app.galtcredit.com Open in urlscan Pro
3.18.164.151 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://app.galtcredit.com/
Effective URL:
https://app.galtcredit.com/login
Submission: On August 25 via automatic, source certstream-suspicious (August 25th 2024, 7:23:24 am UTC) — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 6 domains to perform 13 HTTP transactions. The main IP is 3.18.164.151, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is app.galtcredit.com.
TLS certificate: Issued by E5 on August 23rd 2024. Valid for: 3 months.

This is the only time app.galtcredit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	3.18.164.151 3.18.164.151	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:ba1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3038::6815:eaea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.5.131.121 3.5.131.121	16509 (AMAZON-02) (AMAZON-02)
2	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
13	6

6 3.18.164.151 (Columbus, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-18-164-151.us-east-2.compute.amazonaws.com

app.galtcredit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:eaea (United States)

ASN13335 (CLOUDFLARENET, US)

rsms.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.5.131.121 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com

totality-lyc-media.s3.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	galtcredit.com 1 redirects app.galtcredit.com	290 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	148 KB
2	bugsnag.com sessions.bugsnag.com — Cisco Umbrella Rank: 981	88 B
1	amazonaws.com totality-lyc-media.s3.us-east-2.amazonaws.com	15 KB
1	rsms.me rsms.me — Cisco Umbrella Rank: 24298	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	28 KB
13	6

	Domain	Requested by
6	app.galtcredit.com	1 redirects app.galtcredit.com
3	cdn.jsdelivr.net	app.galtcredit.com
2	sessions.bugsnag.com	app.galtcredit.com
1	totality-lyc-media.s3.us-east-2.amazonaws.com	app.galtcredit.com
1	rsms.me	app.galtcredit.com
1	cdnjs.cloudflare.com	app.galtcredit.com
13	6

This site contains no links.

Subject Issuer	Validity	Valid
app.galtcredit.com E5	`2024-08-23` - `2024-11-21`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
rsms.me WE1	`2024-08-21` - `2024-11-19`	3 months	crt.sh
*.s3.us-east-2.amazonaws.com Amazon RSA 2048 M01	`2024-02-29` - `2025-02-12`	a year	crt.sh
*.bugsnag.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-20` - `2025-04-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://app.galtcredit.com/login
Frame ID: 1F0336993E1E67FEDFE34CA742DF205A
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

app.galtcredit.com

Page URL History Show full URLs

https://app.galtcredit.com/ HTTP 302
https://app.galtcredit.com/login Page URL

Detected technologies

Livewire (Web frameworks) Expand

Overall confidence: 100%
Detected patterns

livewire(?:\.min)?\.js

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

13
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

1
Countries

480 kB
Transfer

1847 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://app.galtcredit.com/ HTTP 302
https://app.galtcredit.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
app.galtcredit.com/
Redirect Chain

https://app.galtcredit.com/
https://app.galtcredit.com/login

11 KB
5 KB

448ms
447ms

Document
text/html

3.18.164.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.galtcredit.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.18.164.151 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-18-164-151.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

