https://use.fontawesome.com/; img-src * data: ; font-src 'self' data: https://fonts.gstatic.com https://*.typekit.net https://use.fontawesome.com/; object-src 'self' blob: https://scontent.marbles.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.opusloans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https://dev.visualwebsiteoptimizer.com/ https://h.online-metrix.net/ https://www.tag4arm.com https://stats.g.doubleclick.net/ *.doubleclick.net https://scontent.marbles.com/ https://dc.services.visualstudio.com https://o2.mouseflow.com https://servedby.flashtalking.com/ https://www.google-analytics.com/ https://s.yimg.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dev.visualwebsiteoptimizer.com/ https://scontent.marbles.com/ https://googleads.g.doubleclick.net/ www.google-analytics.com ajax.googleapis.com *.typekit.net *.vo.msecnd.net www.googletagmanager.com tagmanager.google.com https://dev.visualwebsiteoptimizer.com https://cdn.mouseflow.com https://www.googleadservices.com https://*.cloudfront.net https://connect.facebook.net https://c5.adalyser.com https://s.yimg.com https://bat.bing.com https://sp.analytics.yahoo.com https://www.tag4arm.com https://sc-static.net/scevent.min.js; style-src * 'self' 'unsafe-inline' https://use.fontawesome.com/; img-src * data: ; font-src 'self' data: https://fonts.gstatic.com https://*.typekit.net https://use.fontawesome.com/; object-src 'self' blob: https://scontent.marbles.com/;
content-encoding: br
x-content-type-options: nosniff
x-cache: TCP_HIT
arr-disable-session-affinity: True
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:86253034-5759-4c6e-ba7c-848cc9af4d4a
last-modified: Tue, 27 Jul 2021 13:10:48 GMT
x-frame-options: SAMEORIGIN
date: Fri, 24 Sep 2021 18:47:48 GMT
expect-ct: max-age=86400, enforce
x-azure-ref: 0VR1OYQAAAADkjYm4Qt+tSqX5zph8vOwiTE9OMjFFREdFMTUyMgA2NjcyMWQ2Mi0zNmUwLTQ4OWQtOGYyYy1kOGRhOTMxZmEwNDc=
content-type: image/svg+xml
cache-control: max-age=3600
etag: "1d782e8d0edf7f0"
accept-ranges: bytes
expires: Fri, 24 Sep 2021 19:24:11 GMT

GET
H2 200 opusLogo.svg
www.opuscard.co.uk/Content/icons_svg/ 4 KB
2 KB 292ms
13ms Image
image/svg+xml 13.107.213.44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.opuscard.co.uk/Content/icons_svg/opusLogo.svg

Requested by

Host: www.opusloans.co.uk
URL: https://www.opusloans.co.uk/portal

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.213.44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

86557b00044abd9a085243266cf6c4b5cdde95a16f4ad32368c451104b451a50

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; media-src * data: ; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.opusloans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; media-src * data: ; frame-src *; style-src * 'unsafe-inline';
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0iYJMYQAAAABJvvIm1qC7SqL73WPf4dfuTE9OMjFFREdFMTUwOABmOTcyN2QyYy0wMzFjLTQ5MGYtYTE1Yi03YjI5Zjg5NWZlNDU=
x-cache: TCP_HIT
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:86253034-5759-4c6e-ba7c-848cc9af4d4a
last-modified: Mon, 28 Jun 2021 11:41:56 GMT
x-frame-options: SAMEORIGIN
date: Fri, 24 Sep 2021 18:47:48 GMT
expect-ct: enforce, max-age=86400
x-azure-ref: 0VR1OYQAAAADa+mNm6KOER757qnPRCDTpRlJBMzFFREdFMDMxNwBmOTcyN2QyYy0wMzFjLTQ5MGYtYTE1Yi03YjI5Zjg5NWZlNDU=
content-type: image/svg+xml
access-control-expose-headers: Request-Context
etag: "09ad498126cd71:0"
accept-ranges: bytes

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 44 KB
44 KB 59ms
17ms Font
font/woff2 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.163 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f3.1e100.net

