safeloan.com Open in urlscan Pro
167.114.44.90 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://safeloan.com/
Submission: On February 22 via automatic, source certstream-suspicious (February 22nd 2020, 8:33:10 pm UTC)

Summary HTTP 32 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 32 HTTP transactions. The main IP is 167.114.44.90, located in Montreal, Canada and belongs to OVH, FR. The main domain is safeloan.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 22nd 2019. Valid for: 2 years.

This is the only time safeloan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
27	167.114.44.90 167.114.44.90		16276 (OVH) (OVH)
1	68.178.177.8 68.178.177.8		26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
2	2a00:1450:400... 2a00:1450:4001:816::2008		15169 (GOOGLE) (GOOGLE)
1 3	18.222.31.159 18.222.31.159		16509 (AMAZON-02) (AMAZON-02)
32	4

27 167.114.44.90 (Montreal, Canada)

ASN16276 (OVH, FR)

safeloan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.178.177.8 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: seal.godaddy.com

seal.godaddy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.222.31.159 (Columbus, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-222-31-159.us-east-2.compute.amazonaws.com

fast.gotlivechat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	safeloan.com safeloan.com	1 MB
3	gotlivechat.com 1 redirects fast.gotlivechat.com	909 B
2	google-analytics.com ssl.google-analytics.com	17 KB
1	godaddy.com seal.godaddy.com	301 B
32	4

	Domain	Requested by
27	safeloan.com	safeloan.com
3	fast.gotlivechat.com	1 redirects safeloan.com
2	ssl.google-analytics.com	safeloan.com
1	seal.godaddy.com	safeloan.com
32	4

This site contains no links.

Subject Issuer	Validity	Valid
*.safeloan.com Go Daddy Secure Certificate Authority - G2	`2019-12-22` - `2022-02-20`	2 years	crt.sh
seal.godaddy.com Go Daddy Secure Certificate Authority - G2	`2018-09-12` - `2020-09-12`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
www.gotlivechat.com Sectigo RSA Domain Validation Secure Server CA	`2019-05-08` - `2020-06-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://safeloan.com/
Frame ID: 878AB0B8273F3C809741D556549D4AB1
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
html /<input[^>]+name="__VIEWSTATE/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
html /<input[^>]+name="__VIEWSTATE/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

32
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

1170 kB
Transfer

1669 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://fast.gotlivechat.com/ajax/ HTTP 302
https://fast.gotlivechat.com/__G_Login.asp

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
safeloan.com/ 30 KB
31 KB 679ms
212ms Document
text/html 167.114.44.90
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://safeloan.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.114.44.90 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c3dfa0f3f49237a406dd72c1364ccb302549113daa52448ca6d7c921912a2192

Request headers

Host: safeloan.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest: document

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Sat, 22 Feb 2020 20:32:53 GMT
Content-Length: 31157

GET
H/1.1 200
OK styles.css
safeloan.com/ 7 KB
7 KB 160ms
126ms Stylesheet
text/css 167.114.44.90
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://safeloan.com/styles.css
Requested by: Host: safeloan.com
URL: https://safeloan.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.114.44.90 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: eb047f227987f44f67dca0b637a3cab2617ae329c73abee0a7b0b4a386aa5f2b

Request headers

Referer: https://safeloan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest: style

Response headers

Date: Sat, 22 Feb 2020 20:32:53 GMT
Last-Modified: Tue, 09 Aug 2016 07:27:13 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "2944a672ff2d11:0"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 7425

GET
H/1.1 200
OK jquery-1.8.2.js Show response
safeloan.com/js/ 259 KB
259 KB 249ms
120ms Script
application/javascript 167.114.44.90
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://safeloan.com/js/jquery-1.8.2.js
Requested by: Host: safeloan.com
URL: https://safeloan.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.114.44.90 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: cfa69516375e27e56519cae71f28818e0e52515b70e705a600d1db459998335a

Request headers

Referer: https://safeloan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest: script