a9d7fefffaccc87efe15fb597bdd67e8201854c51f1cd57bb2f19a2fe39a4d7d

Security Headers

Name	Value
Content-Security-Policy	child-src blob: 'self' .hellosign.com; connect-src https: wss: .ably.io; default-src 'self'; font-src 'self' data: https:; frame-ancestors sandbox.croco-dial.net omni.bbdtel.com cds.croco-dial.net clever.ucontactcloud.com tty.croco-dial.net ucontactcloud.com; frame-src api.cobrowse.io app.hellosign.com app.powerbi.com omni.bbdtel.com cdn.plaid.com cdn.yodlee.com cds.croco-dial.net chirp.digital clever.ucontactcloud.com cobrowse.io faq.hellosign.com fl4.prod.yodlee.com lendmate.com ninjafetch.com plaid.com sandbox.croco-dial.net 'self' tty.croco-dial.net ucontactcloud.com verify-sandbox.plaid.com verify.plaid.com widget.happyfoxchat.com www.google.com yodlee.com; img-src blob: data: https: 'unsafe-inline'; script-src https: localhost 'unsafe-eval' 'unsafe-inline'; style-src https: localhost 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	Deny SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-security-policy: child-src blob: 'self' *.hellosign.com; connect-src https: wss: *.ably.io; default-src 'self'; font-src 'self' data: https:; frame-ancestors sandbox.croco-dial.net omni.bbdtel.com cds.croco-dial.net clever.ucontactcloud.com tty.croco-dial.net ucontactcloud.com; frame-src api.cobrowse.io app.hellosign.com app.powerbi.com omni.bbdtel.com cdn.plaid.com cdn.yodlee.com cds.croco-dial.net chirp.digital clever.ucontactcloud.com cobrowse.io faq.hellosign.com fl4.prod.yodlee.com lendmate.com ninjafetch.com plaid.com sandbox.croco-dial.net 'self' tty.croco-dial.net ucontactcloud.com verify-sandbox.plaid.com verify.plaid.com widget.happyfoxchat.com www.google.com yodlee.com; img-src blob: data: https: 'unsafe-inline'; script-src https: localhost 'unsafe-eval' 'unsafe-inline'; style-src https: localhost 'unsafe-inline'
content-type: text/html; charset=UTF-8
date: Sun, 25 Aug 2024 07:23:18 GMT
expect-ct: max-age=0
referrer-policy: no-referrer strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-frame-options: Deny SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block 1; mode=block

Redirect headers

cache-control: no-cache, private
content-security-policy: child-src blob: 'self' *.hellosign.com; connect-src https: wss: *.ably.io; default-src 'self'; font-src 'self' data: https:; frame-ancestors sandbox.croco-dial.net omni.bbdtel.com cds.croco-dial.net clever.ucontactcloud.com tty.croco-dial.net ucontactcloud.com; frame-src api.cobrowse.io app.hellosign.com app.powerbi.com omni.bbdtel.com cdn.plaid.com cdn.yodlee.com cds.croco-dial.net chirp.digital clever.ucontactcloud.com cobrowse.io faq.hellosign.com fl4.prod.yodlee.com lendmate.com ninjafetch.com plaid.com sandbox.croco-dial.net 'self' tty.croco-dial.net ucontactcloud.com verify-sandbox.plaid.com verify.plaid.com widget.happyfoxchat.com www.google.com yodlee.com; img-src blob: data: https: 'unsafe-inline'; script-src https: localhost 'unsafe-eval' 'unsafe-inline'; style-src https: localhost 'unsafe-inline'
content-type: text/html; charset=utf-8
date: Sun, 25 Aug 2024 07:23:18 GMT
expect-ct: max-age=0
location: login
referrer-policy: no-referrer strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000
x-content-type-options: nosniff nosniff
x-frame-options: Deny SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block 1; mode=block

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 87 KB
28 KB 58ms
31ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: app.galtcredit.com
URL: https://app.galtcredit.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://app.galtcredit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:23:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 207241
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27958
last-modified: Mon, 04 May 2020 23:01:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb09ed3-15d84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PBoFSMTd0QyLZNzaOIRA6gdfqUtm3UvPibC7dnfPPD1xo72zhyHO3hXrzdHUNJ2gFEfHzIt71w%2Bx5BqzFPlhFo5mXth5%2BKL%2BWsHPbfJKmtRAVeLCC4GGIsWCSl5ixoFHBFySoajuoeVrQctLT6qzoTu2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b89d6043c54914a-FRA
expires: Fri, 15 Aug 2025 07:23:19 GMT

GET
H2 200 select2.min.css
cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/ 16 KB
2 KB 100ms
53ms Stylesheet
text/css 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/select2.min.css

