www.login.safacrm.info Open in urlscan Pro
134.119.190.82 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.login.safacrm.info/
Submission: On July 02 via automatic, source certstream-suspicious (July 2nd 2021, 8:58:46 pm UTC)

Summary HTTP 73 Redirects Behaviour Indicators

Summary

This website contacted 24 IPs in 5 countries across 29 domains to perform 73 HTTP transactions. The main IP is 134.119.190.82, located in Strasbourg, France and belongs to VELIANET-AS velia.net Internetdienste GmbH, DE. The main domain is www.login.safacrm.info.
TLS certificate: Issued by cPanel, Inc. Certification Authority on June 8th 2020. Valid for: 3 months.

This is the only time www.login.safacrm.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	134.119.190.82 134.119.190.82	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:1e00:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2 7	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
3 3	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 2	185.33.220.242 185.33.220.242	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	23.45.99.241 23.45.99.241	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	52.31.176.223 52.31.176.223	16509 (AMAZON-02) (AMAZON-02)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
2 4	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2600:1f18:612... 2600:1f18:612b:4216:b3d7:e742:13a8:bd05	14618 (AMAZON-AES) (AMAZON-AES)
1	52.29.225.117 52.29.225.117	16509 (AMAZON-02) (AMAZON-02)
1	52.212.13.236 52.212.13.236	16509 (AMAZON-02) (AMAZON-02)
1 2	52.58.146.86 52.58.146.86	16509 (AMAZON-02) (AMAZON-02)
1	3.121.27.153 3.121.27.153	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	52.58.164.24 52.58.164.24	16509 (AMAZON-02) (AMAZON-02)
1 1	13.224.99.91 13.224.99.91	16509 (AMAZON-02) (AMAZON-02)
1	52.201.132.210 52.201.132.210	14618 (AMAZON-AES) (AMAZON-AES)
1	141.193.213.11 141.193.213.11	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
73	24

34 134.119.190.82 (Strasbourg, France)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
PTR: titan.int3rnet.net

www.login.safacrm.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:1e00:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 193.0.160.128 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

20797087p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.242 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.45.99.241 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.31.176.223 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-176-223.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (United States) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:b3d7:e742:13a8:bd05 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.225.117 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-225-117.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.13.236 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-13-236.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.146.86 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-146-86.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.27.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.164.24 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-164-24.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.99.91 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-99-91.zrh50.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.201.132.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-132-210.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.193.213.11 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.weifieldcontracting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	safacrm.info www.login.safacrm.info	517 KB
11	gstatic.com fonts.gstatic.com	176 KB
7	rfihub.com 2 redirects 20797087p.rfihub.com a.rfihub.com p.rfihub.com	10 KB
4	rlcdn.com 2 redirects idsync.rlcdn.com	1 KB
3	doubleclick.net 3 redirects cm.g.doubleclick.net	740 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	607 B
2	bidswitch.net 1 redirects x.bidswitch.net	857 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	demdex.net 1 redirects dpm.demdex.net	2 KB
2	adnxs.com 1 redirects ib.adnxs.com	2 KB
2	google-analytics.com ssl.google-analytics.com	17 KB
1	weifieldcontracting.com www.weifieldcontracting.com	7 KB
1	rtactivate.com bpi.rtactivate.com	109 B
1	rezync.com 1 redirects live.rezync.com	783 B
1	serving-sys.com 1 redirects bs.serving-sys.com	577 B
1	media.net contextual.media.net	696 B
1	eyeota.net ps.eyeota.net	344 B
1	krxd.net beacon.krxd.net	338 B
1	agkn.com aa.agkn.com	238 B
1	tremorhub.com partners.tremorhub.com	183 B
1	addthis.com x.dlx.addthis.com	191 B
1	yahoo.com ads.yahoo.com	445 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	bluekai.com 1 redirects stags.bluekai.com	813 B
1	rfihub.net c1.rfihub.net	6 KB
1	googletagmanager.com www.googletagmanager.com	33 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	google.com maps.google.com	47 KB
73	29

	Domain	Requested by
34	www.login.safacrm.info	www.login.safacrm.info
11	fonts.gstatic.com	fonts.googleapis.com
5	p.rfihub.com	2 redirects
4	idsync.rlcdn.com	2 redirects www.login.safacrm.info
3	cm.g.doubleclick.net	3 redirects
2	sync-tm.everesttech.net	2 redirects
2	x.bidswitch.net	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	dpm.demdex.net	1 redirects
2	ib.adnxs.com	1 redirects
2	ssl.google-analytics.com	www.googletagmanager.com www.login.safacrm.info
1	www.weifieldcontracting.com	www.login.safacrm.info
1	bpi.rtactivate.com	www.login.safacrm.info
1	live.rezync.com	1 redirects
1	bs.serving-sys.com	1 redirects
1	contextual.media.net	www.login.safacrm.info
1	ps.eyeota.net
1	beacon.krxd.net	www.login.safacrm.info
1	aa.agkn.com	www.login.safacrm.info
1	partners.tremorhub.com	www.login.safacrm.info
1	x.dlx.addthis.com	www.login.safacrm.info
1	ads.yahoo.com	www.login.safacrm.info
1	pixel.rubiconproject.com	www.login.safacrm.info
1	stags.bluekai.com	1 redirects
1	a.rfihub.com
1	20797087p.rfihub.com	c1.rfihub.net
1	c1.rfihub.net	www.login.safacrm.info
1	www.googletagmanager.com	www.login.safacrm.info
1	fonts.googleapis.com	www.login.safacrm.info
1	maps.google.com	www.login.safacrm.info
73	31

This site contains no links.

Subject Issuer	Validity	Valid
a3il.com cPanel, Inc. Certification Authority	`2020-06-08` - `2020-09-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.rfihub.net Sectigo RSA Domain Validation Secure Server CA	`2021-02-10` - `2022-02-10`	a year	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2022-06-18`	2 years	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-06-16` - `2021-07-28`	a month	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-26`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
*.tremorhub.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.eyeota.net R3	`2021-06-28` - `2021-09-26`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
rtactivate.com Amazon	`2021-05-13` - `2022-06-11`	a year	crt.sh
www.weifieldcontracting.com Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.login.safacrm.info/
Frame ID: CCA8C32F7055751CE97DFABFB4CD58F3
Requests: 52 HTTP requests in this frame

Frame: https://20797087p.rfihub.com/ca.html?ver=9&rb=34958&ca=20797087&_o=34958&_t=20797087&pe=https%3A%2F%2Fwww.login.safacrm.info%2F&pf=&ra=0832074453308822
Frame ID: 2149D8ACE2380D18F9B202CD1A12A120
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Page Statistics

73
Requests

53 %
HTTPS

29 %
IPv6

29
Domains

31
Subdomains

24
IPs

5
Countries

820 kB
Transfer

2961 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTg3MTU5NzQ5NjMzODEyNjk5Nw==&forward= HTTP 302
https://cm.g.doubleclick.net/pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTg3MTU5NzQ5NjMzODEyNjk5Nw==&forward=&google_tc= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEC1HKm2nj7GiICFwr7UCtLM&google_cver=1

Request Chain 52

https://ib.adnxs.com/setuid?entity=18&code=1871597496338126997 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D1871597496338126997

Request Chain 53

https://stags.bluekai.com/site/4722?id=1871597496338126997&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D HTTP 302
https://p.rfihub.com/cm?bk_uuid=Wmoxvx9999Yvq22Q&forward=

Request Chain 55

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1871597496338126997&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1871597496338126997&redir=

Request Chain 56

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1871597496338126997&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1871597496338126997&forward=&C=1

Request Chain 60

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1871597496338126997&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1871597496338126997&img=1&__user_check__=1&sync_id=424f8b0d-db78-11eb-a86e-155da6fd0206

Request Chain 64

https://x.bidswitch.net/sync?dsp_id=119&user_id=1871597496338126997&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1871597496338126997&expires=30

Request Chain 65

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=1871597496338126997&bid=omt9pi0

Request Chain 66

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YN99_AACXTPpmgAC HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=YN99_AACXTPpmgAC&_test=YN99_AACXTPpmgAC