Response headers

Date: Sat, 22 Feb 2020 20:32:53 GMT
Last-Modified: Mon, 06 Jun 2016 10:37:17 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "ab638e65dfbfd11:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 265218

GET
H/1.1 200
OK WebResource.axd Show response
safeloan.com/ 22 KB
22 KB 556ms
337ms Script
application/x-javascript 167.114.44.90
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://safeloan.com/WebResource.axd?d=2UaUPfm1-i12JzaFbC7PafJrENoUlYHmUV0S2lZr5AzaazpWEOBfv8T6oxyHloS2ESxJiXeqPCOUfSdvryiKyEMwh0Oblf9w-o57J-ORHTE1&t=635792847671809273
Requested by: Host: safeloan.com
URL: https://safeloan.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.114.44.90 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1d1532c6ed3f42083f24c27b1971aa59ef6bfe07b4126d4666f319e43d011054

Request headers

Referer: https://safeloan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest: script

Response headers

Date: Sat, 22 Feb 2020 20:32:53 GMT
Last-Modified: Thu, 01 Oct 2015 13:26:07 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/x-javascript
Cache-Control: public
Content-Length: 22346
Expires: Sun, 21 Feb 2021 20:32:53 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
safeloan.com/ 26 KB
6 KB 461ms
240ms Script
application/x-javascript 167.114.44.90
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://safeloan.com/ScriptResource.axd?d=JYT6FBsMeJKXqYWdzH2F7sYasmSCFB94S5I5wTvn8OM5YOwkq_ERByoL6Fj4ubhKnNpJ9YtXLpS4t3QI5UaSgxM3vWDjfDGGFqHcJmEKHZo3NNVgZZYyiCgCu0gnWBiK1-mG3U1qm-Q6Chsyxd-LOkUvuinPp7BpGnm05D7HxEY1&t=fffffffffa488f4d
Requested by: Host: safeloan.com
URL: https://safeloan.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.114.44.90 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192

Request headers

Referer: https://safeloan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest: script

Response headers

Date: Sat, 22 Feb 2020 20:32:53 GMT
Content-Encoding: gzip
Last-Modified: Sat, 22 Feb 2020 20:32:53 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/x-javascript
Cache-Control: public
Content-Length: 5479
Expires: Sun, 21 Feb 2021 20:32:53 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
safeloan.com/ 349 KB
60 KB 558ms
336ms Script
application/x-javascript 167.114.44.90
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://safeloan.com/ScriptResource.axd?d=OEv1qbAT3nTmY03GFgJwkHzdIgpmJe_X-TFqqeBnfRfMV5a6GEHeEnhEAtNtOEVlt_wi8Vh4ttgeEYDQvxUpcTXTH965GKSEw1akOUpDEfME7yxlWtRaoudkxPsLbJomobIS_j5ejcHoq6zGQj9W7A2&t=f2cd5c5
Requested by: Host: safeloan.com
URL: https://safeloan.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.114.44.90 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a3da595a18608a96f88ebe49fbd1cc069c8a0036e15c552f15e255ab1f04d641

Request headers

Referer: https://safeloan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest: script

Response headers

Date: Sat, 22 Feb 2020 20:32:53 GMT
Content-Encoding: gzip
Last-Modified: Sat, 22 Feb 2020 20:32:53 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/x-javascript
Cache-Control: public
Content-Length: 61178
Expires: Sun, 21 Feb 2021 20:32:53 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
safeloan.com/ 93 KB
15 KB 557ms
335ms Script
application/x-javascript 167.114.44.90
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://safeloan.com/ScriptResource.axd?d=4-72z3S3UfdzLUs0vDM_c669FlYpFpwhQ5LYeLpLRdIScCvaSTuE24gFnU9MPOVYMmaxHsQ6CKKkt5tHTPosO-LRXdvCt3pHdnQqv-cv8hZJy1cT4zq6qEeoQuejWX26Dk1oQ6kOyYtyFb22CrEQOA2&t=f2cd5c5
Requested by: Host: safeloan.com
URL: https://safeloan.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.114.44.90 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e04e5b43fd674498e68a5d38f3bd495af34082bdabc13d4565eff8b3e007fe31

