forsales.rf.gd Open in urlscan Pro
185.27.134.153 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://forsales.rf.gd/
Effective URL:
http://forsales.rf.gd/?i=1
Submission: On March 15 via manual (March 15th 2021, 2:41:00 pm UTC) from IL

Summary HTTP 88 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 88 HTTP transactions. The main IP is 185.27.134.153, located in United Kingdom and belongs to WILDCARD-AS Wildcard UK Limited, GB. The main domain is forsales.rf.gd.

This is the only time forsales.rf.gd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
44	185.27.134.153 185.27.134.153	34119 (WILDCARD-...) (WILDCARD-AS Wildcard UK Limited)
1	13.226.159.90 13.226.159.90	16509 (AMAZON-02) (AMAZON-02)
1	104.26.8.174 104.26.8.174	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
25	2a02:26f0:f1:... 2a02:26f0:f1::48f7:b38a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.79.133.184 23.79.133.184	16625 (AKAMAI-AS) (AKAMAI-AS)
2	88.221.196.217 88.221.196.217	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
88	9

44 185.27.134.153 (United Kingdom)

ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)

forsales.rf.gd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-90.dus51.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.8.174 (United States)

ASN13335 (CLOUDFLARENET, US)

infinityfree.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a02:26f0:f1::48f7:b38a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.salesforce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.79.133.184 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-133-184.deploy.static.akamaitechnologies.com

c.salesforce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.221.196.217 (Munich, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a88-221-196-217.deploy.static.akamaitechnologies.com

a.sfdcstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	rf.gd forsales.rf.gd	746 KB
26	salesforce.com www.salesforce.com Failed c.salesforce.com	498 KB
2	sfdcstatic.com a.sfdcstatic.com	150 KB
2	googletagmanager.com www.googletagmanager.com	171 KB
2	onetrust.com geolocation.onetrust.com	883 B
1	company-target.com api.company-target.com	1 KB
1	infinityfree.net infinityfree.net Failed
88	7

	Domain	Requested by
44	forsales.rf.gd	forsales.rf.gd
25	www.salesforce.com	forsales.rf.gd c.salesforce.com www.salesforce.com
2	a.sfdcstatic.com	c.salesforce.com a.sfdcstatic.com
2	www.googletagmanager.com	forsales.rf.gd c.salesforce.com
2	geolocation.onetrust.com	forsales.rf.gd a.sfdcstatic.com
1	c.salesforce.com	forsales.rf.gd
1	api.company-target.com	forsales.rf.gd
1	infinityfree.net	forsales.rf.gd
88	8

This site contains links to these domains. Also see Links.

Domain
login.salesforce.com
www.salesforce.com

Subject Issuer	Validity	Valid
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.salesforce.com DigiCert Global CA G2	`2020-07-28` - `2022-07-29`	2 years	crt.sh
c.salesforce.com GeoTrust RSA CA 2018	`2020-04-25` - `2021-07-25`	a year	crt.sh
c1.sfdcstatic.com DigiCert SHA2 Secure Server CA	`2020-06-16` - `2021-06-10`	a year	crt.sh

This page contains 3 frames:

Primary Page: http://forsales.rf.gd/?i=1
Frame ID: 035AFF9328184FBCF672CD6D44378549
Requests: 15 HTTP requests in this frame

Frame: https://c.salesforce.com/login-messages/eu/promos.html
Frame ID: ECC425252B7A85208E97CE6127580C49
Requests: 70 HTTP requests in this frame

Frame: http://forsales.rf.gd/Login%20_%20Salesforce_files/sessionserver212.html
Frame ID: 4FD2B710A6F0A2239D37792C15DD784E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://forsales.rf.gd/ Page URL
http://forsales.rf.gd/?i=1 Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

88
Requests

38 %
HTTPS

38 %
IPv6

7
Domains

8
Subdomains

9
IPs

3
Countries

1566 kB
Transfer

5346 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://login.salesforce.com/secur/forgotpassword.jsp?locale=eu&lqs=locale%3Deu
Title: Forgot Your Password?

Search URL Search Domain Scan URL

URL: https://www.salesforce.com/eu/form/trial/freetrial.jsp?d=70130000000DYtg
Title: Try for Free

Search URL Search Domain Scan URL

URL: https://www.salesforce.com/eu/company/privacy
Title: Privacy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://forsales.rf.gd/ Page URL
http://forsales.rf.gd/?i=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

http://forsales.rf.gd/login/assets/fonts/SalesforceSans/SalesforceSans-Regular.woff2 HTTP 302
https://infinityfree.net/errors/404/

Request Chain 15

http://forsales.rf.gd/login/assets/fonts/SalesforceSans/SalesforceSans-Regular.woff HTTP 302
https://infinityfree.net/errors/404/

Request Chain 44

http://forsales.rf.gd/wbin/www-core/f/g?analytics=true HTTP 302
https://infinityfree.net/errors/404/

Request Chain 46

http://forsales.rf.gd/Login%20_%20Salesforce_files/8e783e8c-0ad0-475d-8fca-4a03afa0a02a/en.json HTTP 302
https://infinityfree.net/errors/404/

Request Chain 50

http://www.salesforce.com/content/dam/web/en_us/www/images/login-promos/customer-login-df2u-bg.png HTTP 307
https://www.salesforce.com/content/dam/web/en_us/www/images/login-promos/customer-login-df2u-bg.png

Request Chain 51

http://forsales.rf.gd/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff2 HTTP 302
https://infinityfree.net/errors/404/

Request Chain 52

http://forsales.rf.gd/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Light.woff2 HTTP 302
https://infinityfree.net/errors/404/

Request Chain 53

http://forsales.rf.gd/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff HTTP 302
https://infinityfree.net/errors/404/

Request Chain 54

http://forsales.rf.gd/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Light.woff HTTP 302
https://infinityfree.net/errors/404/

Request Chain 55

http://forsales.rf.gd/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf HTTP 302
https://infinityfree.net/errors/404/

88 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
forsales.rf.gd/ 825 B
825 B 108ms
76ms Document
text/html 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://forsales.rf.gd/
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: b317d4917a3609c193769e921e7f7cbee3aa6006a17d992429d4885d6e9e8162

Request headers

Host: forsales.rf.gd
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Mon, 15 Mar 2021 14:40:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Content-Encoding: gzip

GET
H/1.1 200
OK aes.js Show response
forsales.rf.gd/ 30 KB
31 KB 46ms
46ms Script
application/javascript 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://forsales.rf.gd/aes.js
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: d2701c86a2a31a641520e72121749dbbabeed4b1a59aece20bbf14f9c9de82bc

Request headers

Referer: http://forsales.rf.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:32 GMT
Last-Modified: Sat, 08 Aug 2015 08:12:23 GMT
Server: nginx
ETag: "55c5b9e7-79e6"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31206

GET
H/1.1 200
OK Primary Request / Show response
forsales.rf.gd/ 13 KB
5 KB 86ms
85ms Document
text/html 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://forsales.rf.gd/?i=1
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 414cebf2307f1f10406fbedd9fea5ab109856a60bc85139136c0b2d9d6e8a7b9

Request headers

Host: forsales.rf.gd
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://forsales.rf.gd/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: __test=0de8ba2a0e46d178325b1f82dee5519f
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://forsales.rf.gd/

Response headers

Server: nginx
Date: Mon, 15 Mar 2021 14:40:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 15 Mar 2021 11:48:20 GMT
Cache-Control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
Expires: Wed, 14 Apr 2021 14:40:32 GMT
Content-Encoding: gzip

GET
H/1.1 200
OK sfdc_210.css
forsales.rf.gd/Login%20_%20Salesforce_files/ 15 KB
4 KB 51ms
51ms Stylesheet
text/css 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/sfdc_210.css
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/?i=1
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 6effaae73ce83316d1356ea984e417519743bce7a23982f053b1b8ec82135dae

Request headers

Referer: http://forsales.rf.gd/?i=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:32 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Mar 2021 11:48:07 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 14 Apr 2021 14:40:32 GMT

GET
H/1.1 200
OK SfdcSessionBase208.js.download Show response
forsales.rf.gd/Login%20_%20Salesforce_files/ 16 KB
7 KB 122ms
105ms Script
application/javascript 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/SfdcSessionBase208.js.download
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/?i=1
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: b77235b3019fb2cbfa81aa3ab3310b5ed4e09e28085ae21768d6cf4e9411273a

Request headers

Referer: http://forsales.rf.gd/?i=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:32 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Mar 2021 11:48:07 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 15 Mar 2021 14:40:32 GMT

GET
H/1.1 200
OK LoginHint208.js.download Show response
forsales.rf.gd/Login%20_%20Salesforce_files/ 19 KB
7 KB 117ms
99ms Script
application/javascript 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/LoginHint208.js.download
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/?i=1
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: f9cd7471411fc60aeb59674805af6eab010b8a058cbf4f3a9640a852cdeb424b

Request headers

Referer: http://forsales.rf.gd/?i=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:32 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Mar 2021 11:48:04 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 15 Mar 2021 14:40:32 GMT