Request Chain 68

https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D HTTP 302
https://p.rfihub.com/cm?in=1&pub=17945&userid=2a4f117c-1001-493a-928f-17ede29ce690

Request Chain 69

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1871597496338126997&referrer=https%3A%2F%2Fwww.login.safacrm.info%2F HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=4e137027-8349-4cec-a99e-441fe0f5ca17%3A1625259512.33&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D4e137027-8349-4cec-a99e-441fe0f5ca17%253A1625259512.33 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=4e137027-8349-4cec-a99e-441fe0f5ca17%3A1625259512.33 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CM3PHhI8CjgIARAFGjI0ZTEzNzAyNy04MzQ5LTRjZWMtYTk5ZS00NDFmZTBmNWNhMTc6MTYyNTI1OTUxMi4zMxAAGg0I-Pv9hgYSBQjoBxAAQgBKAA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_error=3

73 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.login.safacrm.info/ 54 KB
13 KB 211ms
43ms Document
text/html 134.119.190.82
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.190.82 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: titan.int3rnet.net
Software: LiteSpeed /
Resource Hash: f9a531090e98525f0cd6b9c17c07078dd98ab86abfc4bcbb823ebe2e714fd87f

Request headers

:method: GET
:authority: www.login.safacrm.info
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html
last-modified: Thu, 09 Jul 2020 20:45:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 13223
date: Fri, 02 Jul 2021 20:58:31 GMT
server: LiteSpeed
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

GET
H2 200 layerslider7a2d.css
www.login.safacrm.info/wp-content/plugins/LayerSlider/static/layerslider/css/ 21 KB
4 KB 43ms
40ms Stylesheet
text/css 134.119.190.82
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.login.safacrm.info/wp-content/plugins/LayerSlider/static/layerslider/css/layerslider7a2d.css?ver=6.7.6
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.190.82 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: titan.int3rnet.net
Software: LiteSpeed /
Resource Hash: 2824e5dd755efb9b8299e94a2a8b87867e9fe038e873b6bbe70a0fd0c4f8d458

Request headers

:path: /wp-content/plugins/LayerSlider/static/layerslider/css/layerslider7a2d.css?ver=6.7.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.login.safacrm.info
referer: https://www.login.safacrm.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:31 GMT
content-encoding: br
last-modified: Fri, 15 Jun 2018 18:15:54 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3681
expires: Fri, 09 Jul 2021 20:58:31 GMT

GET
H2 200 settingsdd22.css
www.login.safacrm.info/wp-content/plugins/revslider/public/assets/css/ 39 KB
9 KB 53ms
48ms Stylesheet
text/css 134.119.190.82
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.login.safacrm.info/wp-content/plugins/revslider/public/assets/css/settingsdd22.css?ver=5.4.7.2
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.190.82 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: titan.int3rnet.net
Software: LiteSpeed /
Resource Hash: e43ff2b17f367a2e4d5fdf34624e358ca436e3c2e4d8d879185574388bc9ff85

Request headers

:path: /wp-content/plugins/revslider/public/assets/css/settingsdd22.css?ver=5.4.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.login.safacrm.info
referer: https://www.login.safacrm.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:31 GMT
content-encoding: br
last-modified: Fri, 15 Jun 2018 18:16:00 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9220
expires: Fri, 09 Jul 2021 20:58:31 GMT

GET
H2 200 full-styles.6.5.39b33.css
www.login.safacrm.info/wp-content/themes/jupiter/assets/stylesheet/min/ 147 KB
25 KB 59ms
54ms Stylesheet
text/css 134.119.190.82
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.login.safacrm.info/wp-content/themes/jupiter/assets/stylesheet/min/full-styles.6.5.39b33.css?ver=1588850834
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.190.82 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: titan.int3rnet.net
Software: LiteSpeed /
Resource Hash: d9ab2ba01a96cf27be77de15c10f09d8fa28640876c906311ed426297b7972fb

Request headers

:path: /wp-content/themes/jupiter/assets/stylesheet/min/full-styles.6.5.39b33.css?ver=1588850834
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.login.safacrm.info
referer: https://www.login.safacrm.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:31 GMT
content-encoding: br
last-modified: Thu, 07 May 2020 11:27:14 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25773
expires: Fri, 09 Jul 2021 20:58:31 GMT

GET
H2 200 mkhb-renderef10.css
www.login.safacrm.info/wp-content/themes/jupiter/header-builder/includes/assets/css/ 5 KB
1 KB 80ms
76ms Stylesheet
text/css 134.119.190.82
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.login.safacrm.info/wp-content/themes/jupiter/header-builder/includes/assets/css/mkhb-renderef10.css?ver=6.5.3
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.190.82 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: titan.int3rnet.net
Software: LiteSpeed /
Resource Hash: a1171c1acfba6934a84527c0bdb9f70c0f661bc6afbc9b6c2f36490345be95f6

Request headers

:path: /wp-content/themes/jupiter/header-builder/includes/assets/css/mkhb-renderef10.css?ver=6.5.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.login.safacrm.info
referer: https://www.login.safacrm.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:31 GMT
content-encoding: br
last-modified: Thu, 07 May 2020 11:27:14 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1021
expires: Fri, 09 Jul 2021 20:58:31 GMT

GET
H2 200 mkhb-rowef10.css
www.login.safacrm.info/wp-content/themes/jupiter/header-builder/includes/assets/css/ 2 KB
489 B 81ms
76ms Stylesheet
text/css 134.119.190.82
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.login.safacrm.info/wp-content/themes/jupiter/header-builder/includes/assets/css/mkhb-rowef10.css?ver=6.5.3
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.190.82 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: titan.int3rnet.net
Software: LiteSpeed /
Resource Hash: 523f66c9700c41888b1857eadf379a6c0f79de41ae0b99076ba3234237e04571

Request headers

:path: /wp-content/themes/jupiter/header-builder/includes/assets/css/mkhb-rowef10.css?ver=6.5.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.login.safacrm.info
referer: https://www.login.safacrm.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:31 GMT
content-encoding: br
last-modified: Thu, 07 May 2020 11:27:14 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 455
expires: Fri, 09 Jul 2021 20:58:31 GMT

GET
H2 200 mkhb-columnef10.css
www.login.safacrm.info/wp-content/themes/jupiter/header-builder/includes/assets/css/ 4 KB
711 B 81ms
77ms Stylesheet
text/css 134.119.190.82
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.login.safacrm.info/wp-content/themes/jupiter/header-builder/includes/assets/css/mkhb-columnef10.css?ver=6.5.3
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.190.82 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: titan.int3rnet.net
Software: LiteSpeed /
Resource Hash: 341097a731b4a090cae8d7a7c7bdcc78de39db93b28b7dfe1a252f1efe3b165e

Request headers

:path: /wp-content/themes/jupiter/header-builder/includes/assets/css/mkhb-columnef10.css?ver=6.5.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.login.safacrm.info
referer: https://www.login.safacrm.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:31 GMT
content-encoding: br
last-modified: Thu, 07 May 2020 11:27:14 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 677
expires: Fri, 09 Jul 2021 20:58:31 GMT

GET
H2 200 js_composer.min9b2d.css
www.login.safacrm.info/wp-content/plugins/js_composer_theme/assets/css/ 475 KB
41 KB 81ms
77ms Stylesheet
text/css 134.119.190.82
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.login.safacrm.info/wp-content/plugins/js_composer_theme/assets/css/js_composer.min9b2d.css?ver=6.1
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.190.82 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: titan.int3rnet.net
Software: LiteSpeed /
Resource Hash: 083981540a618dacdcc9c89fbab8abeccd6492d15ed093506b2f461b2b9750f9

Request headers

:path: /wp-content/plugins/js_composer_theme/assets/css/js_composer.min9b2d.css?ver=6.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.login.safacrm.info
referer: https://www.login.safacrm.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:31 GMT
content-encoding: br
last-modified: Thu, 07 May 2020 11:29:58 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 42144
expires: Fri, 09 Jul 2021 20:58:31 GMT