Request headers

Referer: https://safeloan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest: script

Response headers

Date: Sat, 22 Feb 2020 20:32:53 GMT
Content-Encoding: gzip
Last-Modified: Sat, 22 Feb 2020 20:32:53 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/x-javascript
Cache-Control: public
Content-Length: 15230
Expires: Sun, 21 Feb 2021 20:32:53 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
safeloan.com/ 62 KB
11 KB 557ms
333ms Script
text/javascript 167.114.44.90
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://safeloan.com/ScriptResource.axd?d=fBCpprlQ1hdX8ND7HDZnV1WTrrGutyTsydQ5FNFYqgcyHnIedFhaengV1_99bjL7fENQHL9zX9g0KKtH1x03KNDNEfhYmw1PQPKTMxJhhE1IKbhbGPA4lNLd5lJ_ucd4hquApRoqs4SWiJfPMath4A2&t=f2cd5c5
Requested by: Host: safeloan.com
URL: https://safeloan.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.114.44.90 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 024019cbc00e19f5bb15538f838780c835219fa0e1fbd002fc7995d805614357

Request headers

Referer: https://safeloan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest: script

Response headers

Date: Sat, 22 Feb 2020 20:32:53 GMT
Content-Encoding: gzip
Last-Modified: Sat, 22 Feb 2020 20:32:53 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/javascript
Cache-Control: public
Content-Length: 10949
Expires: Sun, 21 Feb 2021 20:32:53 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
safeloan.com/ 31 KB
7 KB 576ms
115ms Script
text/javascript 167.114.44.90
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://safeloan.com/ScriptResource.axd?d=yF51C3d4FpRhnP7SXJLR8Mp_EUe-jgnSAkqLj6guN6_lo-ZDSwSDoeTNDtE6J5XZijSloBBJEobYFdzlbJhg5XiUuHEprcHykW6J6u7CR63UOnsN2BUVGG2PqaVAk5qZDFOOcV2ccZt7D8fOzDI3OA2&t=f2cd5c5
Requested by: Host: safeloan.com
URL: https://safeloan.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.114.44.90 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4a13dddb3975d7f233788a7c0e9844a740a473f8a360f06ef97209094bf8fb3c

Request headers

Referer: https://safeloan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest: script

Response headers

Date: Sat, 22 Feb 2020 20:32:53 GMT
Content-Encoding: gzip
Last-Modified: Sat, 22 Feb 2020 20:32:53 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/javascript
Cache-Control: public
Content-Length: 6939
Expires: Sun, 21 Feb 2021 20:32:53 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
safeloan.com/ 18 KB
4 KB 638ms
112ms Script
text/javascript 167.114.44.90
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://safeloan.com/ScriptResource.axd?d=iNPVyJZuYeaCvnqJacyYRYJYVtlVwgemHxX1aJ9TvlAPViz7oRERTJfG96_xEDsUU2edB3gzr0dBmxTrFh_9yFE2d5jcRDAGM6o-5SWQZzyV3AIu_DHPoYKv5PIhmuPqJs_ZE3MQv0edrdtdKmIMjH_cF7vx6H01BDBZZw3Pk9k1&t=f2cd5c5
Requested by: Host: safeloan.com
URL: https://safeloan.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.114.44.90 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: be28d635f7b83fc6e4128e07eeaa3f681f49577d4fd652c32eec062b5ba02b4b

Request headers

Referer: https://safeloan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest: script

Response headers

Date: Sat, 22 Feb 2020 20:32:53 GMT
Content-Encoding: gzip
Last-Modified: Sat, 22 Feb 2020 20:32:53 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/javascript
Cache-Control: public
Content-Length: 3581
Expires: Sun, 21 Feb 2021 20:32:53 GMT

GET
H/1.1 200
OK Image2.png
safeloan.com/imgs/ 123 KB
123 KB 134ms
134ms Image
image/png 167.114.44.90
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safeloan.com/imgs/Image2.png
Requested by: Host: safeloan.com
URL: https://safeloan.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.114.44.90 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 6ad27fb5ca0a4201b42b732570fc4069d1453ea22aa0762de0bc7359fb757e46