Requested by

Host: app.galtcredit.com
URL: https://app.galtcredit.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cda4a81c187015d95ed2c71f1841540b08203cdec5fa2a7d5d1825a3c2166f8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.galtcredit.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:23:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9745981
x-jsd-version: 4.1.0-rc.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2162
x-served-by: cache-fra-etou8220046-FRA, cache-lga21924-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"3f88-kT+fe5U1rseQyjzp1uNaz682mZM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d%2FeYBIpRz57UqPOi19mGCxHPmk9rGBovs%2FFohc7pnf5n9LHHMqx6%2FlyqpgnC8OTLrA9sLB1ER4i5eOuwjRKPhPTNq98LLpjvqH%2Fbfc3N6y7kD00EjRlJpaMx6RiI4nibod0HacxhOA%2BJrLtR44w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b89d60459a63a78-FRA

GET
H2 200 select2.min.js Show response
cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/js/ 71 KB
21 KB 99ms
53ms Script
application/javascript 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/js/select2.min.js

Requested by

Host: app.galtcredit.com
URL: https://app.galtcredit.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7244fff610595b944f76bf3080d74e3af42b5dd234f8f079e698cc39ac966b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.galtcredit.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:23:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9742773
x-jsd-version: 4.1.0-rc.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21153
x-served-by: cache-fra-etou8220129-FRA, cache-lga21969-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"11dcb-beEOdKmS/KFegD2RDRMPgmYxy4Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LIXqPvWd62JkGaj38CKkKZHmua1f1LHHC7XtB856dvH4gPZKW0FjzFIFhnPBvDbBMLbVBJ9lME%2BRf3cR3XANl2COABpqeRrED1tNe4x9%2BGWitgRA59XsIHO342Q3NxrrEyWwMnD%2BPXSeXYYraaY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b89d60459a93a78-FRA

GET
H3 200 inter.css
rsms.me/inter/ 7 KB
1 KB 72ms
36ms Stylesheet
text/css 2606:4700:3038::6815:eaea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/inter.css
Requested by: Host: app.galtcredit.com
URL: https://app.galtcredit.com/login
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eaea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fedfb7def1421aa9d58d1732be7164e33eec27b9c87193e010b9ddaa67b6a18

Request headers

Referer: https://app.galtcredit.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-cache-hits: 1
x-fastly-request-id: ff0a680a037d01e8b0930c2fc751dde00592cb18
date: Sun, 25 Aug 2024 07:23:19 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Tue, 20 Aug 2024 04:48:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 156
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 712
x-served-by: cache-fra-eddf8230031-FRA
last-modified: Mon, 25 Mar 2024 16:53:19 GMT
server: cloudflare
x-github-request-id: 95EE:0E80:89BDC6B:8C0DCFA:6601AC09
x-timer: S1711385625.802544,VS0,VE4
etag: W/"6601abff-1b8d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=up0GaK9Z%2BXBbmCbuCdfFj17M1g%2Fjbiel9fK6uokwrbdpxIK0uus%2BIb%2Bv0npZTW7WcbjsTdGU7QlGzOks5MJMGefqGdrf41%2B1MYTIiMmhdFSP2Rw%2FpWK6PJobPAce6pegplgTmDZL"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b89d6044fbc0859-FRA
x-proxy-cache: HIT

GET
H2 200 app.5ef81889.css
app.galtcredit.com/build/assets/ 125 KB
21 KB 234ms
232ms Stylesheet
text/css 3.18.164.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.galtcredit.com/build/assets/app.5ef81889.css

Requested by

Host: app.galtcredit.com
URL: https://app.galtcredit.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.18.164.151 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-18-164-151.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

5ef81889e29b0418b025705e23ac561c80572b88c882b700f9ce2097048c02d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.galtcredit.com/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Aug 2024 18:00:59 GMT
server: nginx
etag: W/"66c8ce5b-1f253"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 apexcharts Show response
cdn.jsdelivr.net/npm/ 522 KB
124 KB 78ms
32ms Script
application/javascript 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/apexcharts