GET
H/1.1 200
OK logo214.svg
forsales.rf.gd/Login%20_%20Salesforce_files/ 7 KB
7 KB 154ms
113ms Image
image/svg+xml 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/logo214.svg
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/?i=1
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: a48f997fa23140662c20f7a46e93cefcef071fbf81ce038067582f2d822d86d5

Request headers

Referer: http://forsales.rf.gd/?i=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:32 GMT
Last-Modified: Mon, 15 Mar 2021 11:48:04 GMT
Server: nginx
Content-Type: image/svg+xml
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6696
Expires: Mon, 15 Mar 2021 14:40:32 GMT

GET
H/1.1 200
OK clear.png
forsales.rf.gd/Login%20_%20Salesforce_files/ 477 B
810 B 154ms
103ms Image
image/png 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/clear.png
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/?i=1
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: dd464055be78eadee2d5d3ecc5380600b788883e462d9e77372877dc04110e6d

Request headers

Referer: http://forsales.rf.gd/?i=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:32 GMT
Last-Modified: Mon, 15 Mar 2021 11:47:58 GMT
Server: nginx
Content-Type: image/png
Cache-Control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 477
Expires: Wed, 14 Apr 2021 14:40:32 GMT

GET
H/1.1 200
OK capslock_blue.png
forsales.rf.gd/Login%20_%20Salesforce_files/ 559 B
892 B 149ms
49ms Image
image/png 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/capslock_blue.png
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/?i=1
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 02c47d1fb4a92fd6eca59ed828b0d0d7a8ef8285688bd27f36b1e003ffa9a52c

Request headers

Referer: http://forsales.rf.gd/?i=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:32 GMT
Last-Modified: Mon, 15 Mar 2021 11:47:57 GMT
Server: nginx
Content-Type: image/png
Cache-Control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 559
Expires: Wed, 14 Apr 2021 14:40:32 GMT

GET
H/1.1 200
OK baselogin.js.download Show response
forsales.rf.gd/Login%20_%20Salesforce_files/ 640 B
779 B 49ms
48ms Script
application/javascript 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/baselogin.js.download
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/?i=1
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: b7969e630336eef9c5e7c4dfdf863f0d34d0b2dc67a068080cf7807d23adcf94

Request headers

Referer: http://forsales.rf.gd/?i=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:32 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Mar 2021 11:47:57 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 15 Mar 2021 14:40:32 GMT

GET
H/1.1 200
OK 1386 Show response
forsales.rf.gd/Login%20_%20Salesforce_files/ 5 KB
5 KB 54ms
54ms Script
text/plain 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/1386
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/?i=1
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 42a531dce996297d2a03cb33044b36408821072ad24b9477a237bd8a3ed6ebf7

Request headers

Referer: http://forsales.rf.gd/?i=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:32 GMT
Last-Modified: Mon, 15 Mar 2021 11:47:53 GMT
Server: nginx
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4753
Expires: Mon, 15 Mar 2021 14:40:32 GMT

GET
H/1.1 200
OK 1386(1) Show response
forsales.rf.gd/Login%20_%20Salesforce_files/ 18 KB
18 KB 152ms
151ms Script
text/plain 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/1386(1)
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/?i=1
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 6e254c656a029b64c10f320cb325858bc578c94d7a6ec1e5703ba03abb6738c0

Request headers

Referer: http://forsales.rf.gd/?i=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:32 GMT
Last-Modified: Mon, 15 Mar 2021 11:47:53 GMT
Server: nginx
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18331
Expires: Mon, 15 Mar 2021 14:40:32 GMT

GET
H/1.1 200
OK promos.html Show response
forsales.rf.gd/Login%20_%20Salesforce_files/ Frame ECC4 185 KB
37 KB 347ms
331ms Document
text/html 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/?i=1
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: a4c43c319c5d2cf401c0dd8ac9925fbcb8c68e59601357fe5a2293067ec63627

Request headers

Host: forsales.rf.gd
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://forsales.rf.gd/?i=1
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: __test=0de8ba2a0e46d178325b1f82dee5519f
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://forsales.rf.gd/?i=1

Response headers

Server: nginx
Date: Mon, 15 Mar 2021 14:40:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 15 Mar 2021 11:48:05 GMT
Cache-Control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
Expires: Wed, 14 Apr 2021 14:40:32 GMT
Content-Encoding: gzip

GET

/
infinityfree.net/errors/404/
Redirect Chain

http://forsales.rf.gd/login/assets/fonts/SalesforceSans/SalesforceSans-Regular.woff2
https://infinityfree.net/errors/404/

0
0

GET
H/1.1 200
OK sessionserver212.html Show response
forsales.rf.gd/Login%20_%20Salesforce_files/ Frame 4FD2 337 B
630 B 84ms
83ms Document
text/html 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/sessionserver212.html
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/?i=1
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 98e60d06338019ad0574576a9058d06f72d8818c428fe49cd988743d3af579c1

Request headers

Host: forsales.rf.gd
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://forsales.rf.gd/?i=1
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: __test=0de8ba2a0e46d178325b1f82dee5519f
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://forsales.rf.gd/?i=1

Response headers

Server: nginx
Date: Mon, 15 Mar 2021 14:40:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 15 Mar 2021 11:48:06 GMT
Cache-Control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
Expires: Wed, 14 Apr 2021 14:40:32 GMT
Content-Encoding: gzip

GET
H/1.1 200
OK SessionServer212.js.download Show response
forsales.rf.gd/Login%20_%20Salesforce_files/ Frame 4FD2 28 KB
10 KB 106ms
105ms Script
application/javascript 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/SessionServer212.js.download
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/sessionserver212.html
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 4d4d419ece50d3ea60e9f2231032990b733e00864464849574cfdfa2d3d32bcc

Request headers

Referer: http://forsales.rf.gd/Login%20_%20Salesforce_files/sessionserver212.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:32 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Mar 2021 11:48:06 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 15 Mar 2021 14:40:32 GMT

GET

/
infinityfree.net/errors/404/
Redirect Chain

http://forsales.rf.gd/login/assets/fonts/SalesforceSans/SalesforceSans-Regular.woff
https://infinityfree.net/errors/404/

0
0

GET
H/1.1 200
OK gtm.js.download Show response
forsales.rf.gd/Login%20_%20Salesforce_files/ Frame ECC4 355 KB
98 KB 647ms
644ms Script
application/javascript 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/gtm.js.download
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: b1513134818551644769c92221dcc0d750ab01019db151aa2b6ccec625fea90b

Request headers

Referer: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Mar 2021 11:48:02 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 15 Mar 2021 14:40:33 GMT

GET
H/1.1 200
OK jquery.min.772fb04d4ce536dfb06c17e789ad4dbd.js.download Show response
forsales.rf.gd/Login%20_%20Salesforce_files/ Frame ECC4 111 KB
43 KB 248ms
244ms Script
application/javascript 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/jquery.min.772fb04d4ce536dfb06c17e789ad4dbd.js.download
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: b397476bcbcf8c9eae3f82007cc4f9495661b367e02e6d3dea6e15f0610ef20a

Request headers

Referer: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Mar 2021 11:48:03 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 15 Mar 2021 14:40:33 GMT

GET
H/1.1 200
OK utils.min.a53a609d64abb59ba4017351854c46d0.js.download Show response
forsales.rf.gd/Login%20_%20Salesforce_files/ Frame ECC4 10 KB
4 KB 67ms
63ms Script
application/javascript 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/utils.min.a53a609d64abb59ba4017351854c46d0.js.download
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: c3f71d542656fa0835d15106408ec065d630c8bc05078915d8b58202ba28956e

Request headers

Referer: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Mar 2021 11:48:08 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 15 Mar 2021 14:40:33 GMT

GET
H/1.1 200
OK granite.min.e67470fde615e2d442e08aad300a8905.js.download Show response
forsales.rf.gd/Login%20_%20Salesforce_files/ Frame ECC4 4 KB
2 KB 66ms
62ms Script
application/javascript 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/granite.min.e67470fde615e2d442e08aad300a8905.js.download
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 0c004a8bc2e2b97498e70c2e4cd25caac120fd9b9dc75446d5e3867e741b661c

Request headers

Referer: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Mar 2021 11:48:01 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 15 Mar 2021 14:40:33 GMT

GET
H/1.1 200
OK jquery.min.dd9b395c741ce2784096e26619e14910.js.download Show response
forsales.rf.gd/Login%20_%20Salesforce_files/ Frame ECC4 16 B
303 B 54ms
50ms Script
application/javascript 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/jquery.min.dd9b395c741ce2784096e26619e14910.js.download
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: c084b47104c493fb377b6d35d8c08df67d773f6dcf8294c0a7360710cd8cacbd

Request headers

Referer: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:33 GMT
Last-Modified: Mon, 15 Mar 2021 11:48:03 GMT
Server: nginx
Content-Type: application/javascript
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16
Expires: Mon, 15 Mar 2021 14:40:33 GMT