Request headers

Referer: https://safeloan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest: image

Response headers

Date: Sat, 22 Feb 2020 20:32:53 GMT
Last-Modified: Mon, 06 Jun 2016 10:37:23 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "21a3569dfbfd11:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 125734

GET
H/1.1 200
OK Image3.png
safeloan.com/imgs/ 117 KB
117 KB 225ms
224ms Image
image/png 167.114.44.90
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safeloan.com/imgs/Image3.png
Requested by: Host: safeloan.com
URL: https://safeloan.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.114.44.90 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4b0ea7c13a30748f2fe1f4dd9fc28c408e5273d17d710550c21d291873e8733d

Request headers

Referer: https://safeloan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest: image

Response headers

Date: Sat, 22 Feb 2020 20:32:53 GMT
Last-Modified: Mon, 06 Jun 2016 10:37:23 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "5fcf3969dfbfd11:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 119943

GET
H/1.1 200
OK Image14.png
safeloan.com/imgs/ 57 KB
57 KB 117ms
117ms Image
image/png 167.114.44.90
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safeloan.com/imgs/Image14.png
Requested by: Host: safeloan.com
URL: https://safeloan.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.114.44.90 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 357e7bedbf088ce0d507b32a0e67483d14c13ef11687ddf807aa7d429096f70f

Request headers

Referer: https://safeloan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest: image

Response headers

Date: Sat, 22 Feb 2020 20:32:53 GMT
Last-Modified: Mon, 06 Jun 2016 10:37:23 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "c4305b69dfbfd11:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 58168

GET
H/1.1 200
OK image13.png
safeloan.com/imgs/ 112 KB
112 KB 123ms
123ms Image
image/png 167.114.44.90
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safeloan.com/imgs/image13.png
Requested by: Host: safeloan.com
URL: https://safeloan.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.114.44.90 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 84fcd2ecc0606c85802109450027e02cb6253c36fea2056d6f6da3c3953db3da

Request headers

Referer: https://safeloan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest: image

Response headers

Date: Sat, 22 Feb 2020 20:32:53 GMT
Last-Modified: Mon, 06 Jun 2016 10:37:23 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "55ce5869dfbfd11:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 114842

GET
H/1.1 204
No Content getSeal Show response
seal.godaddy.com/ 0
301 B 753ms
196ms Script
text/plain 68.178.177.8
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://seal.godaddy.com/getSeal?sealID=G5Yjmw7CYV9yk98fHDOJ7J0HTeM4uMFYLxkPYziVBJCByB5QPyZ4U50

Requested by

Host: safeloan.com
URL: https://safeloan.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

68.178.177.8 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

seal.godaddy.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://safeloan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest: script

Response headers

Date: Sat, 22 Feb 2020 20:32:54 GMT
Server: Apache
Connection: Keep-Alive
Content-Type: text/plain; charset=UTF-8
Keep-Alive: timeout=2, max=100
X-Frame-Options: SAMEORIGIN
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: safeloan.com
URL: https://safeloan.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://safeloan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 1425
date: Sat, 22 Feb 2020 20:09:08 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17168
expires: Sat, 22 Feb 2020 22:09:08 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
101 B 13ms
13ms Image
image/gif 2a00:1450:4001:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1762036718&utmhn=safeloan.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Payday%20Loan%20Online%20Application%20%E2%80%93%20Get%20Cash%20Today%20%7C%20SAFELOAN&utmhid=1326016802&utmr=-&utmp=%2F&utmht=1582403573405&utmac=UA-41146700-1&utmcc=__utma%3D231538077.1069947674.1582403573.1582403573.1582403573.1%3B%2B__utmz%3D231538077.1582403573.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1364889181&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: safeloan.com
URL: https://safeloan.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://safeloan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 22 Feb 2020 20:32:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK header-bg.png
safeloan.com/imgs/ 3 KB
3 KB 124ms
123ms Image
image/png 167.114.44.90
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safeloan.com/imgs/header-bg.png
Requested by: Host: safeloan.com
URL: https://safeloan.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.114.44.90 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b599a2cc76b73419867e41ba450ddba46aa288d94a5871070ef2235b37b9e249