GET
H2 200 theme-options-production-1594317305796c.css
www.login.safacrm.info/wp-content/uploads/mk_assets/ 38 KB
5 KB 86ms
82ms Stylesheet
text/css 134.119.190.82
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.login.safacrm.info/wp-content/uploads/mk_assets/theme-options-production-1594317305796c.css?ver=1594317302
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.190.82 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: titan.int3rnet.net
Software: LiteSpeed /
Resource Hash: fc8d15945da20b194a73006de8008b4a47e818684d49760280d9638b1d8f9825

Request headers

:path: /wp-content/uploads/mk_assets/theme-options-production-1594317305796c.css?ver=1594317302
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.login.safacrm.info
referer: https://www.login.safacrm.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:31 GMT
content-encoding: br
last-modified: Thu, 09 Jul 2020 17:55:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5269
expires: Fri, 09 Jul 2021 20:58:31 GMT

GET
H2 200 formreset.min02fa.css
www.login.safacrm.info/wp-content/plugins/gravityforms/css/ 4 KB
397 B 87ms
83ms Stylesheet
text/css 134.119.190.82
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.login.safacrm.info/wp-content/plugins/gravityforms/css/formreset.min02fa.css?ver=2.4.18
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.190.82 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: titan.int3rnet.net
Software: LiteSpeed /
Resource Hash: d70d9853ff87464d69a8174e3a76633bf29e45aaafcbccb214c10722b2b9714c

Request headers

:path: /wp-content/plugins/gravityforms/css/formreset.min02fa.css?ver=2.4.18
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.login.safacrm.info
referer: https://www.login.safacrm.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:31 GMT
content-encoding: br
last-modified: Thu, 07 May 2020 19:32:14 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 339
expires: Fri, 09 Jul 2021 20:58:31 GMT

GET
H2 200 formsmain.min02fa.css
www.login.safacrm.info/wp-content/plugins/gravityforms/css/ 73 KB
11 KB 87ms
83ms Stylesheet
text/css 134.119.190.82
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.login.safacrm.info/wp-content/plugins/gravityforms/css/formsmain.min02fa.css?ver=2.4.18
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.190.82 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: titan.int3rnet.net
Software: LiteSpeed /
Resource Hash: 78d0a5576acfe67eb2bca800f1d1ac29d66e2c5ca565551f3f5813ebe5f5336a

Request headers

:path: /wp-content/plugins/gravityforms/css/formsmain.min02fa.css?ver=2.4.18
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.login.safacrm.info
referer: https://www.login.safacrm.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:31 GMT
content-encoding: br
last-modified: Thu, 07 May 2020 19:32:14 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 11147
expires: Fri, 09 Jul 2021 20:58:31 GMT

GET
H2 200 readyclass.min02fa.css
www.login.safacrm.info/wp-content/plugins/gravityforms/css/ 30 KB
3 KB 93ms
90ms Stylesheet
text/css 134.119.190.82
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.login.safacrm.info/wp-content/plugins/gravityforms/css/readyclass.min02fa.css?ver=2.4.18
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.190.82 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: titan.int3rnet.net
Software: LiteSpeed /
Resource Hash: e61ac08ccbbff6ae298e168c6d2fb069e5db7c122fe07f7e2e4ce1dbb01a58fb

Request headers

:path: /wp-content/plugins/gravityforms/css/readyclass.min02fa.css?ver=2.4.18
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.login.safacrm.info
referer: https://www.login.safacrm.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:31 GMT
content-encoding: br
last-modified: Thu, 07 May 2020 19:32:14 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3136
expires: Fri, 09 Jul 2021 20:58:31 GMT

GET
H2 200 browsers.min02fa.css
www.login.safacrm.info/wp-content/plugins/gravityforms/css/ 7 KB
1 KB 94ms
90ms Stylesheet
text/css 134.119.190.82
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.login.safacrm.info/wp-content/plugins/gravityforms/css/browsers.min02fa.css?ver=2.4.18
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.190.82 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: titan.int3rnet.net
Software: LiteSpeed /
Resource Hash: 7f9a44c6380de9dad00c68412b2420fc5132e4013bf2f62d9daee5da9d151674

Request headers

:path: /wp-content/plugins/gravityforms/css/browsers.min02fa.css?ver=2.4.18
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.login.safacrm.info
referer: https://www.login.safacrm.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:31 GMT
content-encoding: br
last-modified: Thu, 07 May 2020 19:32:14 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1107
expires: Fri, 09 Jul 2021 20:58:31 GMT

GET
H2 200 masterslider.mainee9a.css
www.login.safacrm.info/wp-content/plugins/masterslider/public/assets/css/ 79 KB
9 KB 94ms
91ms Stylesheet
text/css 134.119.190.82
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.login.safacrm.info/wp-content/plugins/masterslider/public/assets/css/masterslider.mainee9a.css?ver=3.2.2
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.190.82 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: titan.int3rnet.net
Software: LiteSpeed /
Resource Hash: 89b3bb667432bca678f0d2529dafe50eb8670bfdc4d5ce12f91d314b087508b8

Request headers

:path: /wp-content/plugins/masterslider/public/assets/css/masterslider.mainee9a.css?ver=3.2.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.login.safacrm.info
referer: https://www.login.safacrm.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:31 GMT
content-encoding: br
last-modified: Fri, 15 Jun 2018 18:16:30 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9596
expires: Fri, 09 Jul 2021 20:58:31 GMT

GET
H2 200 custom4963.css
www.login.safacrm.info/wp-content/uploads/masterslider/ 266 B
171 B 95ms
92ms Stylesheet
text/css 134.119.190.82
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.login.safacrm.info/wp-content/uploads/masterslider/custom4963.css?ver=1.1
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.190.82 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: titan.int3rnet.net
Software: LiteSpeed /
Resource Hash: 1b4e2c3b84fe75916b109ac323d0eb39e3881a892f7b7a21970a0cb9e694b3d7

Request headers

:path: /wp-content/uploads/masterslider/custom4963.css?ver=1.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.login.safacrm.info
referer: https://www.login.safacrm.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:31 GMT
content-encoding: br
last-modified: Fri, 15 Jun 2018 18:17:10 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 114
expires: Fri, 09 Jul 2021 20:58:31 GMT

GET
H2 200 shortcodes-styles.min0ba6.css
www.login.safacrm.info/wp-content/plugins/jupiter-donut/assets/css/ 391 KB
54 KB 95ms
92ms Stylesheet
text/css 134.119.190.82
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.login.safacrm.info/wp-content/plugins/jupiter-donut/assets/css/shortcodes-styles.min0ba6.css?ver=1.0.6
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.190.82 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: titan.int3rnet.net
Software: LiteSpeed /
Resource Hash: 467f562eeac99b52ef938d9157b0c142e8d6bd15fcce0ee92b4b79a57f56e500

Request headers

:path: /wp-content/plugins/jupiter-donut/assets/css/shortcodes-styles.min0ba6.css?ver=1.0.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.login.safacrm.info
referer: https://www.login.safacrm.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:31 GMT
content-encoding: br
last-modified: Thu, 07 May 2020 11:29:00 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 55252
expires: Fri, 09 Jul 2021 20:58:31 GMT

GET
H2 200 style7661.css
www.login.safacrm.info/wp-content/themes/jupiter-child/ 2 KB
674 B 102ms
99ms Stylesheet
text/css 134.119.190.82
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.login.safacrm.info/wp-content/themes/jupiter-child/style7661.css?ver=5.4.2
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.190.82 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: titan.int3rnet.net
Software: LiteSpeed /
Resource Hash: f782f4ddb7cc5a929d72c89d3dfda867d6b28ebb1e82a0b34b2f48e524bdc389

Request headers

:path: /wp-content/themes/jupiter-child/style7661.css?ver=5.4.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.login.safacrm.info
referer: https://www.login.safacrm.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:31 GMT
content-encoding: br
last-modified: Thu, 31 Aug 2017 16:43:36 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 615
expires: Fri, 09 Jul 2021 20:58:31 GMT

