Submitted URL: http://covidproofbusinessloans.com/
Effective URL: https://arffinancial.force.com/portal/ARFUSOnly
Submission Tags: falconsandbox
Submission: On May 22 via api from US

Summary

This website contacted 13 IPs in 2 countries across 10 domains to perform 26 HTTP transactions. The main IP is 13.109.185.151, located in United States and belongs to SALESFORCE, US. The main domain is arffinancial.force.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on July 14th 2020. Valid for: a year.
This is the only time arffinancial.force.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 184.168.131.241 26496 (AS-26496-...)
13 13.109.185.151 14340 (SALESFORCE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 146.88.138.44 33438 (HIGHWINDS2)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 88.221.60.75 16625 (AKAMAI-AS)
1 54.192.219.92 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.192.219.3 16509 (AMAZON-02)
1 52.84.49.97 16509 (AMAZON-02)
1 198.145.13.14 2044 (IINET-2044)
26 13
Domain Requested by
13 arffinancial.force.com arffinancial.force.com
2 munchkin.marketo.net arffinancial.force.com
munchkin.marketo.net
1 win.staticstuff.net hello.staticstuff.net
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 fonts.gstatic.com fonts.googleapis.com
1 static.hotjar.com arffinancial.force.com
1 hello.staticstuff.net arffinancial.force.com
1 cdn.daddyanalytics.com arffinancial.force.com
1 ajax.googleapis.com arffinancial.force.com
1 cdnjs.cloudflare.com arffinancial.force.com
1 netdna.bootstrapcdn.com arffinancial.force.com
1 fonts.googleapis.com arffinancial.force.com
1 covidproofbusinessloans.com 1 redirects
26 14

This site contains no links.

Subject Issuer Validity Valid
*.na151.force.com
DigiCert SHA2 Secure Server CA
2020-07-14 -
2021-07-13
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-05-03 -
2021-07-26
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-03-01 -
2022-02-28
a year crt.sh
cdn.daddyanalytics.com
Sectigo RSA Domain Validation Secure Server CA
2020-12-20 -
2022-01-20
a year crt.sh
*.marketo.net
DigiCert SHA2 Secure Server CA
2021-03-29 -
2022-04-06
a year crt.sh
*.hotjar.com
Amazon
2020-12-25 -
2022-01-23
a year crt.sh
*.google.com
GTS CA 1O1
2021-05-03 -
2021-07-26
3 months crt.sh
win.staticstuff.net
Sectigo RSA Domain Validation Secure Server CA
2021-02-09 -
2022-03-12
a year crt.sh

This page contains 2 frames:

Primary Page: https://arffinancial.force.com/portal/ARFUSOnly
Frame ID: 022BEA14DAD386565AECB413B2DBF7BB
Requests: 25 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Frame ID: B173784669B92F970BE90A71BDA975CB
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://covidproofbusinessloans.com/ HTTP 301
    https://arffinancial.force.com/portal/ARFRegistration?RPId=0034y00002Cd0j8AAB Page URL
  2. https://arffinancial.force.com/portal/ARFUSOnly Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+(?:-?rc[.\d]*)*)\/angular(?:\.min)?\.js/i
  • script /angular.*\.js/i

Overall confidence: 100%
Detected patterns
  • html /(?:<link[^>]* href=[^>]+glyphicons(?:\.min)?\.css|<img[^>]* src=[^>]+glyphicons)/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • script /lodash.*\.js/i

Overall confidence: 100%
Detected patterns
  • script /munchkin\.marketo\.net\/munchkin\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery-ui.*\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery-ui.*\.js/i

Page Statistics

26
Requests

100 %
HTTPS

43 %
IPv6

10
Domains

14
Subdomains

13
IPs

2
Countries

355 kB
Transfer

1065 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://covidproofbusinessloans.com/ HTTP 301
    https://arffinancial.force.com/portal/ARFRegistration?RPId=0034y00002Cd0j8AAB Page URL
  2. https://arffinancial.force.com/portal/ARFUSOnly Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://covidproofbusinessloans.com/ HTTP 301
  • https://arffinancial.force.com/portal/ARFRegistration?RPId=0034y00002Cd0j8AAB