GET
H/1.1 200
OK modern.min.3a0ad4c7614495b1cae264dfcb9b9813.js.download Show response
forsales.rf.gd/Login%20_%20Salesforce_files/ Frame ECC4 34 KB
13 KB 165ms
96ms Script
application/javascript 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/modern.min.3a0ad4c7614495b1cae264dfcb9b9813.js.download
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 355604a949ef95ceffcd21a7e9b5ed27c95d847f95127e0ddad5aa1793f1bb74

Request headers

Referer: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Mar 2021 11:48:04 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 15 Mar 2021 14:40:33 GMT

GET
H/1.1 200
OK clientlibs_analytics_login_top.min.8a963051768f1ee0be822df84a226fe2.js.download Show response
forsales.rf.gd/Login%20_%20Salesforce_files/ Frame ECC4 26 KB
10 KB 201ms
97ms Script
application/javascript 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/clientlibs_analytics_login_top.min.8a963051768f1ee0be822df84a226fe2.js.download
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: d4d5be5c2a7d58433177e3fcc9e8553eb1da447d9093f4c63780efb6c6fa7015

Request headers

Referer: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Mar 2021 11:47:59 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 15 Mar 2021 14:40:33 GMT

GET
H/1.1 200
OK 8e783e8c-0ad0-475d-8fca-4a03afa0a02a.js.download Show response
forsales.rf.gd/Login%20_%20Salesforce_files/ Frame ECC4 375 KB
100 KB 809ms
693ms Script
application/javascript 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/8e783e8c-0ad0-475d-8fca-4a03afa0a02a.js.download
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 1251aae34ff7c09bfa2965df48b5188ac9166a239976501f80d17921ce136c96

Request headers

Referer: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Mar 2021 11:47:55 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 15 Mar 2021 14:40:33 GMT

GET
H/1.1 200
OK location Show response
forsales.rf.gd/Login%20_%20Salesforce_files/ Frame ECC4 184 B
434 B 52ms
50ms Script
text/plain 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/location
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 2fccaeb8a9209fdfc0326d46a67b92259c0c71dbc54e16d193e82ea6154599d2

Request headers

Referer: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:34 GMT
Last-Modified: Mon, 15 Mar 2021 11:48:03 GMT
Server: nginx
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 184
Expires: Mon, 15 Mar 2021 14:40:34 GMT

GET
H/1.1 200
OK clientlibs_onetrust.min.0d4ae6f336cc81eb0a6d5115d3c70964.css
forsales.rf.gd/Login%20_%20Salesforce_files/ Frame ECC4 14 KB
3 KB 102ms
48ms Stylesheet
text/css 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/clientlibs_onetrust.min.0d4ae6f336cc81eb0a6d5115d3c70964.css
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 96658352b0162515657d0d82bc4b29acc7f486529ccea7b5600ddbe4803f6724

Request headers

Referer: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Mar 2021 11:47:59 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 14 Apr 2021 14:40:33 GMT

GET
H/1.1 200
OK all.bundle.e09950eff7a63a67f9fc.css
forsales.rf.gd/Login%20_%20Salesforce_files/ Frame ECC4 632 KB
103 KB 109ms
54ms Stylesheet
text/css 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/all.bundle.e09950eff7a63a67f9fc.css
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: cdb4e9d4d225bc286abbdd847ccaa207f8afcf38ab9addbaa27826699ecb4e45

Request headers

Referer: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Mar 2021 11:47:57 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 14 Apr 2021 14:40:33 GMT

GET
H/1.1 200
OK sfdc-liveChat.bundle.e09950eff7a63a67f9fc.css
forsales.rf.gd/Login%20_%20Salesforce_files/ Frame ECC4 9 KB
3 KB 114ms
48ms Stylesheet
text/css 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/sfdc-liveChat.bundle.e09950eff7a63a67f9fc.css
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: a585ce7410a54b3f6e9379a057927a0151ffeb14465799bb20dc2b29986e1eb2

Request headers

Referer: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Mar 2021 11:48:07 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 14 Apr 2021 14:40:33 GMT

GET
H/1.1 200
OK clientlibs_www_tags.min.49c634c0df8e725801cecc00b8a87f20.js.download Show response
forsales.rf.gd/Login%20_%20Salesforce_files/ Frame ECC4 1 KB
907 B 223ms
54ms Script
application/javascript 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/clientlibs_www_tags.min.49c634c0df8e725801cecc00b8a87f20.js.download
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 776e011700a430a8fd3cda23ce96ef30c6da4a54c308abec4c0ec2f8d6941a49

Request headers

Referer: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Mar 2021 11:48:00 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 15 Mar 2021 14:40:33 GMT

GET
H/1.1 200
OK webpack-script-manifest-config-js.bundle.36a21d4ea857cadfa264.js.download Show response
forsales.rf.gd/Login%20_%20Salesforce_files/ Frame ECC4 2 KB
1 KB 260ms
57ms Script
application/javascript 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/webpack-script-manifest-config-js.bundle.36a21d4ea857cadfa264.js.download
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 1f28a176d797a079288f5b2459a513eecb6f7953ecd7f6359dd9e8ca3a48bbae

Request headers

Referer: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Mar 2021 11:48:11 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 15 Mar 2021 14:40:33 GMT

GET
H/1.1 200
OK vendors_webpack-script-manifest-SfdcWwwBaseCnc-js_webpack-script-manifest-commonlyUsed-js.bundle.36a21d4ea857cadfa264.js.download Show response
forsales.rf.gd/Login%20_%20Salesforce_files/ Frame ECC4 141 KB
47 KB 530ms
319ms Script
application/javascript 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/vendors_webpack-script-manifest-SfdcWwwBaseCnc-js_webpack-script-manifest-commonlyUsed-js.bundle.36a21d4ea857cadfa264.js.download
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 708615b9e9c30cae15058f9e574222089486620a84f5ad87466c72cb14b3df5b

Request headers

Referer: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Mar 2021 11:48:10 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 15 Mar 2021 14:40:33 GMT

GET
H/1.1 200
OK webpack-script-manifest-SfdcWwwBaseCnc-js_webpack-script-manifest-commonlyUsed-js_webpack-script-man_30a1d5be.bundle.36a21d4ea857cadfa264.js.download Show response
forsales.rf.gd/Login%20_%20Salesforce_files/ Frame ECC4 16 KB
5 KB 302ms
79ms Script
application/javascript 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/webpack-script-manifest-SfdcWwwBaseCnc-js_webpack-script-manifest-commonlyUsed-js_webpack-script-man_30a1d5be.bundle.36a21d4ea857cadfa264.js.download
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 85b2446757ca1d6ac289ae8e8f0a500960d6e6d59932089fbe9f35fe91eab7a6

Request headers

Referer: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Mar 2021 11:48:11 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 15 Mar 2021 14:40:33 GMT

GET
H/1.1 200
OK webpack-script-manifest-commonlyUsed-js.bundle.36a21d4ea857cadfa264.js.download Show response
forsales.rf.gd/Login%20_%20Salesforce_files/ Frame ECC4 40 KB
15 KB 403ms
143ms Script
application/javascript 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/webpack-script-manifest-commonlyUsed-js.bundle.36a21d4ea857cadfa264.js.download
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 6e83fadec6902c1b3a22ec0ef06c05fa2b73bb4479fd83a8b4312a126409d898

Request headers

Referer: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Mar 2021 11:48:11 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 15 Mar 2021 14:40:33 GMT

GET
H/1.1 200
OK spacer.gif
forsales.rf.gd/Login%20_%20Salesforce_files/ Frame ECC4 43 B
375 B 51ms
49ms Image
image/gif 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/spacer.gif
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Request headers

Referer: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:34 GMT
Last-Modified: Mon, 15 Mar 2021 11:48:08 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 14 Apr 2021 14:40:34 GMT

GET
H/1.1 200
OK EN-DF2U-Logo-Eyebrow.png
forsales.rf.gd/Login%20_%20Salesforce_files/ Frame ECC4 8 KB
8 KB 52ms
51ms Image
image/png 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/EN-DF2U-Logo-Eyebrow.png
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3743c2f92ebed343f20416fa363d005bcda699a0b8d4380c417a99ad4928e35

Request headers

Referer: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:34 GMT
Last-Modified: Mon, 15 Mar 2021 11:48:00 GMT
Server: nginx
Content-Type: image/png
Cache-Control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8343
Expires: Wed, 14 Apr 2021 14:40:34 GMT

GET
H/1.1 200
OK df-2020-logo.png
forsales.rf.gd/Login%20_%20Salesforce_files/ Frame ECC4 32 KB
33 KB 75ms
54ms Image
image/png 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/df-2020-logo.png
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 96ae34219763aaaedd159d6aea49d54357e9a0754157e18f434e6a5a51765f9a

Request headers

Referer: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:34 GMT
Last-Modified: Mon, 15 Mar 2021 11:48:00 GMT
Server: nginx
Content-Type: image/png
Cache-Control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33238
Expires: Wed, 14 Apr 2021 14:40:34 GMT