GET
H2 200 webfontloader7661.js Show response
www.login.safacrm.info/wp-content/themes/jupiter/assets/js/plugins/wp-enqueue/min/ 12 KB
5 KB 102ms
99ms Script
application/javascript 134.119.190.82
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.login.safacrm.info/wp-content/themes/jupiter/assets/js/plugins/wp-enqueue/min/webfontloader7661.js?ver=5.4.2
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.190.82 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: titan.int3rnet.net
Software: LiteSpeed /
Resource Hash: 66f1d9c4fc5099fe1296ef5690e6adfb3c765e9e7582f8ed29ee1810919ecb04

Request headers

:path: /wp-content/themes/jupiter/assets/js/plugins/wp-enqueue/min/webfontloader7661.js?ver=5.4.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.login.safacrm.info
referer: https://www.login.safacrm.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:31 GMT
content-encoding: br
last-modified: Thu, 07 May 2020 11:27:14 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4756
expires: Fri, 09 Jul 2021 20:58:31 GMT

GET
H2 200 greensockb3a6.js Show response
www.login.safacrm.info/wp-content/plugins/LayerSlider/static/layerslider/js/ 115 KB
38 KB 104ms
101ms Script
application/javascript 134.119.190.82
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.login.safacrm.info/wp-content/plugins/LayerSlider/static/layerslider/js/greensockb3a6.js?ver=1.19.0
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.190.82 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: titan.int3rnet.net
Software: LiteSpeed /
Resource Hash: dfc519eb2d0e5ac0e8cdbe86fef355135280c643df14fa9a8e6abd5820d01159

Request headers

:path: /wp-content/plugins/LayerSlider/static/layerslider/js/greensockb3a6.js?ver=1.19.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.login.safacrm.info
referer: https://www.login.safacrm.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:31 GMT
content-encoding: br
last-modified: Fri, 15 Jun 2018 18:15:54 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 38476
expires: Fri, 09 Jul 2021 20:58:31 GMT

GET
H2 200 jquery4a5f.js Show response
www.login.safacrm.info/wp-includes/js/jquery/ 95 KB
32 KB 105ms
103ms Script
application/javascript 134.119.190.82
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.login.safacrm.info/wp-includes/js/jquery/jquery4a5f.js?ver=1.12.4-wp
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.190.82 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: titan.int3rnet.net
Software: LiteSpeed /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

:path: /wp-includes/js/jquery/jquery4a5f.js?ver=1.12.4-wp
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.login.safacrm.info
referer: https://www.login.safacrm.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:31 GMT
content-encoding: br
last-modified: Fri, 17 May 2019 04:25:54 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 32853
expires: Fri, 09 Jul 2021 20:58:31 GMT

GET
H2 200 jquery-migrate.min330a.js Show response
www.login.safacrm.info/wp-includes/js/jquery/ 10 KB
4 KB 106ms
104ms Script
application/javascript 134.119.190.82
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.login.safacrm.info/wp-includes/js/jquery/jquery-migrate.min330a.js?ver=1.4.1
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.190.82 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: titan.int3rnet.net
Software: LiteSpeed /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min330a.js?ver=1.4.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.login.safacrm.info
referer: https://www.login.safacrm.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:31 GMT
content-encoding: br
last-modified: Fri, 20 May 2016 06:11:28 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3823
expires: Fri, 09 Jul 2021 20:58:31 GMT

GET
H2 200 layerslider.kreaturamedia.jquery7a2d.js Show response
www.login.safacrm.info/wp-content/plugins/LayerSlider/static/layerslider/js/ 114 KB
42 KB 107ms
105ms Script
application/javascript 134.119.190.82
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.login.safacrm.info/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery7a2d.js?ver=6.7.6
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.190.82 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: titan.int3rnet.net
Software: LiteSpeed /
Resource Hash: 194b28e0dc71aa64e5f0885ae370ed5a30acd63f701f9eaf141bc32c656dc8ef

Request headers

:path: /wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery7a2d.js?ver=6.7.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.login.safacrm.info
referer: https://www.login.safacrm.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:31 GMT
content-encoding: br
last-modified: Fri, 15 Jun 2018 18:15:54 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 42618
expires: Fri, 09 Jul 2021 20:58:31 GMT

GET
H2 200 layerslider.transitions7a2d.js Show response
www.login.safacrm.info/wp-content/plugins/LayerSlider/static/layerslider/js/ 23 KB
3 KB 113ms
111ms Script
application/javascript 134.119.190.82
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.login.safacrm.info/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions7a2d.js?ver=6.7.6
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.190.82 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: titan.int3rnet.net
Software: LiteSpeed /
Resource Hash: 16c7202a143aa5d51b0b7fe842a8e73f170cf45d51aa94d87d2649913e0c061d

Request headers

:path: /wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions7a2d.js?ver=6.7.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.login.safacrm.info
referer: https://www.login.safacrm.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:31 GMT
content-encoding: br
last-modified: Fri, 15 Jun 2018 18:15:54 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3083
expires: Fri, 09 Jul 2021 20:58:31 GMT

GET
H2 200 jquery.themepunch.tools.mindd22.js Show response
www.login.safacrm.info/wp-content/plugins/revslider/public/assets/js/ 108 KB
36 KB 113ms
112ms Script
application/javascript 134.119.190.82
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.login.safacrm.info/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.mindd22.js?ver=5.4.7.2
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.190.82 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: titan.int3rnet.net
Software: LiteSpeed /
Resource Hash: a1dff8b0c66227748951c4ff891f146f49c5a382ac8e3d6e3c2e9cf8aa560dc8

Request headers

:path: /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.mindd22.js?ver=5.4.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.login.safacrm.info
referer: https://www.login.safacrm.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:31 GMT
content-encoding: br
last-modified: Fri, 15 Jun 2018 18:16:00 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 37078
expires: Fri, 09 Jul 2021 20:58:31 GMT

GET
H2 200 jquery.themepunch.revolution.mindd22.js Show response
www.login.safacrm.info/wp-content/plugins/revslider/public/assets/js/ 63 KB
17 KB 116ms
115ms Script
application/javascript 134.119.190.82
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.login.safacrm.info/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.mindd22.js?ver=5.4.7.2
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.190.82 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: titan.int3rnet.net
Software: LiteSpeed /
Resource Hash: 7ea819c32bebb49aeb9678b2152d4802a5498ee44d85861b846745a06a1035c1

Request headers

:path: /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.mindd22.js?ver=5.4.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.login.safacrm.info
referer: https://www.login.safacrm.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:31 GMT
content-encoding: br
last-modified: Fri, 15 Jun 2018 18:16:00 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 17279
expires: Fri, 09 Jul 2021 20:58:31 GMT

GET
H2 200 gtm4wp-form-move-trackere899.js Show response
www.login.safacrm.info/wp-content/plugins/duracelltomi-google-tag-manager/js/ 1 KB
342 B 117ms
116ms Script
application/javascript 134.119.190.82
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.login.safacrm.info/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-trackere899.js?ver=1.11.4
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.190.82 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: titan.int3rnet.net
Software: LiteSpeed /
Resource Hash: bc71c403dc6113c8597e111a99d6a6a197dd2f2355402f8392ca4812dca57d3d

Request headers

:path: /wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-trackere899.js?ver=1.11.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.login.safacrm.info
referer: https://www.login.safacrm.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:31 GMT
content-encoding: br
last-modified: Wed, 06 May 2020 22:24:08 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 284
expires: Fri, 09 Jul 2021 20:58:31 GMT

GET
H2 200 logo.png
www.login.safacrm.info/ 56 KB
56 KB 55ms
54ms Image
image/png 134.119.190.82
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.login.safacrm.info/logo.png
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.190.82 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: titan.int3rnet.net
Software: LiteSpeed /
Resource Hash: c9a7a08241e50a7085c89518dff7cc3749f7e7667c2447395925a7c09fd3c766

Request headers

:path: /logo.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.login.safacrm.info
referer: https://www.login.safacrm.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:31 GMT
last-modified: Thu, 09 Jul 2020 20:45:53 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 57198
expires: Fri, 09 Jul 2021 20:58:31 GMT

