rac.safetyfirst.com Open in urlscan Pro
2606:4700:20::681a:487 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rac.safetyfirst.com/
Submission: On October 12 via automatic, source certstream-suspicious (October 12th 2023, 6:43:26 pm UTC) — Scanned from DE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 2606:4700:20::681a:487, located in United States and belongs to CLOUDFLARENET, US. The main domain is rac.safetyfirst.com.
TLS certificate: Issued by E1 on October 12th 2023. Valid for: 3 months.

This is the only time rac.safetyfirst.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
9	2606:4700:20:... 2606:4700:20::681a:487		13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	1

9 2606:4700:20::681a:487 (United States)

ASN13335 (CLOUDFLARENET, US)

rac.safetyfirst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	safetyfirst.com rac.safetyfirst.com	148 KB
9	1

	Domain	Requested by
9	rac.safetyfirst.com	rac.safetyfirst.com
9	1

This site contains no links.

Subject Issuer	Validity	Valid
rac.safetyfirst.com E1	`2023-10-12` - `2024-01-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://rac.safetyfirst.com/
Frame ID: 8D344AABF6BE328A0EA37A2D34DCBEBA
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rent-A-Center eDriverFile - Login Page

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

148 kB
Transfer

196 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response rac.safetyfirst.com/	4 KB 2 KB	473ms 403ms	Document text/html	2606:4700:20::681a:487 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rac.safetyfirst.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:487 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash `106f599454d1b0cf5a50e87e8dbd561ddbc5b9ff3526c26c2bb717bb43782aa4` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private cf-cache-status DYNAMIC cf-ray 81517ce6087837e8-FRA content-encoding br content-type text/html date Thu, 12 Oct 2023 18:43:21 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lFzfJrLnLQnzk9R7Ul8K4zqgSAHa5c0s5FhIj2gVEbfMJjWm8ljPSAObpSL2vQlJ577NlQIhY3tqSfBfHGDBO%2FVjH3kKaNK%2FpmxfjylV4Ozgqi7zLjy2gXn%2BJY5zYZwUSWohpmPgTugI5rgeRWEV9lw%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by ASP.NET
GET H2	200	jquery.js Show response rac.safetyfirst.com/javascript/	70 KB 25 KB	579ms 579ms	Script application/javascript	2606:4700:20::681a:487 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rac.safetyfirst.com/javascript/jquery.js Requested by Host: rac.safetyfirst.com URL: https://rac.safetyfirst.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:487 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash `e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59` Request headers accept-language de-DE,de;q=0.9 Referer https://rac.safetyfirst.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 12 Oct 2023 18:43:21 GMT content-encoding br cf-cache-status MISS last-modified Sat, 23 Jun 2012 07:02:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"4b76bb31e51cd1:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tMj%2B%2FYUAtXTWY3NuFJNFaZiIMZM9eKeNb5Ux4YKWUXzYjmAPDrUwU2UI%2FjjI%2BUCDtfCOGdZ0thDJ83TArZrOEEDNF11SheNpZpNPpA7Y%2F%2FyZQDWGpX8rZ8I89GG8JlzxxXYIMs8xR6%2FyMDqPqknWDn0%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 81517ce89c4237e8-FRA
GET H2	200	common.js Show response rac.safetyfirst.com/javascript/	5 KB 2 KB	402ms 402ms	Script application/javascript	2606:4700:20::681a:487 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rac.safetyfirst.com/javascript/common.js Requested by Host: rac.safetyfirst.com URL: https://rac.safetyfirst.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:487 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash `8d286fbe3b60db73f2b611e8c23dda63433868c97df2cc07a244e1a40d9b12a5` Request headers accept-language de-DE,de;q=0.9 Referer https://rac.safetyfirst.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 12 Oct 2023 18:43:21 GMT content-encoding br cf-cache-status MISS last-modified Wed, 11 Apr 2018 15:50:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"3228abd9acd1d31:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E6bSl3zyApEi2ddSKlzPFIe1OLztfEu0S%2BlMpNkrUAhZy%2FmKMwKQ0mAuEZZvhaN7fzax57feVCIhba%2Bf3FX1i11fU6opcdahdHBKTFY6AR4X4t8O7HlZk%2F0Y2sQfz2aRuDm7xJEq0pDKfi9yUodhXdE%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 81517ce89c4337e8-FRA
GET H2	200	refresh.jpg rac.safetyfirst.com/images/	5 KB 6 KB	403ms 403ms	Image image/jpeg	2606:4700:20::681a:487 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rac.safetyfirst.com/images/refresh.jpg Requested by Host: rac.safetyfirst.com URL: https://rac.safetyfirst.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:487 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash `6b21dbfb9cd8ed1aec865564fc5f72066b3173680bbc9ed2f0b477b18e1f754c` Request headers accept-language de-DE,de;q=0.9 Referer https://rac.safetyfirst.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 12 Oct 2023 18:43:21 GMT cf-cache-status MISS last-modified Tue, 24 Mar 2009 22:00:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "ee4425f5cbacc91:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3HY7wNag2%2FF1aRs5xliSXyHzNbw5Q9c1rIZXBgCHU0p6rmikU%2BOD3TRKKGVYAVZM4q4XL6OVkC9t1imzvFcdnlmk2EVD2fm1ueUCEQ87xkLkznb98HxQjkN3SE5hqYCmZVaAXynkF3WoUFOk9zHm9UU%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 81517ceb18a837e8-FRA content-length 5563