GET
H/1.1 200
OK vendors_scriptloader_utils.bundle.36a21d4ea857cadfa264.js.download Show response
forsales.rf.gd/Login%20_%20Salesforce_files/ Frame ECC4 13 KB
5 KB 78ms
78ms Script
application/javascript 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/vendors_scriptloader_utils.bundle.36a21d4ea857cadfa264.js.download
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: f7becd483ffb6036db37eb140255c414bf9ec9e37572194d9111351cbd7fb888

Request headers

Referer: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Mar 2021 11:48:09 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 15 Mar 2021 14:40:33 GMT

GET
H/1.1 200
OK vendors_scriptloader.bundle.36a21d4ea857cadfa264.js.download Show response
forsales.rf.gd/Login%20_%20Salesforce_files/ Frame ECC4 13 KB
6 KB 76ms
76ms Script
application/javascript 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/vendors_scriptloader.bundle.36a21d4ea857cadfa264.js.download
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 6f314f1aecfb61e6b432122d56179b012347cf87c1a6e26e020373d194ee6c67

Request headers

Referer: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Mar 2021 11:48:08 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 15 Mar 2021 14:40:33 GMT

GET
H/1.1 200
OK scriptloader.bundle.36a21d4ea857cadfa264.js.download Show response
forsales.rf.gd/Login%20_%20Salesforce_files/ Frame ECC4 26 KB
6 KB 96ms
96ms Script
application/javascript 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/scriptloader.bundle.36a21d4ea857cadfa264.js.download
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 48070ea61ed75988d617a2d86a2fcc91cac12aa966432b7f968be58722faafbb

Request headers

Referer: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Mar 2021 11:48:06 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 15 Mar 2021 14:40:33 GMT

GET
H/1.1 200
OK vendors_utils_webpack-script-manifest-SfdcWwwBaseCnc-js_webpack-script-manifest-commonlyUsed-js_webp_8dbeef75.bundle.36a21d4ea857cadfa264.js.download Show response
forsales.rf.gd/Login%20_%20Salesforce_files/ Frame ECC4 16 KB
7 KB 81ms
80ms Script
application/javascript 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/vendors_utils_webpack-script-manifest-SfdcWwwBaseCnc-js_webpack-script-manifest-commonlyUsed-js_webp_8dbeef75.bundle.36a21d4ea857cadfa264.js.download
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 970dbe7e1823cd7bd5ffb344458c1fc6c484bb85fdd7adbc29d6abc5d9caee5b

Request headers

Referer: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Mar 2021 11:48:09 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 15 Mar 2021 14:40:33 GMT

GET
H/1.1 200
OK utils.bundle.36a21d4ea857cadfa264.js.download Show response
forsales.rf.gd/Login%20_%20Salesforce_files/ Frame ECC4 16 KB
6 KB 75ms
73ms Script
application/javascript 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/utils.bundle.36a21d4ea857cadfa264.js.download
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 9b8dc734c64cdee08c1432f7a097c44988d9d76afe879f32a9f1e1f1e7e092a5

Request headers

Referer: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:34 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Mar 2021 11:48:08 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 15 Mar 2021 14:40:34 GMT

GET
H/1.1 200
OK clientlibs_analytics_login_bottom.min.1b92732e88e8c833f5bfe2a07718ff47.js.download Show response
forsales.rf.gd/Login%20_%20Salesforce_files/ Frame ECC4 216 KB
75 KB 411ms
409ms Script
application/javascript 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/clientlibs_analytics_login_bottom.min.1b92732e88e8c833f5bfe2a07718ff47.js.download
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 05e1128d68e417d7515fceb831d28c1377ccac0d3da960fa968027ef72f481b8

Request headers

Referer: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:34 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Mar 2021 11:47:59 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 15 Mar 2021 14:40:34 GMT

GET
H/1.1 200
OK VisitorAPI.js.download Show response
forsales.rf.gd/Login%20_%20Salesforce_files/ Frame ECC4 42 KB
16 KB 136ms
136ms Script
application/javascript 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/VisitorAPI.js.download
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 5557e57bf1cfc21f10005621fee302da370f1329a4fc0771fa8a686975ec53a8

Request headers

Referer: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:34 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Mar 2021 11:48:10 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 15 Mar 2021 14:40:34 GMT

GET
H/1.1 200
OK ip.json Show response
api.company-target.com/api/v2/ Frame ECC4 436 B
1 KB 118ms
94ms XHR
application/json 13.226.159.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://api.company-target.com/api/v2/ip.json?token=09dd7a8bed725339af3ce985f86800730b42b5cf
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/jquery.min.772fb04d4ce536dfb06c17e789ad4dbd.js.download
Protocol: HTTP/1.1
Server: 13.226.159.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-90.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 0d24e9923edbf8af778b0e4b424f25f68e5eaf62a395eb7a2242206bf4955b30

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://forsales.rf.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:33 GMT
Identification-Source: CENTRAL
X-Amz-Cf-Pop: DUS51-C1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Access-Control-Max-Age: 7200
Connection: keep-alive
Request-ID: 5ac976d1-bf15-4c65-b08c-0cb0ee25e00a
Content-Encoding: gzip
Pragma: no-cache
Access-Control-Allow-Origin: http://forsales.rf.gd
Server: nginx
Vary: Accept-Encoding, Origin
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json;charset=utf-8
Via: 1.1 50f438df6dbb947f3e4702890bc9cc06.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Api-Version: v2
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Amz-Cf-Id: Q2ziQgb0v5apinVGKda_8VrRLwbCWfqe8UGrwQTJxLvAyH5IJnJHRA==
Expires: Sun, 14 Mar 2021 14:40:33 GMT

GET

/
infinityfree.net/errors/404/ Frame ECC4
Redirect Chain

http://forsales.rf.gd/wbin/www-core/f/g?analytics=true
https://infinityfree.net/errors/404/

0
0

OPTIONS
H2 405 /
infinityfree.net/errors/404/ Frame 0
0 55ms
55ms Preflight
text/html 104.26.8.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://infinityfree.net/errors/404/
Protocol: H2
Server: 104.26.8.174 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-requested-with
Origin: http://forsales.rf.gd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

GET

/
infinityfree.net/errors/404/ Frame ECC4
Redirect Chain

http://forsales.rf.gd/Login%20_%20Salesforce_files/8e783e8c-0ad0-475d-8fca-4a03afa0a02a/en.json
https://infinityfree.net/errors/404/

0
0

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ Frame ECC4 164 B
521 B 39ms
18ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: forsales.rf.gd
URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/8e783e8c-0ad0-475d-8fca-4a03afa0a02a.js.download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: http://forsales.rf.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:40:34 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 63067f6989692c56-FRA
cf-request-id: 08d7edf5f900002c56e09bd000000001

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame ECC4 355 KB
85 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WRXS6TH

Requested by

Host: forsales.rf.gd
URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1150543b116d689b12b4774afa047196c61028abd6ab172fe3799ac28c17c8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://forsales.rf.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:40:34 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87325
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Mar 2021 14:40:34 GMT

GET _jcr_content.personalization.pagemetadata.json
www.salesforce.com/Login%20_%20Salesforce_files/promos/ Frame ECC4 0
0

GET
H2

200

customer-login-df2u-bg.png
www.salesforce.com/content/dam/web/en_us/www/images/login-promos/ Frame ECC4
Redirect Chain

http://www.salesforce.com/content/dam/web/en_us/www/images/login-promos/customer-login-df2u-bg.png
https://www.salesforce.com/content/dam/web/en_us/www/images/login-promos/customer-login-df2u-bg.png

111 KB
112 KB

43ms
17ms

Image
image/png

2a02:26f0:f1::48f7:b38a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.salesforce.com/content/dam/web/en_us/www/images/login-promos/customer-login-df2u-bg.png

Requested by

Host: forsales.rf.gd
URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/promos.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1::48f7:b38a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

351c94453a2b12f8a960b4e139141bbfeeb1383b378fdcb1e137eae137c4c4d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://forsales.rf.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:40:34 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 Mar 2021 23:55:12 GMT
server: Apache
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=86400
content-type: image/png
cache-control: private, max-age=4958081, s-maxage=10
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 113698
x-content-type-options: nosniff
expires: Tue, 11 May 2021 23:55:15 GMT

Redirect headers

Location: https://www.salesforce.com/content/dam/web/en_us/www/images/login-promos/customer-login-df2u-bg.png
Non-Authoritative-Reason: HSTS

GET

/
infinityfree.net/errors/404/ Frame ECC4
Redirect Chain

http://forsales.rf.gd/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff2
https://infinityfree.net/errors/404/

0
0

GET

/
infinityfree.net/errors/404/ Frame ECC4
Redirect Chain

http://forsales.rf.gd/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Light.woff2
https://infinityfree.net/errors/404/

0
0

GET

/
infinityfree.net/errors/404/ Frame ECC4
Redirect Chain

http://forsales.rf.gd/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff
https://infinityfree.net/errors/404/

0
0

GET

/
infinityfree.net/errors/404/ Frame ECC4
Redirect Chain

http://forsales.rf.gd/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Light.woff
https://infinityfree.net/errors/404/

0
0

GET

/
infinityfree.net/errors/404/ Frame ECC4
Redirect Chain

http://forsales.rf.gd/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf
https://infinityfree.net/errors/404/