GET
H2 200 full-scripts.6.5.39b33.js Show response
www.login.safacrm.info/wp-content/themes/jupiter/assets/js/min/ 234 KB
61 KB 43ms
42ms Script
application/javascript 134.119.190.82
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.login.safacrm.info/wp-content/themes/jupiter/assets/js/min/full-scripts.6.5.39b33.js?ver=1588850834
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.190.82 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: titan.int3rnet.net
Software: LiteSpeed /
Resource Hash: 851694f09a61e12df35b6888f75f43f49b14c1266a6d958e9a52fa1454ea083a

Request headers

:path: /wp-content/themes/jupiter/assets/js/min/full-scripts.6.5.39b33.js?ver=1588850834
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.login.safacrm.info
referer: https://www.login.safacrm.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:31 GMT
content-encoding: br
last-modified: Thu, 07 May 2020 11:27:14 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 62277
expires: Fri, 09 Jul 2021 20:58:31 GMT

GET
H2 200 mkhb-renderef10.js Show response
www.login.safacrm.info/wp-content/themes/jupiter/header-builder/includes/assets/js/ 6 KB
2 KB 45ms
43ms Script
application/javascript 134.119.190.82
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.login.safacrm.info/wp-content/themes/jupiter/header-builder/includes/assets/js/mkhb-renderef10.js?ver=6.5.3
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.190.82 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: titan.int3rnet.net
Software: LiteSpeed /
Resource Hash: a3d0e213a155b3df829ab7f7f91328f758fb8e9e1e9eb94f29e0b48bbc18f9c5

Request headers

:path: /wp-content/themes/jupiter/header-builder/includes/assets/js/mkhb-renderef10.js?ver=6.5.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.login.safacrm.info
referer: https://www.login.safacrm.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:31 GMT
content-encoding: br
last-modified: Thu, 07 May 2020 11:27:14 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1659
expires: Fri, 09 Jul 2021 20:58:31 GMT

GET
H2 200 mkhb-columnef10.js Show response
www.login.safacrm.info/wp-content/themes/jupiter/header-builder/includes/assets/js/ 3 KB
1005 B 46ms
44ms Script
application/javascript 134.119.190.82
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.login.safacrm.info/wp-content/themes/jupiter/header-builder/includes/assets/js/mkhb-columnef10.js?ver=6.5.3
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.190.82 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: titan.int3rnet.net
Software: LiteSpeed /
Resource Hash: 49166e7b873e7fe8986eb3d8a4151b623b7c284f464a15e1621cfd64679193e6

Request headers

:path: /wp-content/themes/jupiter/header-builder/includes/assets/js/mkhb-columnef10.js?ver=6.5.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.login.safacrm.info
referer: https://www.login.safacrm.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:31 GMT
content-encoding: br
last-modified: Thu, 07 May 2020 11:27:14 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 971
expires: Fri, 09 Jul 2021 20:58:31 GMT

GET
H2 200 js Show response
maps.google.com/maps/api/ 144 KB
47 KB 52ms
32ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps/api/js?key=AIzaSyC3JmcTBOYrD-LPlAgDomoXUq9FdQps0xE&libraries=geometry%2Cplaces%2Cweather%2Cpanoramio%2Cdrawing&language=en&ver=5.4.2

Requested by

Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

7b7dbc21a17cbcc0afaeb8ecf73588aed3c522e1de6ce775b4a365a91776eed3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:31 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
server-timing: gfet4t7; dur=17
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47853
x-xss-protection: 0
expires: Fri, 02 Jul 2021 21:28:31 GMT

GET
H2 200 maps7661.js Show response
www.login.safacrm.info/wp-content/plugins/wp-google-map-gold/assets/js/ 132 KB
19 KB 46ms
44ms Script
application/javascript 134.119.190.82
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.login.safacrm.info/wp-content/plugins/wp-google-map-gold/assets/js/maps7661.js?ver=5.4.2
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.190.82 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: titan.int3rnet.net
Software: LiteSpeed /
Resource Hash: 5fd8b5cc2b0df02b90db6e2b43f9c87f39f8f0c76822319ea78a22479c6aeb65

Request headers

:path: /wp-content/plugins/wp-google-map-gold/assets/js/maps7661.js?ver=5.4.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.login.safacrm.info
referer: https://www.login.safacrm.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:31 GMT
content-encoding: br
last-modified: Thu, 09 Mar 2017 16:47:10 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 19612
expires: Fri, 09 Jul 2021 20:58:31 GMT

GET
H2 200 shortcodes-scripts.min0ba6.js Show response
www.login.safacrm.info/wp-content/plugins/jupiter-donut/assets/js/ 75 KB
16 KB 54ms
53ms Script
application/javascript 134.119.190.82
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.login.safacrm.info/wp-content/plugins/jupiter-donut/assets/js/shortcodes-scripts.min0ba6.js?ver=1.0.6
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.190.82 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: titan.int3rnet.net
Software: LiteSpeed /
Resource Hash: 20c444824e944cb050efa9dc18052c58b2cb12178cece83f2dea726beab95f77

Request headers

:path: /wp-content/plugins/jupiter-donut/assets/js/shortcodes-scripts.min0ba6.js?ver=1.0.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.login.safacrm.info
referer: https://www.login.safacrm.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:31 GMT
content-encoding: br
last-modified: Thu, 07 May 2020 11:29:00 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 16811
expires: Fri, 09 Jul 2021 20:58:31 GMT

GET
H2 200 wp-embed.min7661.js Show response
www.login.safacrm.info/wp-includes/js/ 1 KB
726 B 55ms
54ms Script
application/javascript 134.119.190.82
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.login.safacrm.info/wp-includes/js/wp-embed.min7661.js?ver=5.4.2
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.190.82 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: titan.int3rnet.net
Software: LiteSpeed /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

:path: /wp-includes/js/wp-embed.min7661.js?ver=5.4.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.login.safacrm.info
referer: https://www.login.safacrm.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:31 GMT
content-encoding: br
last-modified: Sat, 26 Oct 2019 00:17:08 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 668
expires: Fri, 09 Jul 2021 20:58:31 GMT

GET
H2 200 js_composer_front.min9b2d.js Show response
www.login.safacrm.info/wp-content/plugins/js_composer_theme/assets/js/dist/ 20 KB
5 KB 55ms
54ms Script
application/javascript 134.119.190.82
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.login.safacrm.info/wp-content/plugins/js_composer_theme/assets/js/dist/js_composer_front.min9b2d.js?ver=6.1
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.190.82 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: titan.int3rnet.net
Software: LiteSpeed /
Resource Hash: 43cdf46f331fec5ba92e402e3d5cad473099892cbdafca02e607cd03705104bf

Request headers

:path: /wp-content/plugins/js_composer_theme/assets/js/dist/js_composer_front.min9b2d.js?ver=6.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.login.safacrm.info
referer: https://www.login.safacrm.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:31 GMT
content-encoding: br
last-modified: Thu, 07 May 2020 11:29:58 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5548
expires: Fri, 09 Jul 2021 20:58:31 GMT

GET
H2 200 css
fonts.googleapis.com/ 29 KB
1 KB 19ms
17ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900%7COswald:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900

Requested by

Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/wp-content/themes/jupiter/assets/js/plugins/wp-enqueue/min/webfontloader7661.js?ver=5.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

76506701c151bee9127b40f7b37a9460e4e78db66fbca4735319bbcb28e4faac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 02 Jul 2021 20:58:31 GMT
server: ESF
date: Fri, 02 Jul 2021 20:58:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Jul 2021 20:58:31 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 82 KB
33 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MTVJB2X

Requested by

Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

df3dee8f005f8a28461fb8e49ab76a68df6fcb79a522bfe1c3bbf11c6e209124

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33300
x-xss-protection: 0
last-modified: Fri, 02 Jul 2021 18:11:04 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 02 Jul 2021 20:58:31 GMT