GET H2	200	homeg.jpg rac.safetyfirst.com/images/	2 KB 3 KB	400ms 399ms	Image image/jpeg	2606:4700:20::681a:487 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rac.safetyfirst.com/images/homeg.jpg Requested by Host: rac.safetyfirst.com URL: https://rac.safetyfirst.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:487 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash `473e583318d24cc0a1ac0390c8842c570bd623d693133e4bca25eca14ba9ee68` Request headers accept-language de-DE,de;q=0.9 Referer https://rac.safetyfirst.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 12 Oct 2023 18:43:22 GMT cf-cache-status MISS last-modified Thu, 23 Apr 2009 12:21:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "b3957f7dc4c91:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VS3RrKw7OSYDqXcTL82wa5iayIz53dSivAiqoW%2FU%2BecsrmBMi1BHz3wv28xMMCJxIIxkRtP40RDtXU39ZNc9l3GWBusKZz3Bb9vgyeQf0s4tTx%2F%2BtVuaVUqZX4pkaOh56tXh4K%2BJxLHgN05utNqQ0ds%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 81517cec3ae637e8-FRA content-length 2336
GET H2	200	printer.jpg rac.safetyfirst.com/images/	5 KB 6 KB	401ms 400ms	Image image/jpeg	2606:4700:20::681a:487 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rac.safetyfirst.com/images/printer.jpg Requested by Host: rac.safetyfirst.com URL: https://rac.safetyfirst.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:487 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash `43823034edfffa87297e2a2bb7cd90af3d06c3ff167413a64732354c7370af5c` Request headers accept-language de-DE,de;q=0.9 Referer https://rac.safetyfirst.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 12 Oct 2023 18:43:22 GMT cf-cache-status MISS last-modified Tue, 24 Mar 2009 22:04:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "7cce9689ccacc91:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ofAdpaGcAjZ9DURhvu%2FKwnBcdS20BWzIevjOLJoXjGLGRETxnFW5OmuCwF6mqvPqrsHCUlaBm%2F05PzMr0vwH%2BQ94dgL7DYzV%2F%2FF7P4pywTDiq%2BdlY18KHEtTbau2zGurredgVZwy2m85imf7%2FOeyM1I%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 81517cec6b2b37e8-FRA content-length 5593
GET H2	200	help.jpg rac.safetyfirst.com/images/	6 KB 6 KB	403ms 402ms	Image image/jpeg	2606:4700:20::681a:487 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rac.safetyfirst.com/images/help.jpg Requested by Host: rac.safetyfirst.com URL: https://rac.safetyfirst.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:487 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash `49029c391aa67e3f2bb4e10f430f860e410c28040720f2ffb381938f51a1f2cc` Request headers accept-language de-DE,de;q=0.9 Referer https://rac.safetyfirst.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 12 Oct 2023 18:43:22 GMT cf-cache-status MISS last-modified Tue, 16 Jun 2009 14:30:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "6992f4ff8eeec91:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQww7bTh15eULKl32g%2F41vUacQho8sWd7FprZKhTX2m3MHpTM1EAyDZrUsMJxrQfumzsihYxbp%2FtIWdPsQCT55DUqCpfnOuz8i3WTrz89Ks5AB5P5reX%2BKMCg7Z8KYmShaVhMIQJBZNqAOB%2BHAdTovU%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 81517cec6b3037e8-FRA content-length 5899
GET H2	200	logoutg.jpg rac.safetyfirst.com/images/	2 KB 2 KB	402ms 401ms	Image image/jpeg	2606:4700:20::681a:487 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rac.safetyfirst.com/images/logoutg.jpg Requested by Host: rac.safetyfirst.com URL: https://rac.safetyfirst.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:487 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash `da79ab90d4d3d9b77c93f0537831c7ff97b0ca6c311135257bd20afd50762ea9` Request headers accept-language de-DE,de;q=0.9 Referer https://rac.safetyfirst.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 12 Oct 2023 18:43:22 GMT cf-cache-status MISS last-modified Wed, 15 Jul 2009 15:00:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "f055e1f05c5ca1:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=omp7pCCCn3KNYLmyKgTGqkXuUOOQFPnBtIC7Gg%2Fr6KS4RGYiNjFeW7N8%2Fhwdd%2Bnu%2FXu4FwsvYvyJ5dPZaMh6DCX%2BAl39YzpmKzpSi83BTUXW9Ta3EOWZ4AOHskoteJEZWBEkQNUinL%2BVPFdTF8%2BbiK4%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 81517cec6b3237e8-FRA content-length 2212
GET H2	200	rac3.png rac.safetyfirst.com/images/	96 KB 96 KB	584ms 584ms	Image image/png	2606:4700:20::681a:487 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rac.safetyfirst.com/images/rac3.png Requested by Host: rac.safetyfirst.com URL: https://rac.safetyfirst.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:487 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash `a801553aac1aae074d2332297a63d4f6198eea7dbb1b54d049063fd51357f6a3` Request headers accept-language de-DE,de;q=0.9 Referer https://rac.safetyfirst.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 12 Oct 2023 18:43:22 GMT cf-cache-status MISS last-modified Thu, 13 Feb 2020 18:40:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "05e54199de2d51:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rovx%2BS9BjGO1qzoySodBIT1Avy2N%2Bo0gs0A7DYtKyPtJ%2F1oRKHScd7xo7F3pxxgjmYLQ1I37GD7FYqHyMt5pAwOyHyJC%2BgAQ33ltfgu0O2%2FfyMXN9LSu6XR%2FIkXSaX9UZwURWKgN2Bt%2Fbartk9ct0q8%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 81517cec6b3337e8-FRA content-length 97843