Requested by

Host: app.galtcredit.com
URL: https://app.galtcredit.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dacc69f7eb21440e4b331ce1831f9fa5e40f218d995a005db789a9e55d989fe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.galtcredit.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:23:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 16983
x-jsd-version: 3.52.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 126291
x-served-by: cache-fra-etou8220144-FRA, cache-lga21968-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"826e8-V1cFtDJVA+6c5MFZKeTZBz/blAw"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B3xgbMuI9FqUBd1q%2B2%2FOCqG%2FJUNYdvtFIMH%2FD6yFPdk2iJ%2BcUe6vkiHu%2BsCQ4U17ILuRN4%2BU8kp%2FuMFqiQCVbdzP9apZGmNRx%2BpBcn3LLIS0MfOgG4ruzXLrjAC%2BDBsyhyZUr%2FNeE6NFi6Lj1rU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b89d60459a73a78-FRA

GET
H/1.1 200
OK whiteLogo.png
totality-lyc-media.s3.us-east-2.amazonaws.com/settings/ 15 KB
15 KB 425ms
154ms Image
image/png 3.5.131.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://totality-lyc-media.s3.us-east-2.amazonaws.com/settings/whiteLogo.png?updated_at=1724266701
Requested by: Host: app.galtcredit.com
URL: https://app.galtcredit.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 3.5.131.121 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2d566ae44bbf7578fa79ed2a2c195b9f61dd927b68ad1f3aeff42fbf5f0c8ee1

Request headers

Referer: https://app.galtcredit.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sun, 25 Aug 2024 07:23:20 GMT
x-amz-version-id: wVGBinQG_kH4Y0Q8FSLRT3kFcfkFPKsp
Last-Modified: Thu, 15 Aug 2024 12:22:32 GMT
Server: AmazonS3
x-amz-request-id: JMN89SG8E55W4D88
ETag: "a550c844673e4e0c9c826c203c99d113"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 15047
x-amz-id-2: 7fIQM3cfZz6eAJ/d2N8LtfRp2ldjf1ej0jGGEGs3Ih+xj+zc62KUFNiFxYTudZ/aBF6RZLKT/B+uo3AxPvzm5A==

GET
H2 200 livewire.js Show response
app.galtcredit.com/livewire/ 171 KB
46 KB 578ms
577ms Script
application/javascript 3.18.164.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.galtcredit.com/livewire/livewire.js?id=90730a3b0e7144480175

Requested by

Host: app.galtcredit.com
URL: https://app.galtcredit.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.18.164.151 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-18-164-151.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