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v36/ 31 KB
31 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v36/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900%7COswald:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9facc976353ff7ab7cbb7345853c0f7d0c1bbce3733934b53790b93833dbae4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.login.safacrm.info
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 10:05:12 GMT
x-content-type-options: nosniff
age: 211999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31676
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 20:31:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 10:05:12 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.login.safacrm.info
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 21:40:02 GMT
x-content-type-options: nosniff
age: 256709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14956
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:26 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jun 2022 21:40:02 GMT

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
14 KB 22ms
10ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.login.safacrm.info
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 13:09:35 GMT
x-content-type-options: nosniff
age: 200936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 13:09:35 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 18ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.login.safacrm.info
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 16:31:16 GMT
x-content-type-options: nosniff
age: 275235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:50 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jun 2022 16:31:16 GMT

GET
H3-29 200 memnYaGs126MiZpBA-UFUKWyV9hrIqM.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
14 KB 15ms
13ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/memnYaGs126MiZpBA-UFUKWyV9hrIqM.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9e72fed9f647684a0437f185bf4ed620de7b49f236453256716b639ac56f04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.login.safacrm.info
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 00:59:47 GMT
x-content-type-options: nosniff
age: 244724
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13916
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:37 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 00:59:47 GMT

GET
H3-29 200 mem6YaGs126MiZpBA-UFUK0Zdc0.woff2
fonts.gstatic.com/s/opensans/v20/ 13 KB
13 KB 12ms
11ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem6YaGs126MiZpBA-UFUK0Zdc0.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa4607112a6b3245394fee13973cf8cf8a22b727f919f60636436a945886005b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.login.safacrm.info
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 12:35:00 GMT
x-content-type-options: nosniff
age: 203011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13792
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:17 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 12:35:00 GMT

GET
H3-29 200 memnYaGs126MiZpBA-UFUKXGUdhrIqM.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
14 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/memnYaGs126MiZpBA-UFUKXGUdhrIqM.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88669ca2309970900842b8488c4cdf73e1cde037dc18d489ee6f6c44182a53c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.login.safacrm.info
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 06:35:26 GMT
x-content-type-options: nosniff
age: 224585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13928
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:36 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 06:35:26 GMT

GET
H3-29 200 memnYaGs126MiZpBA-UFUKWiUNhrIqM.woff2
fonts.gstatic.com/s/opensans/v20/ 13 KB
13 KB 18ms
17ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/memnYaGs126MiZpBA-UFUKWiUNhrIqM.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8c17e5dd0633499e73cab90d02e2ee089e60b718c6a917e9b1c3b418c15c179

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.login.safacrm.info
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 06:21:48 GMT
x-content-type-options: nosniff
age: 225403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13792
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:22:06 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 06:21:48 GMT

GET
H3-29 200 memnYaGs126MiZpBA-UFUKW-U9hrIqM.woff2
fonts.gstatic.com/s/opensans/v20/ 18 KB
18 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/memnYaGs126MiZpBA-UFUKW-U9hrIqM.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a34b23e1530db4229eb0d4a3fb8e5ea9d48a19fdda5c6b5065ba1124b4e5daae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.login.safacrm.info
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 22:18:10 GMT
x-content-type-options: nosniff
age: 254421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18056
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:49 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jun 2022 22:18:10 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 17ms
16ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.login.safacrm.info
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 10:05:12 GMT
x-content-type-options: nosniff
age: 211999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14992
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:24 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 10:05:12 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN8rsOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 19ms
18ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN8rsOUuhp.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47300f73d115d5d1586ff7b01cc7319166b160bdad6e54a54ad02ac9312f6426

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.login.safacrm.info
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 05:20:26 GMT
x-content-type-options: nosniff
age: 229085
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15188
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:56 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 05:20:26 GMT

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 82ms
15ms Script
application/x-javascript 2600:9000:2156:1e00:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1e00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:42:45 GMT
content-encoding: gzip
last-modified: Fri, 02 Jul 2021 20:42:35 GMT
server: Jetty(9.3.29.v20201019)
age: 946
x-cache: Hit from cloudfront
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
content-length: 6162
x-amz-cf-id: iqrnWKlbENggLjKu-F-dqixLshloSDlECA2-GmFrdNK-WEVM0W8FjA==
expires: Fri, 02 Jul 2021 21:42:45 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTVJB2X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 2482
date: Fri, 02 Jul 2021 20:17:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Fri, 02 Jul 2021 22:17:09 GMT

GET
H3-29 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
54 B 21ms
21ms Image
image/gif 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=467322680&utmhn=www.login.safacrm.info&utme=8(https%3A%2F%2Fwww.login.safacrm.info%2F)9(https%3A%2F%2Fwww.login.safacrm.info%2F)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Amazon%20Helpline%20contact&utmhid=1129540681&utmr=-&utmp=%2F&utmht=1625259511786&utmac=UA-80098170-1&utmgtm=2wg6u0MTVJB2X&utmcc=__utma%3D46763450.249686013.1625259512.1625259512.1625259512.1%3B%2B__utmz%3D46763450.1625259512.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1130550296&utmredir=1&utmu=q2AgAABAAAGBAAAAAgAAAAAE~

Requested by

Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 20:58:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Cookie set ca.html Show response
20797087p.rfihub.com/ Frame 2149 3 KB
4 KB 119ms
26ms Document
text/html 193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20797087p.rfihub.com/ca.html?ver=9&rb=34958&ca=20797087&_o=34958&_t=20797087&pe=https%3A%2F%2Fwww.login.safacrm.info%2F&pf=&ra=0832074453308822
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 5dba60e9fc7ae7a50bbc196e10773026184a389f1aa610a4ece104b3ce304004

Request headers

Host: 20797087p.rfihub.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.login.safacrm.info/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.login.safacrm.info/

Response headers

Date: Fri, 02 Jul 2021 20:58:31 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAAAJvFyGtoZmRqZGppamhoaWC-Co1_Co3_Co3_C40_iQmVPwuNvwiNvwqNvwmNvwuN_wldPwsq_xYafxMrmnncaO5H4y8SRuU_QuMDANWTA6EwAQAA; Path=/; Domain=.rfihub.com; Expires=Wed, 27 Jul 2022 20:58:31 GMT; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNrQwNzS1NDexNDM2tjA0MrO0NBfiM9QtTM1PTqsIDjAyDQiV4jU0MzI1MrU0NTS0NDAFAIwRn_A0AAAA; Path=/; Domain=.rfihub.com; Expires=Wed, 27 Jul 2022 20:58:31 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwNzS1NDexNDM2tjA0MrO0NBfiM9QtTM1PTqsIDjAyDQgFAC98fWMlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Cache-Control: no-cache
Content-Type: text/html;charset=utf-8
Content-Length: 2940
Server: Jetty(9.3.29.v20201019)

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame 2149
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTg3MTU5NzQ5NjMzODEyNjk5Nw==&forward=
https://cm.g.doubleclick.net/pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTg3MTU5NzQ5NjMzODEyNjk5Nw==&forward=&google_tc=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEC1HKm2nj7GiICFwr7UCtLM&google_cver=1

42 B
946 B

86ms
22ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEC1HKm2nj7GiICFwr7UCtLM&google_cver=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://20797087p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 20:58:32 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 02 Jul 2021 20:58:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEC1HKm2nj7GiICFwr7UCtLM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 2149
Redirect Chain

https://ib.adnxs.com/setuid?entity=18&code=1871597496338126997
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D1871597496338126997

43 B
1 KB

38ms
38ms

Image
image/gif

185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D1871597496338126997

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://20797087p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 20:58:32 GMT
X-Proxy-Origin: 213.232.87.179; 213.232.87.179; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b131dfbe-407b-46b6-aeb1-7538a7b2b0c6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 20:58:31 GMT
X-Proxy-Origin: 213.232.87.179; 213.232.87.179; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d31a1b40-cfb5-4222-9ef9-b3db903f3f03
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D1871597496338126997
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame 2149
Redirect Chain

https://stags.bluekai.com/site/4722?id=1871597496338126997&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D
https://p.rfihub.com/cm?bk_uuid=Wmoxvx9999Yvq22Q&forward=