Request headers

Referer: https://safeloan.com/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest: image

Response headers

Date: Sat, 22 Feb 2020 20:32:54 GMT
Last-Modified: Mon, 06 Jun 2016 10:37:23 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "b61d4869dfbfd11:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2898

GET
H/1.1 200
OK left-nav.png
safeloan.com/imgs/ 4 KB
4 KB 126ms
126ms Image
image/png 167.114.44.90
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safeloan.com/imgs/left-nav.png
Requested by: Host: safeloan.com
URL: https://safeloan.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.114.44.90 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ce64a0539ba4c76031741542a88d881134bcc9ae379591252d96540c7fd0fbfa

Request headers

Referer: https://safeloan.com/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest: image

Response headers

Date: Sat, 22 Feb 2020 20:32:54 GMT
Last-Modified: Mon, 06 Jun 2016 10:37:23 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "49f64069dfbfd11:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3636

GET
H/1.1 200
OK mid-nav.png
safeloan.com/imgs/ 3 KB
3 KB 117ms
116ms Image
image/png 167.114.44.90
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safeloan.com/imgs/mid-nav.png
Requested by: Host: safeloan.com
URL: https://safeloan.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.114.44.90 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: cd58f426a2e7470d05d60ec7299c1107768963bf2e484dbdfb60f403630494e8

Request headers

Referer: https://safeloan.com/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest: image

Response headers

Date: Sat, 22 Feb 2020 20:32:54 GMT
Last-Modified: Mon, 06 Jun 2016 10:37:23 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "dba6469dfbfd11:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2838

GET
H/1.1 200
OK right-nav.png
safeloan.com/imgs/ 4 KB
4 KB 347ms
122ms Image
image/png 167.114.44.90
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safeloan.com/imgs/right-nav.png
Requested by: Host: safeloan.com
URL: https://safeloan.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.114.44.90 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 10c922b4582af4e7a820b498fb00dedeb5b2d086f62618252b997320ff55a1f6

Request headers

Referer: https://safeloan.com/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest: image

Response headers

Date: Sat, 22 Feb 2020 20:32:54 GMT
Last-Modified: Mon, 06 Jun 2016 10:37:23 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "aa941f69dfbfd11:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3634

GET
H/1.1 200
OK header-img.png
safeloan.com/imgs/ 15 KB
16 KB 354ms
126ms Image
image/png 167.114.44.90
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safeloan.com/imgs/header-img.png
Requested by: Host: safeloan.com
URL: https://safeloan.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.114.44.90 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 823b35576ea25b3323da93c3d442a9b3c518cc1bb599ed0e0fdd18ec27e7b021

Request headers

Referer: https://safeloan.com/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest: image

Response headers

Date: Sat, 22 Feb 2020 20:32:54 GMT
Last-Modified: Fri, 05 Aug 2016 06:21:28 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "fe35a199e1eed11:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 15865

GET
H/1.1 200
OK page-bg.png
safeloan.com/imgs/ 27 KB
27 KB 225ms
112ms Image
image/png 167.114.44.90
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safeloan.com/imgs/page-bg.png
Requested by: Host: safeloan.com
URL: https://safeloan.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.114.44.90 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9ed91e4841e29ae2f546e293158f07ce2f411ffada17c2ecd4b77a3cb36e0fa1

Request headers

Referer: https://safeloan.com/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest: image

Response headers

Date: Sat, 22 Feb 2020 20:32:54 GMT
Last-Modified: Mon, 06 Jun 2016 10:37:23 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "6e592469dfbfd11:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 27609