38a4dc885f9d1267bbfaf361e24fbf51994bd7f6743784ec3e4a267bbe74a0be

Security Headers

Name	Value
Content-Security-Policy	child-src blob: 'self' .hellosign.com; connect-src https: wss: .ably.io; default-src 'self'; font-src 'self' data: https:; frame-ancestors sandbox.croco-dial.net omni.bbdtel.com cds.croco-dial.net clever.ucontactcloud.com tty.croco-dial.net ucontactcloud.com; frame-src api.cobrowse.io app.hellosign.com app.powerbi.com omni.bbdtel.com cdn.plaid.com cdn.yodlee.com cds.croco-dial.net chirp.digital clever.ucontactcloud.com cobrowse.io faq.hellosign.com fl4.prod.yodlee.com lendmate.com ninjafetch.com plaid.com sandbox.croco-dial.net 'self' tty.croco-dial.net ucontactcloud.com verify-sandbox.plaid.com verify.plaid.com widget.happyfoxchat.com www.google.com yodlee.com; img-src blob: data: https: 'unsafe-inline'; script-src https: localhost 'unsafe-eval' 'unsafe-inline'; style-src https: localhost 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	Deny, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://app.galtcredit.com/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:23:19 GMT
content-security-policy: child-src blob: 'self' *.hellosign.com; connect-src https: wss: *.ably.io; default-src 'self'; font-src 'self' data: https:; frame-ancestors sandbox.croco-dial.net omni.bbdtel.com cds.croco-dial.net clever.ucontactcloud.com tty.croco-dial.net ucontactcloud.com; frame-src api.cobrowse.io app.hellosign.com app.powerbi.com omni.bbdtel.com cdn.plaid.com cdn.yodlee.com cds.croco-dial.net chirp.digital clever.ucontactcloud.com cobrowse.io faq.hellosign.com fl4.prod.yodlee.com lendmate.com ninjafetch.com plaid.com sandbox.croco-dial.net 'self' tty.croco-dial.net ucontactcloud.com verify-sandbox.plaid.com verify.plaid.com widget.happyfoxchat.com www.google.com yodlee.com; img-src blob: data: https: 'unsafe-inline'; script-src https: localhost 'unsafe-eval' 'unsafe-inline'; style-src https: localhost 'unsafe-inline'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 13 Jul 2024 19:58:46 GMT
server: nginx
expect-ct: max-age=0
vary: Accept-Encoding
x-frame-options: Deny, SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, must-revalidate, private, public
expires: Mon, 25 Aug 2025 07:23:19 GMT

GET
H2 200 app.e79ba064.js Show response
app.galtcredit.com/build/assets/ 808 KB
210 KB 234ms
233ms Script
application/javascript 3.18.164.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.galtcredit.com/build/assets/app.e79ba064.js

Requested by

Host: app.galtcredit.com
URL: https://app.galtcredit.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.18.164.151 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-18-164-151.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

f2701ccc8158a8370ac31e27d76a5ea907b926016fd97f1a78fe019d65390db2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.galtcredit.com/login
Origin: https://app.galtcredit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Aug 2024 18:00:59 GMT
server: nginx
etag: W/"66c8ce5b-c9e3c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block

OPTIONS
H2 200 /
sessions.bugsnag.com/ 0
0 209ms
158ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://app.galtcredit.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 25 Aug 2024 07:23:19 GMT
via: 1.1 google

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
88 B 158ms
157ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: app.galtcredit.com
URL: https://app.galtcredit.com/build/assets/app.e79ba064.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://app.galtcredit.com/
Bugsnag-Sent-At: 2024-08-25T07:23:19.667Z
Bugsnag-Api-Key: dddb0175f3639f6a3e02d481486ec05f
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sun, 25 Aug 2024 07:23:19 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

GET
H2 200 favicon.ico
app.galtcredit.com/ 15 KB
6 KB 117ms
117ms Other
image/x-icon 3.18.164.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.galtcredit.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.18.164.151 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-18-164-151.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