42 B
999 B

24ms
23ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?bk_uuid=Wmoxvx9999Yvq22Q&forward=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://20797087p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 20:58:32 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://p.rfihub.com/cm?bk_uuid=Wmoxvx9999Yvq22Q&forward=
Date: Fri, 02 Jul 2021 20:58:32 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: dae3
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 2149 0
239 B 107ms
26ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=1871597496338126997
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://20797087p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 2149
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1871597496338126997&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1871597496338126997&redir=

42 B
958 B

41ms
40ms

Image
image/gif

52.31.176.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1871597496338126997&redir=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.176.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-176-223.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://20797087p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v012-0724e0829.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: eoexZS3oRBU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v012-05b640ae4.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Mystp4+CQ+c=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1871597496338126997&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2149
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1871597496338126997&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1871597496338126997&forward=&C=1

43 B
1006 B

36ms
36ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1871597496338126997&forward=&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://20797087p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 20:58:32 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 02 Jul 2021 20:58:32 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 20:58:32 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1871597496338126997&forward=&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 295
Expires: Fri, 02 Jul 2021 20:58:32 GMT

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 2149 0
445 B 22ms
7ms Image
text/plain 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~84c296ca4cae9f73fbcc48363a3cd4cd34be98f5&nwid=10000648372&sigv=1

Requested by

Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://20797087p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:31 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2 200 360947.gif
idsync.rlcdn.com/ Frame 2149 42 B
416 B 67ms
24ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=1871597496338126997
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://20797087p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 20:58:31 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame 2149 43 B
191 B 238ms
184ms Image
image/gif 23.45.99.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=1871597496338126997

Requested by

Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.99.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-45-99-241.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

Referer: https://20797087p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 20:58:32 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 02 Jul 2021 20:58:32 GMT
content-length: 43
strict-transport-security: max-age=2628000
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 2149
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1871597496338126997&img=1
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1871597496338126997&img=1&__user_check__=1&sync_id=424f8b0d-db78-11eb-a86e-155da6fd0206

43 B
548 B

21ms
21ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1871597496338126997&img=1&__user_check__=1&sync_id=424f8b0d-db78-11eb-a86e-155da6fd0206
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.125 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://20797087p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 20:58:32 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 59
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Fri, 02 Jul 2021 20:58:32 GMT
Server: nginx
Location: /partner?adv_id=7180&uid=1871597496338126997&img=1&__user_check__=1&sync_id=424f8b0d-db78-11eb-a86e-155da6fd0206
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 91
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame 2149 43 B
183 B 284ms
93ms Image
image/gif 2600:1f18:612b:4216:b3d7:e742:13a8:bd05
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=1871597496338126997&r=guIgSzEJImKu
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:b3d7:e742:13a8:bd05 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://20797087p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:32 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame 2149 43 B
238 B 89ms
26ms Image
image/gif 52.29.225.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=1871597496338126997
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.225.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-225-117.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://20797087p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 20:58:32 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 2149 0
338 B 118ms
38ms Image
text/plain 52.212.13.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=1871597496338126997
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.13.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-13-236.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://20797087p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:32 GMT
cache-control: private, no-cache, no-store
x-request-time: D=44 t=1625259512
x-served-by: beacon-n018-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 2149
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=119&user_id=1871597496338126997&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1871597496338126997&expires=30

43 B
344 B

28ms
28ms

Image
image/gif

52.58.146.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1871597496338126997&expires=30
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.146.86 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-146-86.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://20797087p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1871597496338126997&expires=30
date: Fri, 02 Jul 2021 20:58:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 2149
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=1871597496338126997&bid=omt9pi0

0
344 B

107ms
26ms

Image
text/plain

3.121.27.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=1871597496338126997&bid=omt9pi0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://20797087p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 20:58:32 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=1871597496338126997&bid=omt9pi0
Date: Fri, 02 Jul 2021 20:58:32 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame 2149
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YN99_AACXTPpmgAC
https://p.rfihub.com/cm?in=1&pub=21653&userid=YN99_AACXTPpmgAC&_test=YN99_AACXTPpmgAC

42 B
1 KB

23ms
23ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=YN99_AACXTPpmgAC&_test=YN99_AACXTPpmgAC
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://20797087p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 20:58:32 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 02 Jul 2021 20:58:32 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1625259512.244987,VS0,VE0
x-served-by: cache-hhn4052-HHN
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=YN99_AACXTPpmgAC&_test=YN99_AACXTPpmgAC
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 cksync.php
contextual.media.net/ Frame 2149 46 B
696 B 117ms
56ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=1871597496338126997

Requested by

Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://20797087p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Fri, 02 Jul 2021 20:58:32 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 46
x-mnet-hl2: E
expires: Fri, 02 Jul 2021 20:58:32 GMT

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame 2149
Redirect Chain

https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
https://p.rfihub.com/cm?in=1&pub=17945&userid=2a4f117c-1001-493a-928f-17ede29ce690

42 B
1 KB

24ms
24ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=17945&userid=2a4f117c-1001-493a-928f-17ede29ce690
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://20797087p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 20:58:32 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 02 Jul 2021 20:58:32 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NOI DEVa OUR BUS UNI"
location: https://p.rfihub.com/cm?in=1&pub=17945&userid=2a4f117c-1001-493a-928f-17ede29ce690
cache-control: private
content-type: text/html; charset=UTF-8
content-length: 213
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2

200

362358.gif
idsync.rlcdn.com/ Frame 2149
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1871597496338126997&referrer=https%3A%2F%2Fwww.login.safacrm.info%2F
https://p.rfihub.com/cm?pub=39342&in=0&userid=4e137027-8349-4cec-a99e-441fe0f5ca17%3A1625259512.33&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D4e137027-8349-4cec-a99e-441fe0f5ca17...
https://idsync.rlcdn.com/501709.gif?partner_uid=4e137027-8349-4cec-a99e-441fe0f5ca17%3A1625259512.33
https://idsync.rlcdn.com/1000.gif?memo=CM3PHhI8CjgIARAFGjI0ZTEzNzAyNy04MzQ5LTRjZWMtYTk5ZS00NDFmZTBmNWNhMTc6MTYyNTI1OTUxMi4zMxAAGg0I-Pv9hgYSBQjoBxAAQgBKAA
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_error=3

42 B
198 B

26ms
25ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_error=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://20797087p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 20:58:32 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 02 Jul 2021 20:58:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://idsync.rlcdn.com/362358.gif?google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 247
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame 2149 43 B
109 B 417ms
176ms Image
image/gif 52.201.132.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=1871597496338126997
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.132.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-132-210.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://20797087p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:32 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H2 200 jquery.flexslider.js Show response
www.weifieldcontracting.com/wp-content/themes/jupiter/assets/js/plugins/async/min/ 22 KB
7 KB 295ms
30ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weifieldcontracting.com/wp-content/themes/jupiter/assets/js/plugins/async/min/jquery.flexslider.js
Requested by: Host: www.login.safacrm.info
URL: https://www.login.safacrm.info/wp-includes/js/jquery/jquery4a5f.js?ver=1.12.4-wp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f449ac138905f9cc7902e7d2822364a8032ee512441e4eaa3ca570a651fa6313

Request headers

Referer: https://www.login.safacrm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 20:58:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 20809
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 17 Jun 2021 21:40:42 GMT
server: cloudflare
etag: W/"60cbc15a-56b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Df8V7XxglbAGKTrQhBVxHhGqCqUuITYClycWYxPR6I4CEl0pHfaAj1Qc6gsLsQRl%2FS0fmz8jRm5XSUDvHBFU1NzKNLlRpfu2EPoJPHDp%2Fatkqd1ekCzIJx7w7jrznAJ5%2FG2PEux5eBQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 668acaef59371ea1-AMS