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			rac.safetyfirst.com/	1969-12-31 23:59:59	Name: ASPSESSIONIDSWCTRTBR Value: JHPDPOBANONKEHEKNBDJOGDC

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	info	URL: https://rac.safetyfirst.com/ Message: Autofocus processing was blocked because a document already has a focused element.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

rac.safetyfirst.com
2606:4700:20::681a:487
106f599454d1b0cf5a50e87e8dbd561ddbc5b9ff3526c26c2bb717bb43782aa4
43823034edfffa87297e2a2bb7cd90af3d06c3ff167413a64732354c7370af5c
473e583318d24cc0a1ac0390c8842c570bd623d693133e4bca25eca14ba9ee68
49029c391aa67e3f2bb4e10f430f860e410c28040720f2ffb381938f51a1f2cc
6b21dbfb9cd8ed1aec865564fc5f72066b3173680bbc9ed2f0b477b18e1f754c
8d286fbe3b60db73f2b611e8c23dda63433868c97df2cc07a244e1a40d9b12a5
a801553aac1aae074d2332297a63d4f6198eea7dbb1b54d049063fd51357f6a3
da79ab90d4d3d9b77c93f0537831c7ff97b0ca6c311135257bd20afd50762ea9
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59

rac.safetyfirst.com Open in urlscan Pro 2606:4700:20::681a:487 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

148 kBTransfer

196 kBSize

1 Cookies

0 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

rac.safetyfirst.com Open in urlscan Pro
2606:4700:20::681a:487 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

148 kB
Transfer

196 kB
Size

1
Cookies

9 HTTP transactions
0 data transactions