Software

sffe /

Resource Hash

538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.opusloans.co.uk
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 17:03:52 GMT
x-content-type-options: nosniff
age: 92637
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44760
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:50:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 23 Sep 2022 17:03:52 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.opusloans.co.uk/	1969-12-31 23:59:59	Name: ARRAffinity Value: dfe204985d60020443d40d713d1edf4d185b36a773d4908315d2271732a6d1f4
.www.opusloans.co.uk/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: dfe204985d60020443d40d713d1edf4d185b36a773d4908315d2271732a6d1f4
.www.newday.co.uk/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 09be55cd51ee9108c04b37a8af553f04ab6f2f5539d11946eabd62c3e6b83398

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.opusloans.co.uk/portal(Line 10) Message: Refused to load the image 'data:image/x-icon;base64,AAABAAMAEBAAAAEAIABoBAAANgAAACAgAAABACAAqBAAAJ4EAAAwMAAAAQAgAKglAABGFQAAKAAAABAAAAAgAAAAAQAgAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA...////8AAP///////wAA////////AAD///////8AAP///////wAA////////AAD///////8AAP///////wAA////////AAD///////8AAP///////wAA////////AAD///////8AAP///////wAA////////AAD///////8AAP///////wAA////////AAD///////8AAP///////wAA/8AAAAP/AAD//v/gf/8AAP/+/8F//wAA//7/w3//AAD//v+Df/8AAP/+/wd//wAA//7+D3//AAD//vwff/8AAP/++D9//wAA//7wf3//AAD//vD/f/8AAP/+4P9//wAA//7B/3//AAD//oP/f/8AAP/+B/9//wAA//4P/3//AAD//B/+P/8AAP/wP/gP/wAA////////AAD///////8AAP///////wAA////////AAD///////8AAP///////wAA////////AAD///////8AAP///////wAA////////AAA=' because it violates the following Content Security Policy directive: "img-src *".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' data: https://dc.services.visualstudio.com https://www.google.com/ https://www.google-analytics.com https://stats.g.doubleclick.net https://o2.mouseflow.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com ajax.googleapis.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/api2/v1559543665173/recaptcha__en.js .visualwebsiteoptimizer.com .typekit.net .vo.msecnd.net www.googletagmanager.com tagmanager.google.com https://cdn.mouseflow.com https://www.googleadservices.com https://.cloudfront.net https://connect.facebook.net https://c5.adalyser.com https://s.yimg.com https://bat.bing.com https://sp.analytics.yahoo.com; style-src * 'self' 'unsafe-inline' ; img-src * ; font-src 'self' data: https://fonts.gstatic.com https://*.typekit.net; object-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

applynow2.marbles.com
fluid.co.uk
fonts.googleapis.com
fonts.gstatic.com
www.aquacard.co.uk
www.newday.co.uk
www.opuscard.co.uk
www.opusloans.co.uk
13.107.213.44
13.107.246.44
13.107.253.44
13.69.186.152
142.250.186.170
18.133.178.180
216.58.212.163
52.178.212.17
17c394ba474abf4b3b5f0f2e36711db6071a3b7f8ccdb7d2768a0392520be079
24d38ffafe555e5e99d87f14a1af8b17f927ae22a16cc632a3efe457fe52d749
3c8c7673507621a92863004a3b2686fec2c8c9b3e1578f83ea6acf3836d650da
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
86557b00044abd9a085243266cf6c4b5cdde95a16f4ad32368c451104b451a50
92043390002b28eca5180788fbec1a5d0888197d211a79216cdf3948bdab75c2
b4eb79a6b0ac56a4aabcc9f223382db571dec8ffe9cb435bd09b934ea39cb697
ccfb76e4beaf7261c4c35c6993737911a5706e325d9235188ffb5c448b5baa66

www.opusloans.co.uk Open in urlscan Pro 52.178.212.17 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

8 Requests

100 %HTTPS

0 %IPv6

8 Domains

8 Subdomains

8 IPs

3 Countries

82 kBTransfer

111 kBSize

3 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

3 Cookies

1 Console Messages

Security Headers

Indicators

www.opusloans.co.uk Open in urlscan Pro
52.178.212.17 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

8
IPs

3
Countries

82 kB
Transfer

111 kB
Size

3
Cookies

8 HTTP transactions
0 data transactions