GET
H/1.1 200
OK Officina%20Sans%20ITC%20Book.woff
safeloan.com/fonts/ 39 KB
40 KB 224ms
120ms Font
font/x-woff 167.114.44.90
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://safeloan.com/fonts/Officina%20Sans%20ITC%20Book.woff
Requested by: Host: safeloan.com
URL: https://safeloan.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.114.44.90 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 707e74aaa3736777c3d3c19709d80d106581b3dc56b8797c4baf6e12ee9c9e3c

Request headers

Referer: https://safeloan.com/styles.css
Origin: https://safeloan.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50

Response headers

Date: Sat, 22 Feb 2020 20:32:54 GMT
Last-Modified: Thu, 09 Oct 2014 12:41:23 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "cdaab055bee3cf1:0"
Content-Type: font/x-woff
Accept-Ranges: bytes
Content-Length: 40436

GET
H/1.1 200
OK colorstrip.png
safeloan.com/imgs/ 676 B
921 B 338ms
116ms Image
image/png 167.114.44.90
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safeloan.com/imgs/colorstrip.png
Requested by: Host: safeloan.com
URL: https://safeloan.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.114.44.90 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 749512f94b8622018d40d28ef5224374a8c424be6fd8e76411a55a830400dba0

Request headers

Referer: https://safeloan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest: image

Response headers

Date: Sat, 22 Feb 2020 20:32:54 GMT
Last-Modified: Mon, 13 May 2013 18:33:34 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "053f25f850ce1:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 676

GET
H/1.1 200
OK Tabatha-Testimonial.PNG
safeloan.com/imgs/ 55 KB
55 KB 316ms
118ms Image
image/png 167.114.44.90
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safeloan.com/imgs/Tabatha-Testimonial.PNG
Requested by: Host: safeloan.com
URL: https://safeloan.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.114.44.90 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0f2c006031040a49a266d0ed7dccae7bc47ecb29e31465214344258924d248dc

Request headers

Referer: https://safeloan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest: image

Response headers

Date: Sat, 22 Feb 2020 20:32:54 GMT
Last-Modified: Thu, 09 May 2013 21:02:54 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0d3de92f84cce1:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 55998

GET
H/1.1 200
OK Samuel-Testimonial.PNG
safeloan.com/imgs/ 47 KB
47 KB 369ms
122ms Image
image/png 167.114.44.90
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safeloan.com/imgs/Samuel-Testimonial.PNG
Requested by: Host: safeloan.com
URL: https://safeloan.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.114.44.90 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 2f3ea6e67e504385e558e255709547f26831ae1d5bd18352deee5d7983d84b9f

Request headers

Referer: https://safeloan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest: image

Response headers

Date: Sat, 22 Feb 2020 20:32:54 GMT
Last-Modified: Sat, 11 May 2013 18:30:26 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "04d109b754ece1:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 47867

GET
H/1.1 200
OK Tommy-Testimonial.PNG
safeloan.com/imgs/ 49 KB
49 KB 236ms
120ms Image
image/png 167.114.44.90
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safeloan.com/imgs/Tommy-Testimonial.PNG
Requested by: Host: safeloan.com
URL: https://safeloan.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.114.44.90 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 73a0f6a84a4bd8c87d47cc94ce5e19371afe0d6e1378403eb6a143791cbad79e

Request headers

Referer: https://safeloan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest: image

Response headers

Date: Sat, 22 Feb 2020 20:32:54 GMT
Last-Modified: Thu, 09 May 2013 21:05:32 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0b6bf1f84cce1:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 49921

GET
H/1.1 200
OK Officina%20Sans%20ITC%20Bold.woff
safeloan.com/fonts/ 35 KB
35 KB 233ms
118ms Font
font/x-woff 167.114.44.90
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://safeloan.com/fonts/Officina%20Sans%20ITC%20Bold.woff
Requested by: Host: safeloan.com
URL: https://safeloan.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.114.44.90 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0d7a2b0c2cde479f66c27e91eca9a3f41fb2b655aa5ec41e697fa279e603aec3

Request headers

Referer: https://safeloan.com/styles.css
Origin: https://safeloan.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50