998bc937cd2fee1c0879a7b4da765d103110f51a9285980260475b0528390b48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.galtcredit.com/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 07:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Aug 2024 20:02:33 GMT
server: nginx
etag: W/"66c647d9-3c2e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/x-icon
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			app.galtcredit.com/	1970-01-20 23:02:57	Name: XSRF-TOKEN Value: eyJpdiI6IlQ0eTMrS1gva0tudXJKSk5WTkNDQkE9PSIsInZhbHVlIjoiOE9vNmNJYVFkSDdqRTdHQUhzeVg5cmpTQmtLZndBS1lGR2RxeHZLd2NaQXJMVE1pL25GOUc1aE8wMzJ0NEt2RFRkeW1nNE5XcHFKaFpTN1NSQXJXRnpNeXA2UWVzMVd2VGRmYU9FMmNSZWdOZ0JOM0xka3BmS0tlenpQTlM4TEIiLCJtYWMiOiI4ODYyOTE5MWJhYzM1NWRkMDBiN2IyMDc4Y2RjNGU5OTQ5MWYwYWUyYTAwZjRiNDQwODMzZTk5YTlkNDYyYjRiIiwidGFnIjoiIn0%3D
			app.galtcredit.com/	1970-01-20 23:02:57	Name: appgaltcreditcom_session Value: eyJpdiI6InUwRzh6eVdXNEdkbGxvc05YQTBrM3c9PSIsInZhbHVlIjoiblhlWnZJRktGUmh2V3VnUlAyMktrNEgvWU5tKzk5RFlhSXgzSVByWUw4VmFVZHQzcTVJM1JYMnR1RkRKbURZYko1WE1HUHVvaENsbTQ3dEFrMlYzTkNWTDNIR3FEYkM1VzczSTNPYjdyZDU3R3dNcnUzYjMwM3lKREYvSmVRLysiLCJtYWMiOiJlODQ2ODhhYzgxNmFiNDJlNjkxZDk5NGIxZDlmNTAxNmI1ZmU2ODI2ZjYzZWEyMjE5YWE0ZTU3ZjhiOGFlOTg3IiwidGFnIjoiIn0%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://app.galtcredit.com/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	child-src blob: 'self' .hellosign.com; connect-src https: wss: .ably.io; default-src 'self'; font-src 'self' data: https:; frame-ancestors sandbox.croco-dial.net omni.bbdtel.com cds.croco-dial.net clever.ucontactcloud.com tty.croco-dial.net ucontactcloud.com; frame-src api.cobrowse.io app.hellosign.com app.powerbi.com omni.bbdtel.com cdn.plaid.com cdn.yodlee.com cds.croco-dial.net chirp.digital clever.ucontactcloud.com cobrowse.io faq.hellosign.com fl4.prod.yodlee.com lendmate.com ninjafetch.com plaid.com sandbox.croco-dial.net 'self' tty.croco-dial.net ucontactcloud.com verify-sandbox.plaid.com verify.plaid.com widget.happyfoxchat.com www.google.com yodlee.com; img-src blob: data: https: 'unsafe-inline'; script-src https: localhost 'unsafe-eval' 'unsafe-inline'; style-src https: localhost 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	Deny SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.galtcredit.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
rsms.me
sessions.bugsnag.com
totality-lyc-media.s3.us-east-2.amazonaws.com
2600:1901:0:7a0b::
2606:4700:3038::6815:eaea
2606:4700::6811:190e
2606:4700::6812:ba1f
3.18.164.151
3.5.131.121
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
2d566ae44bbf7578fa79ed2a2c195b9f61dd927b68ad1f3aeff42fbf5f0c8ee1
38a4dc885f9d1267bbfaf361e24fbf51994bd7f6743784ec3e4a267bbe74a0be
5ef81889e29b0418b025705e23ac561c80572b88c882b700f9ce2097048c02d6
8fedfb7def1421aa9d58d1732be7164e33eec27b9c87193e010b9ddaa67b6a18
998bc937cd2fee1c0879a7b4da765d103110f51a9285980260475b0528390b48
a9d7fefffaccc87efe15fb597bdd67e8201854c51f1cd57bb2f19a2fe39a4d7d
cda4a81c187015d95ed2c71f1841540b08203cdec5fa2a7d5d1825a3c2166f8c
dacc69f7eb21440e4b331ce1831f9fa5e40f218d995a005db789a9e55d989fe1
f2701ccc8158a8370ac31e27d76a5ea907b926016fd97f1a78fe019d65390db2
f7244fff610595b944f76bf3080d74e3af42b5dd234f8f079e698cc39ac966b0
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

app.galtcredit.com Open in urlscan Pro 3.18.164.151 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

67 %IPv6

6 Domains

6 Subdomains

6 IPs

1 Countries

480 kBTransfer

1847 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

2 Cookies

1 Console Messages

Security Headers

Indicators

app.galtcredit.com Open in urlscan Pro
3.18.164.151 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

1
Countries

480 kB
Transfer

1847 kB
Size

2
Cookies

13 HTTP transactions
0 data transactions