26 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set ARFRegistration
arffinancial.force.com/portal/
Redirect Chain
  • http://covidproofbusinessloans.com/
  • https://arffinancial.force.com/portal/ARFRegistration?RPId=0034y00002Cd0j8AAB
524 B
940 B
Document
General
Full URL
https://arffinancial.force.com/portal/ARFRegistration?RPId=0034y00002Cd0j8AAB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.109.185.151 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl10-ncg1-c5-iad4.na151-ia4.force.com
Software
/ Salesforce.com ApexPages
Resource Hash
326ff9c737ff7e059dc61b832081aa80a9137d0615f5cd49af27f6ad48961360

Request headers

Host
arffinancial.force.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 22:57:51 GMT
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Set-Cookie
BrowserId=Iq-_ArtREeu7rQ_YhvCc5A; domain=.force.com; path=/; expires=Sun, 22-May-2022 22:57:51 GMT; Max-Age=31536000 BrowserId_sec=Iq-_ArtREeu7rQ_YhvCc5A; domain=.force.com; path=/; expires=Sun, 22-May-2022 22:57:51 GMT; Max-Age=31536000; secure; SameSite=None
X-Powered-By
Salesforce.com ApexPages
P3P
CP="CUR OTR STA"
Content-Type
text/html;charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Transfer-Encoding
chunked

Redirect headers

Server
nginx/1.16.1
Date
Sat, 22 May 2021 22:57:50 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
close
Location
https://arffinancial.force.com/portal/ARFRegistration?RPId=0034y00002Cd0j8AAB
Primary Request ARFUSOnly
arffinancial.force.com/portal/
15 KB
4 KB
Document
General
Full URL
https://arffinancial.force.com/portal/ARFUSOnly
Requested by
Host: arffinancial.force.com
URL: https://arffinancial.force.com/portal/ARFRegistration?RPId=0034y00002Cd0j8AAB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.109.185.151 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl10-ncg1-c5-iad4.na151-ia4.force.com
Software
/ Salesforce.com ApexPages
Resource Hash
9949456ce35e64ea7c9aba42d4f4e15bc062c835d288fdf4f60f7feb79286cba
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Xss-Protection 0

Request headers

Host
arffinancial.force.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://arffinancial.force.com/portal/ARFRegistration?RPId=0034y00002Cd0j8AAB
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
BrowserId=Iq-_ArtREeu7rQ_YhvCc5A; BrowserId_sec=Iq-_ArtREeu7rQ_YhvCc5A
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://arffinancial.force.com/portal/ARFRegistration?RPId=0034y00002Cd0j8AAB

Response headers

Date
Sat, 22 May 2021 22:57:51 GMT
Cache-Control
public,must-revalidate,max-age=0,s-maxage=600
X-Powered-By
Salesforce.com ApexPages
P3P
CP="CUR OTR STA"
Expires
Sat, 22 May 2021 22:57:51 GMT
Last-Modified
Sat, 22 May 2021 22:57:51 GMT
X-XSS-Protection
0
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html;charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Transfer-Encoding
chunked
stub.js
arffinancial.force.com/portal/static/111213/js/perf/
1 KB
943 B
Script
General
Full URL
https://arffinancial.force.com/portal/static/111213/js/perf/stub.js
Requested by
Host: arffinancial.force.com
URL: https://arffinancial.force.com/portal/ARFUSOnly
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.109.185.151 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl10-ncg1-c5-iad4.na151-ia4.force.com
Software
/
Resource Hash
5830f6b53e1ea91abd5de97ef219269702f413575cfe0dd6149712d68d7d61eb