Response headers

Date: Sat, 22 Feb 2020 20:32:54 GMT
Last-Modified: Thu, 09 Oct 2014 12:41:23 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "12efab55bee3cf1:0"
Content-Type: font/x-woff
Accept-Ranges: bytes
Content-Length: 35948

GET
H/1.1 200
OK Officina%20Serif%20ITC%20Bold.woff
safeloan.com/fonts/ 36 KB
36 KB 232ms
114ms Font
font/x-woff 167.114.44.90
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://safeloan.com/fonts/Officina%20Serif%20ITC%20Bold.woff
Requested by: Host: safeloan.com
URL: https://safeloan.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 167.114.44.90 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e2f1f2b0af30f35afe9e886a8f72b9bb88801a705745d36338504dec8f0399f7

Request headers

Referer: https://safeloan.com/styles.css
Origin: https://safeloan.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50

Response headers

Date: Sat, 22 Feb 2020 20:32:54 GMT
Last-Modified: Thu, 09 Oct 2014 12:41:23 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "7c60ae55bee3cf1:0"
Content-Type: font/x-woff
Accept-Ranges: bytes
Content-Length: 36408

GET
H2 200 DOMserverv2.asp Show response
fast.gotlivechat.com/ajax/ 578 B
813 B 416ms
143ms Script
text/html 18.222.31.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.gotlivechat.com/ajax/DOMserverv2.asp?actx=n&widx=1649&didx=0
Requested by: Host: safeloan.com
URL: https://safeloan.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.222.31.159 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-222-31-159.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 28108eb89c725c57e2a65cc358e21e84c5f52c89449178723a4715d96312d374

Request headers

Referer: https://safeloan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest: script

Response headers

date: Sat, 22 Feb 2020 20:32:54 GMT
server: Microsoft-IIS/10.0
p3p: CP=CAO PSA OUR
status: 200
cache-control: private
content-type: text/html; Charset=utf-8
content-length: 578
expires: Sat, 22 Feb 2020 20:31:54 GMT

GET
H2

404

__G_Login.asp
fast.gotlivechat.com/
Redirect Chain

https://fast.gotlivechat.com/ajax/
https://fast.gotlivechat.com/__G_Login.asp

0
0

120ms
119ms

Image
text/html

18.222.31.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fast.gotlivechat.com/__G_Login.asp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.222.31.159 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-222-31-159.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://safeloan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50

Response headers

Redirect headers

status: 302
date: Sat, 22 Feb 2020 20:32:54 GMT
cache-control: private
server: Microsoft-IIS/10.0
content-length: 135
location: /__G_Login.asp
content-type: text/html

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| slideSwitch object| _gaq object| theForm function| __doPostBack object| _gat object| gaGlobal function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY string| Page_ValidationVer boolean| Page_IsValid boolean| Page_BlockSubmit object| Page_InvalidControlToBeFocused object| Page_TextTypes function| ValidatorUpdateDisplay function| ValidatorUpdateIsValid function| AllValidatorsValid function| ValidatorHookupControlID function| ValidatorHookupControl function| ValidatorHookupEvent function| ValidatorGetValue function| ValidatorGetValueRecursive function| Page_ClientValidate function| ValidatorCommonOnSubmit function| ValidatorEnable function| ValidatorOnChange function| ValidatedTextBoxOnKeyPress function| ValidatedControlOnBlur function| ValidatorValidate function| ValidatorSetFocus function| IsInVisibleContainer function| IsValidationGroupMatch function| ValidatorOnLoad function| ValidatorConvert function| ValidatorCompare function| CompareValidatorEvaluateIsValid function| CustomValidatorEvaluateIsValid function| RegularExpressionValidatorEvaluateIsValid function| ValidatorTrim function| RequiredFieldValidatorEvaluateIsValid function| RangeValidatorEvaluateIsValid function| ValidationSummaryOnSubmit function| $get function| $create function| $addHandler function| $addHandlers function| $clearHandlers object| Sys function| Type function| $removeHandler object| _events function| $find object| $common object| CommonToolkitScripts function| WebForm_OnSubmit object| Page_ValidationSummaries object| Page_Validators object| req_zip object| rxvCustZip object| req_fstname object| reg_txtname object| req_lastname object| reg_lastname object| req_emailaddress object| rxfCustEmail object| valSum object| req_email object| reg_email object| req_ssn object| ValSumary boolean| Page_ValidationActive function| ValidatorOnSubmit function| Gjs object| theButton object| theDiv