0
0

GET
H/1.1 200
OK SalesforceSans-Light.ttf
forsales.rf.gd/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/ Frame ECC4 902 B
871 B 47ms
47ms Font
text/html 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://forsales.rf.gd/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Light.ttf
Requested by: Host: forsales.rf.gd
URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/all.bundle.e09950eff7a63a67f9fc.css
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 14d11593463d2322adbb15ef8182d7d1ec08ccccb2bfc48f45525d9f1da1aa8a

Request headers

Origin: http://forsales.rf.gd
Referer: http://forsales.rf.gd/Login%20_%20Salesforce_files/all.bundle.e09950eff7a63a67f9fc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:34 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 promos.html Show response
c.salesforce.com/login-messages/eu/ Frame ECC4 60 KB
6 KB 122ms
38ms Document
text/html 23.79.133.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.salesforce.com/login-messages/eu/promos.html

Requested by

Host: forsales.rf.gd
URL: http://forsales.rf.gd/?i=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.79.133.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-79-133-184.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

4deb3c5b0bd47624fe7d0f59f876d80fcb875224638d510fa47ce1ef8ec7c363

Security Headers

Name	Value
Strict-Transport-Security	maxage=16070400; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: c.salesforce.com
:scheme: https
:path: /login-messages/eu/promos.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://forsales.rf.gd/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://forsales.rf.gd/

Response headers

server: Apache
accept-ranges: bytes
x-mod-pagespeed: active
vary: Accept-Encoding
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-ua-compatible: IE=9; IE=8; IE=7; IE=EDGE
content-type: text/html
content-length: 5766
strict-transport-security: maxage=16070400; includeSubdomains; preload
cache-control: no-cache, s-maxage=10
date: Mon, 15 Mar 2021 14:40:35 GMT

GET
H/1.1 200
OK capslock_blue.png
forsales.rf.gd/img/icon/ 851 B
851 B 47ms
46ms Image
text/html 185.27.134.153
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://forsales.rf.gd/img/icon/capslock_blue.png
Protocol: HTTP/1.1
Server: 185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://forsales.rf.gd/?i=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:40:34 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 jquery.min.772fb04d4ce536dfb06c17e789ad4dbd.js Show response
www.salesforce.com/etc.clientlibs/clientlibs/granite/ Frame ECC4 111 KB
38 KB 19ms
17ms Script
text/javascript 2a02:26f0:f1::48f7:b38a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.salesforce.com/etc.clientlibs/clientlibs/granite/jquery.min.772fb04d4ce536dfb06c17e789ad4dbd.js

Requested by

Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/eu/promos.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1::48f7:b38a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

b397476bcbcf8c9eae3f82007cc4f9495661b367e02e6d3dea6e15f0610ef20a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/eu/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:40:35 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Mar 2021 03:35:11 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=1209600, s-maxage=10
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=86400
accept-ranges: bytes
vary: Accept-Encoding
content-length: 38305
x-content-type-options: nosniff
expires: Mon, 29 Mar 2021 14:40:35 GMT

GET
H2 200 utils.min.a53a609d64abb59ba4017351854c46d0.js Show response
www.salesforce.com/etc.clientlibs/clientlibs/granite/ Frame ECC4 10 KB
4 KB 24ms
22ms Script
text/javascript 2a02:26f0:f1::48f7:b38a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.salesforce.com/etc.clientlibs/clientlibs/granite/utils.min.a53a609d64abb59ba4017351854c46d0.js

Requested by

Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/eu/promos.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1::48f7:b38a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

c3f71d542656fa0835d15106408ec065d630c8bc05078915d8b58202ba28956e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/eu/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:40:35 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Mar 2021 01:56:06 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=1209600, s-maxage=10
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=86400
accept-ranges: bytes
vary: Accept-Encoding
content-length: 3724
x-content-type-options: nosniff
expires: Mon, 29 Mar 2021 14:40:35 GMT

GET
H2 200 granite.min.e67470fde615e2d442e08aad300a8905.js Show response
www.salesforce.com/etc.clientlibs/clientlibs/granite/jquery/ Frame ECC4 4 KB
2 KB 62ms
60ms Script
text/javascript 2a02:26f0:f1::48f7:b38a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.salesforce.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.e67470fde615e2d442e08aad300a8905.js

Requested by

Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/eu/promos.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1::48f7:b38a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

0c004a8bc2e2b97498e70c2e4cd25caac120fd9b9dc75446d5e3867e741b661c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/eu/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:40:35 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 04 Mar 2021 21:05:07 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=1209600, s-maxage=10
server-timing: cdn-cache; desc=HIT, edge; dur=31
strict-transport-security: max-age=86400
accept-ranges: bytes
vary: Accept-Encoding
content-length: 1748
x-content-type-options: nosniff
expires: Mon, 29 Mar 2021 14:40:35 GMT

GET
H2 200 jquery.min.dd9b395c741ce2784096e26619e14910.js Show response
www.salesforce.com/etc.clientlibs/foundation/clientlibs/ Frame ECC4 16 B
361 B 80ms
78ms Script
text/javascript 2a02:26f0:f1::48f7:b38a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.salesforce.com/etc.clientlibs/foundation/clientlibs/jquery.min.dd9b395c741ce2784096e26619e14910.js

Requested by

Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/eu/promos.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1::48f7:b38a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

c084b47104c493fb377b6d35d8c08df67d773f6dcf8294c0a7360710cd8cacbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/eu/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:40:35 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 04 Mar 2021 19:17:02 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=1209600, s-maxage=10
server-timing: cdn-cache; desc=HIT, edge; dur=44
strict-transport-security: max-age=86400
accept-ranges: bytes
vary: Accept-Encoding
content-length: 36
x-content-type-options: nosniff
expires: Mon, 29 Mar 2021 14:40:35 GMT

GET
H2 200 modern.min.3a0ad4c7614495b1cae264dfcb9b9813.js Show response
www.salesforce.com/etc.clientlibs/clientlibs/granite/lodash/ Frame ECC4 34 KB
12 KB 62ms
59ms Script
text/javascript 2a02:26f0:f1::48f7:b38a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.salesforce.com/etc.clientlibs/clientlibs/granite/lodash/modern.min.3a0ad4c7614495b1cae264dfcb9b9813.js

Requested by

Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/eu/promos.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1::48f7:b38a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

355604a949ef95ceffcd21a7e9b5ed27c95d847f95127e0ddad5aa1793f1bb74

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/eu/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:40:35 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 04 Mar 2021 21:58:47 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=1209600, s-maxage=10
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=86400
accept-ranges: bytes
vary: Accept-Encoding
content-length: 11784
x-content-type-options: nosniff
expires: Mon, 29 Mar 2021 14:40:35 GMT

GET
H2 200 clientlibs_analytics_login_top.min.8a963051768f1ee0be822df84a226fe2.js Show response
www.salesforce.com/etc/clientlibs/sfdc-aem-master/ Frame ECC4 26 KB
9 KB 68ms
66ms Script
text/javascript 2a02:26f0:f1::48f7:b38a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.salesforce.com/etc/clientlibs/sfdc-aem-master/clientlibs_analytics_login_top.min.8a963051768f1ee0be822df84a226fe2.js

Requested by

Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/eu/promos.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1::48f7:b38a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

d4d5be5c2a7d58433177e3fcc9e8553eb1da447d9093f4c63780efb6c6fa7015

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/eu/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:40:35 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 04 Mar 2021 19:20:01 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=1209600, s-maxage=10
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=86400
accept-ranges: bytes
vary: Accept-Encoding
content-length: 8552
x-content-type-options: nosniff
expires: Mon, 29 Mar 2021 14:40:35 GMT

GET
H2 200 8e783e8c-0ad0-475d-8fca-4a03afa0a02a.js Show response
a.sfdcstatic.com/enterprise/salesforce/prod/oneTrust/ Frame ECC4 375 KB
55 KB 152ms
49ms Script
application/x-javascript 88.221.196.217
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://a.sfdcstatic.com/enterprise/salesforce/prod/oneTrust/8e783e8c-0ad0-475d-8fca-4a03afa0a02a.js
Requested by: Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/eu/promos.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.196.217 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-196-217.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 1251aae34ff7c09bfa2965df48b5188ac9166a239976501f80d17921ce136c96

Request headers

Referer: https://c.salesforce.com/login-messages/eu/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:40:35 GMT
content-encoding: br
last-modified: Thu, 18 Feb 2021 16:48:40 GMT
server: Akamai Resource Optimizer
etag: "47a4d605c32617a45c022ce2b5596226:1606874469.387041"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=936114
accept-ranges: bytes
content-length: 55730
expires: Fri, 26 Mar 2021 10:42:29 GMT

GET
H2 200 clientlibs_onetrust.min.0d4ae6f336cc81eb0a6d5115d3c70964.css
www.salesforce.com/etc/clientlibs/sfdc-aem-master/ Frame ECC4 14 KB
2 KB 40ms
39ms Stylesheet
text/css 2a02:26f0:f1::48f7:b38a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.salesforce.com/etc/clientlibs/sfdc-aem-master/clientlibs_onetrust.min.0d4ae6f336cc81eb0a6d5115d3c70964.css