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
arffinancial.force.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://arffinancial.force.com/portal/ARFUSOnly
Cookie
BrowserId=Iq-_ArtREeu7rQ_YhvCc5A; BrowserId_sec=Iq-_ArtREeu7rQ_YhvCc5A
Connection
keep-alive
Referer
https://arffinancial.force.com/portal/ARFUSOnly
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 17 May 2021 13:13:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Dec 2014 19:28:42 GMT
Age
467068
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=10368000
Accept-Ranges
bytes
Content-Length
618
Expires
Tue, 14 Sep 2021 13:13:24 GMT
jquery.min.js
arffinancial.force.com/portal/resource/1527153562000/ARF_JS/js/
95 KB
33 KB
Script
General
Full URL
https://arffinancial.force.com/portal/resource/1527153562000/ARF_JS/js/jquery.min.js
Requested by
Host: arffinancial.force.com
URL: https://arffinancial.force.com/portal/ARFUSOnly
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.109.185.151 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl10-ncg1-c5-iad4.na151-ia4.force.com
Software
/
Resource Hash
27d92130c0321dad5a03760fd5ac98a3d04ed4c94d88418fe6d50da1f7fc5cbe
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
arffinancial.force.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://arffinancial.force.com/portal/ARFUSOnly
Cookie
BrowserId=Iq-_ArtREeu7rQ_YhvCc5A; BrowserId_sec=Iq-_ArtREeu7rQ_YhvCc5A
Connection
keep-alive
Referer
https://arffinancial.force.com/portal/ARFUSOnly
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 17 May 2021 05:22:46 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 May 2018 09:19:22 GMT
Age
495306
X-FRAME-OPTIONS
SAMEORIGIN
Vary
Accept-Encoding
P3P
CP="CUR OTR STA"
Cache-Control
public,max-age=3888000,immutable
Content-Type
application/x-javascript
Content-Length
33805
X-XSS-Protection
0
Expires
Thu, 01 Jul 2021 05:22:46 GMT
jquery-ui.min.js
arffinancial.force.com/portal/resource/1527153562000/ARF_JS/js/
248 KB
67 KB
Script
General
Full URL
https://arffinancial.force.com/portal/resource/1527153562000/ARF_JS/js/jquery-ui.min.js
Requested by
Host: arffinancial.force.com
URL: https://arffinancial.force.com/portal/ARFUSOnly
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.109.185.151 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl10-ncg1-c5-iad4.na151-ia4.force.com
Software
/
Resource Hash
e247f8b32bfc8600fa6d19a43022a9220c104998612d0646e94d2c3332612246
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
arffinancial.force.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://arffinancial.force.com/portal/ARFUSOnly
Cookie
BrowserId=Iq-_ArtREeu7rQ_YhvCc5A; BrowserId_sec=Iq-_ArtREeu7rQ_YhvCc5A
Connection
keep-alive
Referer
https://arffinancial.force.com/portal/ARFUSOnly
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 17:13:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 May 2018 09:19:22 GMT
Age
20635
X-FRAME-OPTIONS
SAMEORIGIN
Vary
Accept-Encoding
P3P
CP="CUR OTR STA"
Cache-Control
public,max-age=3888000,immutable
Content-Type
application/x-javascript
Content-Length
67787
X-XSS-Protection
0
Expires
Tue, 06 Jul 2021 17:13:57 GMT
bootstrap.min.js
arffinancial.force.com/portal/resource/1527153562000/ARF_JS/js/
36 KB
10 KB
Script
General
Full URL
https://arffinancial.force.com/portal/resource/1527153562000/ARF_JS/js/bootstrap.min.js
Requested by
Host: arffinancial.force.com
URL: https://arffinancial.force.com/portal/ARFUSOnly
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.109.185.151 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl10-ncg1-c5-iad4.na151-ia4.force.com
Software
/
Resource Hash
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
arffinancial.force.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://arffinancial.force.com/portal/ARFUSOnly
Cookie
BrowserId=Iq-_ArtREeu7rQ_YhvCc5A; BrowserId_sec=Iq-_ArtREeu7rQ_YhvCc5A
Connection
keep-alive
Referer
https://arffinancial.force.com/portal/ARFUSOnly