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rfihub.com/	1970-01-20 04:49:15	Name: rud Value: H4sIAAAAAAAAAOMSNrQwNzS1NDexNDM2tjA0MrO0NBfiM9QtTM1PTqsIDjAyDQiV4jU0MzI1MrU0NTS0NDAFAIwRn_A0AAAA
.login.safacrm.info/	1970-01-19 19:27:40	Name: __utmt_UA-80098170-1 Value: 1
.rfihub.com/	1970-01-20 04:49:15	Name: eud Value: H4sIAAAAAAAAAJvFyGtoZmRqZGppamhoaWC-Co1_Co3_Co3_C40_iQmVPwuNvwiNvwqNvwmNvwuN_wldPwsq_xYafxMrmnncaO5H4y8SRuU_QuMDANWTA6EwAQAA
.login.safacrm.info/	1970-01-19 19:27:41	Name: __utmb Value: 46763450.1.10.1625259512
.login.safacrm.info/	1970-01-19 23:50:27	Name: __utmz Value: 46763450.1625259512.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.login.safacrm.info/	1969-12-31 23:59:59	Name: __utmc Value: 46763450
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNrQwNzS1NDexNDM2tjA0MrO0NBfiM9QtTM1PTqsIDjAyDQgFAC98fWMlAAAA
.login.safacrm.info/	1970-01-20 12:58:51	Name: __utma Value: 46763450.249686013.1625259512.1625259512.1625259512.1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.login.safacrm.info/wp-includes/js/jquery/jquery-migrate.min330a.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: https://www.login.safacrm.info/wp-content/themes/jupiter/assets/js/min/full-scripts.6.5.39b33.js?ver=1588850834(Line 2) Message: 23423
console-api	log	URL: https://www.login.safacrm.info/wp-content/themes/jupiter/assets/js/min/full-scripts.6.5.39b33.js?ver=1588850834(Line 5) Message: ready for rock

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20797087p.rfihub.com
a.rfihub.com
aa.agkn.com
ads.yahoo.com
beacon.krxd.net
bpi.rtactivate.com
bs.serving-sys.com
c1.rfihub.net
cm.g.doubleclick.net
contextual.media.net
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
idsync.rlcdn.com
live.rezync.com
maps.google.com
p.rfihub.com
partners.tremorhub.com
pixel.rubiconproject.com
ps.eyeota.net
ssl.google-analytics.com
stags.bluekai.com
sync-tm.everesttech.net
sync.search.spotxchange.com
www.googletagmanager.com
www.login.safacrm.info
www.weifieldcontracting.com
x.bidswitch.net
x.dlx.addthis.com
13.224.99.91
134.119.190.82
141.193.213.11
151.101.114.49
172.217.16.130
185.33.220.242
185.94.180.125
193.0.160.128
2.18.234.21
2.18.235.93
23.45.99.241
2600:1f18:612b:4216:b3d7:e742:13a8:bd05
2600:9000:2156:1e00:1:76cf:fe80:93a1
2a00:1288:80:800::7001
2a00:1450:4001:802::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2008
2a00:1450:4001:827::2003
3.121.27.153
35.244.174.68
52.201.132.210
52.212.13.236
52.29.225.117
52.31.176.223
52.58.146.86
52.58.164.24
69.173.144.139
083981540a618dacdcc9c89fbab8abeccd6492d15ed093506b2f461b2b9750f9
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
16c7202a143aa5d51b0b7fe842a8e73f170cf45d51aa94d87d2649913e0c061d
194b28e0dc71aa64e5f0885ae370ed5a30acd63f701f9eaf141bc32c656dc8ef
1b4e2c3b84fe75916b109ac323d0eb39e3881a892f7b7a21970a0cb9e694b3d7
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
20c444824e944cb050efa9dc18052c58b2cb12178cece83f2dea726beab95f77
2824e5dd755efb9b8299e94a2a8b87867e9fe038e873b6bbe70a0fd0c4f8d458
341097a731b4a090cae8d7a7c7bdcc78de39db93b28b7dfe1a252f1efe3b165e
43cdf46f331fec5ba92e402e3d5cad473099892cbdafca02e607cd03705104bf
467f562eeac99b52ef938d9157b0c142e8d6bd15fcce0ee92b4b79a57f56e500
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47300f73d115d5d1586ff7b01cc7319166b160bdad6e54a54ad02ac9312f6426
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49166e7b873e7fe8986eb3d8a4151b623b7c284f464a15e1621cfd64679193e6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
523f66c9700c41888b1857eadf379a6c0f79de41ae0b99076ba3234237e04571
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4
5dba60e9fc7ae7a50bbc196e10773026184a389f1aa610a4ece104b3ce304004
5fd8b5cc2b0df02b90db6e2b43f9c87f39f8f0c76822319ea78a22479c6aeb65
66f1d9c4fc5099fe1296ef5690e6adfb3c765e9e7582f8ed29ee1810919ecb04
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
76506701c151bee9127b40f7b37a9460e4e78db66fbca4735319bbcb28e4faac
78d0a5576acfe67eb2bca800f1d1ac29d66e2c5ca565551f3f5813ebe5f5336a
7b7dbc21a17cbcc0afaeb8ecf73588aed3c522e1de6ce775b4a365a91776eed3
7c9e72fed9f647684a0437f185bf4ed620de7b49f236453256716b639ac56f04
7ea819c32bebb49aeb9678b2152d4802a5498ee44d85861b846745a06a1035c1
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
7f9a44c6380de9dad00c68412b2420fc5132e4013bf2f62d9daee5da9d151674
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
851694f09a61e12df35b6888f75f43f49b14c1266a6d958e9a52fa1454ea083a
88669ca2309970900842b8488c4cdf73e1cde037dc18d489ee6f6c44182a53c7
89b3bb667432bca678f0d2529dafe50eb8670bfdc4d5ce12f91d314b087508b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64
9facc976353ff7ab7cbb7345853c0f7d0c1bbce3733934b53790b93833dbae4c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1171c1acfba6934a84527c0bdb9f70c0f661bc6afbc9b6c2f36490345be95f6
a1dff8b0c66227748951c4ff891f146f49c5a382ac8e3d6e3c2e9cf8aa560dc8
a34b23e1530db4229eb0d4a3fb8e5ea9d48a19fdda5c6b5065ba1124b4e5daae
a3d0e213a155b3df829ab7f7f91328f758fb8e9e1e9eb94f29e0b48bbc18f9c5
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
aa4607112a6b3245394fee13973cf8cf8a22b727f919f60636436a945886005b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8c17e5dd0633499e73cab90d02e2ee089e60b718c6a917e9b1c3b418c15c179
bc71c403dc6113c8597e111a99d6a6a197dd2f2355402f8392ca4812dca57d3d
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c9a7a08241e50a7085c89518dff7cc3749f7e7667c2447395925a7c09fd3c766
d70d9853ff87464d69a8174e3a76633bf29e45aaafcbccb214c10722b2b9714c
d9ab2ba01a96cf27be77de15c10f09d8fa28640876c906311ed426297b7972fb
df3dee8f005f8a28461fb8e49ab76a68df6fcb79a522bfe1c3bbf11c6e209124
dfc519eb2d0e5ac0e8cdbe86fef355135280c643df14fa9a8e6abd5820d01159
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43ff2b17f367a2e4d5fdf34624e358ca436e3c2e4d8d879185574388bc9ff85
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e61ac08ccbbff6ae298e168c6d2fb069e5db7c122fe07f7e2e4ce1dbb01a58fb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f449ac138905f9cc7902e7d2822364a8032ee512441e4eaa3ca570a651fa6313
f782f4ddb7cc5a929d72c89d3dfda867d6b28ebb1e82a0b34b2f48e524bdc389
f9a531090e98525f0cd6b9c17c07078dd98ab86abfc4bcbb823ebe2e714fd87f
fc8d15945da20b194a73006de8008b4a47e818684d49760280d9638b1d8f9825

www.login.safacrm.info Open in urlscan Pro 134.119.190.82 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

73 Requests

53 %HTTPS

29 %IPv6

29 Domains

31 Subdomains

24 IPs

5 Countries

820 kBTransfer

2961 kBSize

8 Cookies

0 Outgoing links

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.login.safacrm.info Open in urlscan Pro
134.119.190.82 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

53 %
HTTPS

29 %
IPv6

29
Domains

31
Subdomains

24
IPs

5
Countries

820 kB
Transfer

2961 kB
Size

8
Cookies

73 HTTP transactions
0 data transactions