Requested by

Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/eu/promos.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1::48f7:b38a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

96658352b0162515657d0d82bc4b29acc7f486529ccea7b5600ddbe4803f6724

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/eu/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:40:35 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Mar 2021 15:24:55 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=1209600, s-maxage=10
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=86400
accept-ranges: bytes
vary: Accept-Encoding
content-length: 2074
x-content-type-options: nosniff
expires: Mon, 29 Mar 2021 14:40:35 GMT

GET
H2 200 all.bundle.e09950eff7a63a67f9fc.css
www.salesforce.com/etc.bundles/sfdc-www/bundles/ Frame ECC4 632 KB
84 KB 46ms
45ms Stylesheet
text/css 2a02:26f0:f1::48f7:b38a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.salesforce.com/etc.bundles/sfdc-www/bundles/all.bundle.e09950eff7a63a67f9fc.css

Requested by

Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/eu/promos.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1::48f7:b38a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

cdb4e9d4d225bc286abbdd847ccaa207f8afcf38ab9addbaa27826699ecb4e45

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/eu/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:40:35 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Mar 2021 09:57:33 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=1209600, s-maxage=10
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=86400
accept-ranges: bytes
vary: Accept-Encoding
content-length: 85252
x-content-type-options: nosniff
expires: Mon, 29 Mar 2021 14:40:35 GMT

GET
H2 200 sfdc-liveChat.bundle.e09950eff7a63a67f9fc.css
www.salesforce.com/etc.bundles/sfdc-www/bundles/ Frame ECC4 9 KB
2 KB 54ms
53ms Stylesheet
text/css 2a02:26f0:f1::48f7:b38a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.salesforce.com/etc.bundles/sfdc-www/bundles/sfdc-liveChat.bundle.e09950eff7a63a67f9fc.css

Requested by

Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/eu/promos.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1::48f7:b38a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

a585ce7410a54b3f6e9379a057927a0151ffeb14465799bb20dc2b29986e1eb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/eu/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:40:35 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 04 Mar 2021 23:10:23 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=1209600, s-maxage=10
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=86400
accept-ranges: bytes
vary: Accept-Encoding
content-length: 2085
x-content-type-options: nosniff
expires: Mon, 29 Mar 2021 14:40:35 GMT

GET
H2 200 clientlibs_www_tags.min.49c634c0df8e725801cecc00b8a87f20.js Show response
www.salesforce.com/etc/clientlibs/sfdc-aem-master/ Frame ECC4 1 KB
892 B 95ms
94ms Script
text/javascript 2a02:26f0:f1::48f7:b38a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.salesforce.com/etc/clientlibs/sfdc-aem-master/clientlibs_www_tags.min.49c634c0df8e725801cecc00b8a87f20.js

Requested by

Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/eu/promos.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1::48f7:b38a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

776e011700a430a8fd3cda23ce96ef30c6da4a54c308abec4c0ec2f8d6941a49

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/eu/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:40:35 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 04 Mar 2021 20:02:13 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=1209600, s-maxage=10
server-timing: cdn-cache; desc=HIT, edge; dur=23
strict-transport-security: max-age=86400
accept-ranges: bytes
vary: Accept-Encoding
content-length: 566
x-content-type-options: nosniff
expires: Mon, 29 Mar 2021 14:40:35 GMT

GET
H2 200 spacer.gif
www.salesforce.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/imgs/ Frame ECC4 43 B
351 B 33ms
32ms Image
image/gif 2a02:26f0:f1::48f7:b38a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.salesforce.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/imgs/spacer.gif

Requested by

Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/eu/promos.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1::48f7:b38a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/eu/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:40:36 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 04 Mar 2021 17:17:50 GMT
server: Apache
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=86400
content-type: image/gif
cache-control: private, max-age=4958082, s-maxage=10
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 43
x-content-type-options: nosniff
expires: Tue, 11 May 2021 23:55:18 GMT

GET
H2 200 vendors~scriptloader~utils.bundle.36a21d4ea857cadfa264.js Show response
www.salesforce.com/etc.bundles/sfdc-www/bundles/ Frame ECC4 13 KB
5 KB 51ms
49ms Script
text/javascript 2a02:26f0:f1::48f7:b38a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.salesforce.com/etc.bundles/sfdc-www/bundles/vendors~scriptloader~utils.bundle.36a21d4ea857cadfa264.js

Requested by

Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/eu/promos.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1::48f7:b38a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

f7becd483ffb6036db37eb140255c414bf9ec9e37572194d9111351cbd7fb888

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/eu/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:40:35 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 04 Mar 2021 18:33:58 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=1209600, s-maxage=10
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=86400
accept-ranges: bytes
vary: Accept-Encoding
content-length: 4821
x-content-type-options: nosniff
expires: Mon, 29 Mar 2021 14:40:35 GMT

GET
H2 200 vendors~scriptloader.bundle.36a21d4ea857cadfa264.js Show response
www.salesforce.com/etc.bundles/sfdc-www/bundles/ Frame ECC4 13 KB
6 KB 63ms
63ms Script
text/javascript 2a02:26f0:f1::48f7:b38a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.salesforce.com/etc.bundles/sfdc-www/bundles/vendors~scriptloader.bundle.36a21d4ea857cadfa264.js

Requested by

Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/eu/promos.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1::48f7:b38a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

6f314f1aecfb61e6b432122d56179b012347cf87c1a6e26e020373d194ee6c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/eu/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:40:35 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Mar 2021 05:00:47 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=1209600, s-maxage=10
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=86400
accept-ranges: bytes
vary: Accept-Encoding
content-length: 5393
x-content-type-options: nosniff
expires: Mon, 29 Mar 2021 14:40:35 GMT

GET
H2 200 scriptloader.bundle.36a21d4ea857cadfa264.js Show response
www.salesforce.com/etc.bundles/sfdc-www/bundles/ Frame ECC4 26 KB
5 KB 28ms
28ms Script
text/javascript 2a02:26f0:f1::48f7:b38a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.salesforce.com/etc.bundles/sfdc-www/bundles/scriptloader.bundle.36a21d4ea857cadfa264.js

Requested by

Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/eu/promos.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1::48f7:b38a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

48070ea61ed75988d617a2d86a2fcc91cac12aa966432b7f968be58722faafbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/eu/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:40:35 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Mar 2021 00:33:21 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=1209600, s-maxage=10
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=86400
accept-ranges: bytes
vary: Accept-Encoding
content-length: 5099
x-content-type-options: nosniff
expires: Mon, 29 Mar 2021 14:40:35 GMT

GET
H2 200 vendors~utils~webpack-script-manifest-SfdcWwwBaseCnc-js~webpack-script-manifest-commonlyUsed-js~webp~8dbeef75.bundle.36a21d4ea857cadfa264.js Show response
www.salesforce.com/etc.bundles/sfdc-www/bundles/ Frame ECC4 16 KB
6 KB 20ms
18ms Script
text/javascript 2a02:26f0:f1::48f7:b38a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.salesforce.com/etc.bundles/sfdc-www/bundles/vendors~utils~webpack-script-manifest-SfdcWwwBaseCnc-js~webpack-script-manifest-commonlyUsed-js~webp~8dbeef75.bundle.36a21d4ea857cadfa264.js

Requested by

Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/eu/promos.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1::48f7:b38a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

970dbe7e1823cd7bd5ffb344458c1fc6c484bb85fdd7adbc29d6abc5d9caee5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/eu/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:40:36 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 04 Mar 2021 19:48:09 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=1209600, s-maxage=10
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=86400
accept-ranges: bytes
vary: Accept-Encoding
content-length: 6037
x-content-type-options: nosniff
expires: Mon, 29 Mar 2021 14:40:36 GMT

GET
H2 200 utils.bundle.36a21d4ea857cadfa264.js Show response
www.salesforce.com/etc.bundles/sfdc-www/bundles/ Frame ECC4 16 KB
6 KB 28ms
26ms Script
text/javascript 2a02:26f0:f1::48f7:b38a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.salesforce.com/etc.bundles/sfdc-www/bundles/utils.bundle.36a21d4ea857cadfa264.js

Requested by

Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/eu/promos.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1::48f7:b38a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

9b8dc734c64cdee08c1432f7a097c44988d9d76afe879f32a9f1e1f1e7e092a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/eu/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:40:36 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Mar 2021 00:36:11 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=1209600, s-maxage=10
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=86400
accept-ranges: bytes
vary: Accept-Encoding
content-length: 5410
x-content-type-options: nosniff
expires: Mon, 29 Mar 2021 14:40:36 GMT

GET
H2 200 clientlibs_analytics_login_bottom.min.1b92732e88e8c833f5bfe2a07718ff47.js Show response
www.salesforce.com/etc/clientlibs/sfdc-aem-master/ Frame ECC4 216 KB
66 KB 32ms
31ms Script
text/javascript 2a02:26f0:f1::48f7:b38a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.salesforce.com/etc/clientlibs/sfdc-aem-master/clientlibs_analytics_login_bottom.min.1b92732e88e8c833f5bfe2a07718ff47.js