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.safeloan.com/	1970-01-19 07:33:25	Name: __utmb Value: 231538077.1.10.1582403573
			.safeloan.com/	1970-01-19 07:33:24	Name: __utmt Value: 1
			.safeloan.com/	1970-01-19 11:56:11	Name: __utmz Value: 231538077.1582403573.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
			.safeloan.com/	1969-12-31 23:59:59	Name: __utmc Value: 231538077
			.safeloan.com/	1970-01-20 01:04:35	Name: __utma Value: 231538077.1069947674.1582403573.1582403573.1582403573.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fast.gotlivechat.com
safeloan.com
seal.godaddy.com
ssl.google-analytics.com
167.114.44.90
18.222.31.159
2a00:1450:4001:816::2008
68.178.177.8
024019cbc00e19f5bb15538f838780c835219fa0e1fbd002fc7995d805614357
0d7a2b0c2cde479f66c27e91eca9a3f41fb2b655aa5ec41e697fa279e603aec3
0f2c006031040a49a266d0ed7dccae7bc47ecb29e31465214344258924d248dc
10c922b4582af4e7a820b498fb00dedeb5b2d086f62618252b997320ff55a1f6
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1d1532c6ed3f42083f24c27b1971aa59ef6bfe07b4126d4666f319e43d011054
28108eb89c725c57e2a65cc358e21e84c5f52c89449178723a4715d96312d374
2f3ea6e67e504385e558e255709547f26831ae1d5bd18352deee5d7983d84b9f
357e7bedbf088ce0d507b32a0e67483d14c13ef11687ddf807aa7d429096f70f
4a13dddb3975d7f233788a7c0e9844a740a473f8a360f06ef97209094bf8fb3c
4b0ea7c13a30748f2fe1f4dd9fc28c408e5273d17d710550c21d291873e8733d
6ad27fb5ca0a4201b42b732570fc4069d1453ea22aa0762de0bc7359fb757e46
707e74aaa3736777c3d3c19709d80d106581b3dc56b8797c4baf6e12ee9c9e3c
73a0f6a84a4bd8c87d47cc94ce5e19371afe0d6e1378403eb6a143791cbad79e
749512f94b8622018d40d28ef5224374a8c424be6fd8e76411a55a830400dba0
823b35576ea25b3323da93c3d442a9b3c518cc1bb599ed0e0fdd18ec27e7b021
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84fcd2ecc0606c85802109450027e02cb6253c36fea2056d6f6da3c3953db3da
9ed91e4841e29ae2f546e293158f07ce2f411ffada17c2ecd4b77a3cb36e0fa1
a3da595a18608a96f88ebe49fbd1cc069c8a0036e15c552f15e255ab1f04d641
b599a2cc76b73419867e41ba450ddba46aa288d94a5871070ef2235b37b9e249
be28d635f7b83fc6e4128e07eeaa3f681f49577d4fd652c32eec062b5ba02b4b
c3dfa0f3f49237a406dd72c1364ccb302549113daa52448ca6d7c921912a2192
cd58f426a2e7470d05d60ec7299c1107768963bf2e484dbdfb60f403630494e8
ce64a0539ba4c76031741542a88d881134bcc9ae379591252d96540c7fd0fbfa
cfa69516375e27e56519cae71f28818e0e52515b70e705a600d1db459998335a
e04e5b43fd674498e68a5d38f3bd495af34082bdabc13d4565eff8b3e007fe31
e2f1f2b0af30f35afe9e886a8f72b9bb88801a705745d36338504dec8f0399f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb047f227987f44f67dca0b637a3cab2617ae329c73abee0a7b0b4a386aa5f2b
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192