Requested by

Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/eu/promos.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1::48f7:b38a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

05e1128d68e417d7515fceb831d28c1377ccac0d3da960fa968027ef72f481b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/eu/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:40:36 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Mar 2021 08:44:56 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=1209600, s-maxage=10
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=86400
accept-ranges: bytes
vary: Accept-Encoding
content-length: 67526
x-content-type-options: nosniff
expires: Mon, 29 Mar 2021 14:40:36 GMT

GET
H2 200 en.json Show response
a.sfdcstatic.com/enterprise/salesforce/prod/oneTrust/8e783e8c-0ad0-475d-8fca-4a03afa0a02a/ Frame ECC4 94 KB
95 KB 134ms
43ms XHR
application/json 88.221.196.217
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://a.sfdcstatic.com/enterprise/salesforce/prod/oneTrust/8e783e8c-0ad0-475d-8fca-4a03afa0a02a/en.json
Requested by: Host: a.sfdcstatic.com
URL: https://a.sfdcstatic.com/enterprise/salesforce/prod/oneTrust/8e783e8c-0ad0-475d-8fca-4a03afa0a02a.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.196.217 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-196-217.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 574d9b5d3a099e5834b1812ad716d73fc4a2625b1a3858e988fe4cf6557c41e4

Request headers

Referer: https://c.salesforce.com/login-messages/eu/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:40:35 GMT
last-modified: Wed, 02 Dec 2020 02:01:32 GMT
server: AkamaiNetStorage
etag: "83dbdbc7aad00d85345f84cc87da9cef:1606874491.093909"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 96629
expires: Mon, 15 Mar 2021 15:40:35 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ Frame ECC4 164 B
362 B 21ms
20ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: a.sfdcstatic.com
URL: https://a.sfdcstatic.com/enterprise/salesforce/prod/oneTrust/8e783e8c-0ad0-475d-8fca-4a03afa0a02a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://c.salesforce.com/login-messages/eu/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:40:36 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 63067f73591a2c56-FRA
cf-request-id: 08d7edfc1600002c56c7858000000001

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame ECC4 355 KB
85 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WRXS6TH

Requested by

Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/eu/promos.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0ef5c2b9255f9274e142f62c8aa9f1228663af3fb236be379d7e72e86042e7ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://c.salesforce.com/login-messages/eu/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:40:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87330
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Mar 2021 14:40:36 GMT

GET
H2 404 _jcr_content.personalization.pagemetadata.json Show response
www.salesforce.com/login-messages/eu/promos/ Frame ECC4 108 KB
15 KB 350ms
349ms XHR
text/html 2a02:26f0:f1::48f7:b38a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.salesforce.com/login-messages/eu/promos/_jcr_content.personalization.pagemetadata.json

Requested by

Host: www.salesforce.com
URL: https://www.salesforce.com/etc/clientlibs/sfdc-aem-master/clientlibs_www_tags.min.49c634c0df8e725801cecc00b8a87f20.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1::48f7:b38a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

57f61d75901b6633f26c881c8bad45b34b2f20a3bccb6006ea76b5bc25339919

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/eu/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:40:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server-timing: cdn-cache; desc=MISS, edge; dur=107, origin; dur=226
content-length: 15034
x-ua-compatible: IE=9; IE=8; IE=7; IE=EDGE
referrer-policy: no-referrer-when-downgrade
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=294
accept-ranges: bytes
expires: Mon, 15 Mar 2021 14:45:30 GMT

GET
H2 200 SalesforceSans-Regular.woff2
www.salesforce.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/ Frame ECC4 27 KB
27 KB 19ms
18ms Font
font/woff2 2a02:26f0:f1::48f7:b38a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.salesforce.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff2

Requested by

Host: www.salesforce.com
URL: https://www.salesforce.com/etc.bundles/sfdc-www/bundles/all.bundle.e09950eff7a63a67f9fc.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1::48f7:b38a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

6f2251079db9fde7d456ba66a9294899f3024dac928bec71b3ce42e1568f304f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://c.salesforce.com
Referer: https://www.salesforce.com/etc.bundles/sfdc-www/bundles/all.bundle.e09950eff7a63a67f9fc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:40:36 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 04 Mar 2021 17:17:48 GMT
server: Apache
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=86400
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 27684
x-content-type-options: nosniff
expires: Wed, 14 Apr 2021 14:40:36 GMT

GET
H2 200 webpack-script-manifest-config-js.bundle.36a21d4ea857cadfa264.js Show response
www.salesforce.com/etc.bundles/sfdc-www/bundles/ Frame ECC4 2 KB
1 KB 18ms
17ms Script
text/javascript 2a02:26f0:f1::48f7:b38a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.salesforce.com/etc.bundles/sfdc-www/bundles/webpack-script-manifest-config-js.bundle.36a21d4ea857cadfa264.js

Requested by

Host: www.salesforce.com
URL: https://www.salesforce.com/etc.bundles/sfdc-www/bundles/scriptloader.bundle.36a21d4ea857cadfa264.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1::48f7:b38a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

1f28a176d797a079288f5b2459a513eecb6f7953ecd7f6359dd9e8ca3a48bbae

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/eu/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:40:36 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Mar 2021 09:24:51 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=1209600, s-maxage=10
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=86400
accept-ranges: bytes
vary: Accept-Encoding
content-length: 1161
x-content-type-options: nosniff
expires: Mon, 29 Mar 2021 14:40:36 GMT

GET
H2 200 vendors~webpack-script-manifest-SfdcWwwBaseCnc-js~webpack-script-manifest-commonlyUsed-js.bundle.36a21d4ea857cadfa264.js Show response
www.salesforce.com/etc.bundles/sfdc-www/bundles/ Frame ECC4 141 KB
42 KB 23ms
22ms Script
text/javascript 2a02:26f0:f1::48f7:b38a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.salesforce.com/etc.bundles/sfdc-www/bundles/vendors~webpack-script-manifest-SfdcWwwBaseCnc-js~webpack-script-manifest-commonlyUsed-js.bundle.36a21d4ea857cadfa264.js

Requested by

Host: www.salesforce.com
URL: https://www.salesforce.com/etc.bundles/sfdc-www/bundles/scriptloader.bundle.36a21d4ea857cadfa264.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1::48f7:b38a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

708615b9e9c30cae15058f9e574222089486620a84f5ad87466c72cb14b3df5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/eu/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:40:36 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Mar 2021 02:58:26 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=1209600, s-maxage=10
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=86400
accept-ranges: bytes
vary: Accept-Encoding
content-length: 42157
x-content-type-options: nosniff
expires: Mon, 29 Mar 2021 14:40:36 GMT

GET
H2 200 webpack-script-manifest-SfdcWwwBaseCnc-js~webpack-script-manifest-commonlyUsed-js~webpack-script-man~30a1d5be.bundle.36a21d4ea857cadfa264.js Show response
www.salesforce.com/etc.bundles/sfdc-www/bundles/ Frame ECC4 16 KB
5 KB 28ms
26ms Script
text/javascript 2a02:26f0:f1::48f7:b38a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.salesforce.com/etc.bundles/sfdc-www/bundles/webpack-script-manifest-SfdcWwwBaseCnc-js~webpack-script-manifest-commonlyUsed-js~webpack-script-man~30a1d5be.bundle.36a21d4ea857cadfa264.js

Requested by

Host: www.salesforce.com
URL: https://www.salesforce.com/etc.bundles/sfdc-www/bundles/scriptloader.bundle.36a21d4ea857cadfa264.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1::48f7:b38a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

85b2446757ca1d6ac289ae8e8f0a500960d6e6d59932089fbe9f35fe91eab7a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/eu/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:40:36 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Mar 2021 00:11:41 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=1209600, s-maxage=10
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=86400
accept-ranges: bytes
vary: Accept-Encoding
content-length: 4596
x-content-type-options: nosniff
expires: Mon, 29 Mar 2021 14:40:36 GMT

GET
H2 200 webpack-script-manifest-commonlyUsed-js.bundle.36a21d4ea857cadfa264.js Show response
www.salesforce.com/etc.bundles/sfdc-www/bundles/ Frame ECC4 40 KB
14 KB 55ms
54ms Script
text/javascript 2a02:26f0:f1::48f7:b38a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.salesforce.com/etc.bundles/sfdc-www/bundles/webpack-script-manifest-commonlyUsed-js.bundle.36a21d4ea857cadfa264.js

Requested by

Host: www.salesforce.com
URL: https://www.salesforce.com/etc.bundles/sfdc-www/bundles/scriptloader.bundle.36a21d4ea857cadfa264.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1::48f7:b38a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

6e83fadec6902c1b3a22ec0ef06c05fa2b73bb4479fd83a8b4312a126409d898

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/eu/promos.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:40:36 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Mar 2021 02:03:08 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=1209600, s-maxage=10
server-timing: cdn-cache; desc=HIT, edge; dur=21
strict-transport-security: max-age=86400
accept-ranges: bytes
vary: Accept-Encoding
content-length: 13847
x-content-type-options: nosniff
expires: Mon, 29 Mar 2021 14:40:36 GMT

GET
H2 200 SalesforceSans-Bold.woff2
www.salesforce.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/ Frame ECC4 27 KB
27 KB 20ms
18ms Font
font/woff2 2a02:26f0:f1::48f7:b38a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.salesforce.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Bold.woff2

Requested by

Host: www.salesforce.com
URL: https://www.salesforce.com/etc.bundles/sfdc-www/bundles/all.bundle.e09950eff7a63a67f9fc.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1::48f7:b38a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

13873c462325bd5d2b2bbb385fe971e1ced14d0d698e2eabb917fdf7a4af438a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://c.salesforce.com
Referer: https://www.salesforce.com/etc.bundles/sfdc-www/bundles/all.bundle.e09950eff7a63a67f9fc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:40:36 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 04 Mar 2021 17:39:23 GMT
server: Apache
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=86400
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 27648
x-content-type-options: nosniff
expires: Wed, 14 Apr 2021 14:40:36 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: infinityfree.net
URL: https://infinityfree.net/errors/404/

Domain: infinityfree.net
URL: https://infinityfree.net/errors/404/

Domain: infinityfree.net
URL: https://infinityfree.net/errors/404/

Domain: infinityfree.net
URL: https://infinityfree.net/errors/404/

Domain: www.salesforce.com
URL: https://www.salesforce.com/Login%20_%20Salesforce_files/promos/_jcr_content.personalization.pagemetadata.json

Domain: infinityfree.net
URL: https://infinityfree.net/errors/404/

Domain: infinityfree.net
URL: https://infinityfree.net/errors/404/

Domain: infinityfree.net
URL: https://infinityfree.net/errors/404/

Domain: infinityfree.net
URL: https://infinityfree.net/errors/404/

Domain: infinityfree.net
URL: https://infinityfree.net/errors/404/

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/clientlibs_analytics_login_top.min.8a963051768f1ee0be822df84a226fe2.js.download(Line 532) Message: Request Failed: error,
console-api	error	URL: http://forsales.rf.gd/Login%20_%20Salesforce_files/scriptloader.bundle.36a21d4ea857cadfa264.js.download(Line 1) Message: TypeError: Cannot read property 'util' of undefined
console-api	warning	URL: https://www.salesforce.com/etc/clientlibs/sfdc-aem-master/clientlibs_www_tags.min.49c634c0df8e725801cecc00b8a87f20.js(Line 16) Message: Could not load taxonomy information for the current page due server status
console-api	error	URL: https://www.salesforce.com/etc.bundles/sfdc-www/bundles/scriptloader.bundle.36a21d4ea857cadfa264.js(Line 1) Message: TypeError: Cannot read property 'util' of undefined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sfdcstatic.com
api.company-target.com
c.salesforce.com
forsales.rf.gd
geolocation.onetrust.com
infinityfree.net
www.googletagmanager.com
www.salesforce.com
infinityfree.net
www.salesforce.com
104.26.8.174
13.226.159.90
185.27.134.153
23.79.133.184
2606:4700:10::6814:b844
2a00:1450:4001:827::2008
2a02:26f0:f1::48f7:b38a
88.221.196.217
02c47d1fb4a92fd6eca59ed828b0d0d7a8ef8285688bd27f36b1e003ffa9a52c
05e1128d68e417d7515fceb831d28c1377ccac0d3da960fa968027ef72f481b8
0c004a8bc2e2b97498e70c2e4cd25caac120fd9b9dc75446d5e3867e741b661c
0d24e9923edbf8af778b0e4b424f25f68e5eaf62a395eb7a2242206bf4955b30
0ef5c2b9255f9274e142f62c8aa9f1228663af3fb236be379d7e72e86042e7ab
1150543b116d689b12b4774afa047196c61028abd6ab172fe3799ac28c17c8c9
1251aae34ff7c09bfa2965df48b5188ac9166a239976501f80d17921ce136c96
13873c462325bd5d2b2bbb385fe971e1ced14d0d698e2eabb917fdf7a4af438a
14d11593463d2322adbb15ef8182d7d1ec08ccccb2bfc48f45525d9f1da1aa8a
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
1f28a176d797a079288f5b2459a513eecb6f7953ecd7f6359dd9e8ca3a48bbae
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
2fccaeb8a9209fdfc0326d46a67b92259c0c71dbc54e16d193e82ea6154599d2
351c94453a2b12f8a960b4e139141bbfeeb1383b378fdcb1e137eae137c4c4d0
355604a949ef95ceffcd21a7e9b5ed27c95d847f95127e0ddad5aa1793f1bb74
414cebf2307f1f10406fbedd9fea5ab109856a60bc85139136c0b2d9d6e8a7b9
42a531dce996297d2a03cb33044b36408821072ad24b9477a237bd8a3ed6ebf7
48070ea61ed75988d617a2d86a2fcc91cac12aa966432b7f968be58722faafbb
4d4d419ece50d3ea60e9f2231032990b733e00864464849574cfdfa2d3d32bcc
4deb3c5b0bd47624fe7d0f59f876d80fcb875224638d510fa47ce1ef8ec7c363
5557e57bf1cfc21f10005621fee302da370f1329a4fc0771fa8a686975ec53a8
574d9b5d3a099e5834b1812ad716d73fc4a2625b1a3858e988fe4cf6557c41e4
57f61d75901b6633f26c881c8bad45b34b2f20a3bccb6006ea76b5bc25339919
6e254c656a029b64c10f320cb325858bc578c94d7a6ec1e5703ba03abb6738c0
6e83fadec6902c1b3a22ec0ef06c05fa2b73bb4479fd83a8b4312a126409d898
6effaae73ce83316d1356ea984e417519743bce7a23982f053b1b8ec82135dae
6f2251079db9fde7d456ba66a9294899f3024dac928bec71b3ce42e1568f304f
6f314f1aecfb61e6b432122d56179b012347cf87c1a6e26e020373d194ee6c67
708615b9e9c30cae15058f9e574222089486620a84f5ad87466c72cb14b3df5b
776e011700a430a8fd3cda23ce96ef30c6da4a54c308abec4c0ec2f8d6941a49
85b2446757ca1d6ac289ae8e8f0a500960d6e6d59932089fbe9f35fe91eab7a6
96658352b0162515657d0d82bc4b29acc7f486529ccea7b5600ddbe4803f6724
96ae34219763aaaedd159d6aea49d54357e9a0754157e18f434e6a5a51765f9a
970dbe7e1823cd7bd5ffb344458c1fc6c484bb85fdd7adbc29d6abc5d9caee5b
98e60d06338019ad0574576a9058d06f72d8818c428fe49cd988743d3af579c1
9b8dc734c64cdee08c1432f7a097c44988d9d76afe879f32a9f1e1f1e7e092a5
a48f997fa23140662c20f7a46e93cefcef071fbf81ce038067582f2d822d86d5
a4c43c319c5d2cf401c0dd8ac9925fbcb8c68e59601357fe5a2293067ec63627
a585ce7410a54b3f6e9379a057927a0151ffeb14465799bb20dc2b29986e1eb2
b1513134818551644769c92221dcc0d750ab01019db151aa2b6ccec625fea90b
b317d4917a3609c193769e921e7f7cbee3aa6006a17d992429d4885d6e9e8162
b397476bcbcf8c9eae3f82007cc4f9495661b367e02e6d3dea6e15f0610ef20a
b77235b3019fb2cbfa81aa3ab3310b5ed4e09e28085ae21768d6cf4e9411273a
b7969e630336eef9c5e7c4dfdf863f0d34d0b2dc67a068080cf7807d23adcf94
c084b47104c493fb377b6d35d8c08df67d773f6dcf8294c0a7360710cd8cacbd
c3f71d542656fa0835d15106408ec065d630c8bc05078915d8b58202ba28956e
cdb4e9d4d225bc286abbdd847ccaa207f8afcf38ab9addbaa27826699ecb4e45
d2701c86a2a31a641520e72121749dbbabeed4b1a59aece20bbf14f9c9de82bc
d4d5be5c2a7d58433177e3fcc9e8553eb1da447d9093f4c63780efb6c6fa7015
dd464055be78eadee2d5d3ecc5380600b788883e462d9e77372877dc04110e6d
e3743c2f92ebed343f20416fa363d005bcda699a0b8d4380c417a99ad4928e35
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7becd483ffb6036db37eb140255c414bf9ec9e37572194d9111351cbd7fb888
f9cd7471411fc60aeb59674805af6eab010b8a058cbf4f3a9640a852cdeb424b

forsales.rf.gd Open in urlscan Pro 185.27.134.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

88 Requests

38 %HTTPS

38 %IPv6

7 Domains

8 Subdomains

9 IPs

3 Countries

1566 kBTransfer

5346 kBSize

0 Cookies

3 Outgoing links

Page URL History

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

forsales.rf.gd Open in urlscan Pro
185.27.134.153 Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

38 %
HTTPS

38 %
IPv6

7
Domains

8
Subdomains

9
IPs

3
Countries

1566 kB
Transfer

5346 kB
Size

0
Cookies

88 HTTP transactions
0 data transactions