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 19 May 2021 00:39:52 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 May 2018 09:19:22 GMT
Age
339480
X-FRAME-OPTIONS
SAMEORIGIN
Vary
Accept-Encoding
P3P
CP="CUR OTR STA"
Cache-Control
public,max-age=3888000,immutable
Content-Type
application/x-javascript
Content-Length
9743
X-XSS-Protection
0
Expires
Sat, 03 Jul 2021 00:39:52 GMT
bootstrap.min.css
arffinancial.force.com/portal/resource/1594904941000/ARF_CSS/css/
120 KB
20 KB
Stylesheet
General
Full URL
https://arffinancial.force.com/portal/resource/1594904941000/ARF_CSS/css/bootstrap.min.css
Requested by
Host: arffinancial.force.com
URL: https://arffinancial.force.com/portal/ARFUSOnly
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.109.185.151 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl10-ncg1-c5-iad4.na151-ia4.force.com
Software
/
Resource Hash
be4e2bdba9e0c981f86db60fac11798607e8e66ca9da78a3937b40674ab75a65
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
arffinancial.force.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://arffinancial.force.com/portal/ARFUSOnly
Cookie
BrowserId=Iq-_ArtREeu7rQ_YhvCc5A; BrowserId_sec=Iq-_ArtREeu7rQ_YhvCc5A
Connection
keep-alive
Referer
https://arffinancial.force.com/portal/ARFUSOnly
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 20:26:52 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Jul 2020 13:09:01 GMT
Age
181860
X-FRAME-OPTIONS
SAMEORIGIN
Vary
Accept-Encoding
P3P
CP="CUR OTR STA"
Cache-Control
public,max-age=3888000,immutable
Content-Type
text/css
Content-Length
19945
X-XSS-Protection
0
Expires
Sun, 04 Jul 2021 20:26:52 GMT
jquery-ui.min.css
arffinancial.force.com/portal/resource/1527153562000/ARF_JS/js/
30 KB
8 KB
Stylesheet
General
Full URL
https://arffinancial.force.com/portal/resource/1527153562000/ARF_JS/js/jquery-ui.min.css
Requested by
Host: arffinancial.force.com
URL: https://arffinancial.force.com/portal/ARFUSOnly
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.109.185.151 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl10-ncg1-c5-iad4.na151-ia4.force.com
Software
/
Resource Hash
602c095d503dd416b77efd1c0c28d69e69219c404af969f26e97cf2826d04c45
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
arffinancial.force.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://arffinancial.force.com/portal/ARFUSOnly
Cookie
BrowserId=Iq-_ArtREeu7rQ_YhvCc5A; BrowserId_sec=Iq-_ArtREeu7rQ_YhvCc5A
Connection
keep-alive
Referer
https://arffinancial.force.com/portal/ARFUSOnly
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 17:13:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 May 2018 09:19:22 GMT
Age
20635
X-FRAME-OPTIONS
SAMEORIGIN
Vary
Accept-Encoding
P3P
CP="CUR OTR STA"
Cache-Control
public,max-age=3888000,immutable
Content-Type
text/css
Content-Length
7604
X-XSS-Protection
0
Expires
Tue, 06 Jul 2021 17:13:57 GMT
custom.css
arffinancial.force.com/portal/resource/1594904941000/ARF_CSS/css/
26 KB
5 KB
Stylesheet
General
Full URL
https://arffinancial.force.com/portal/resource/1594904941000/ARF_CSS/css/custom.css
Requested by
Host: arffinancial.force.com
URL: https://arffinancial.force.com/portal/ARFUSOnly
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.109.185.151 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl10-ncg1-c5-iad4.na151-ia4.force.com
Software
/
Resource Hash
1702b2236c00899a18deed80c351f2fb1ee511d086300d2a50446707e92821cf
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
arffinancial.force.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://arffinancial.force.com/portal/ARFUSOnly
Cookie
BrowserId=Iq-_ArtREeu7rQ_YhvCc5A; BrowserId_sec=Iq-_ArtREeu7rQ_YhvCc5A
Connection
keep-alive
Referer
https://arffinancial.force.com/portal/ARFUSOnly
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 18 May 2021 06:57:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Jul 2020 13:09:01 GMT
Age
403240
X-FRAME-OPTIONS
SAMEORIGIN
Vary
Accept-Encoding
P3P
CP="CUR OTR STA"
Cache-Control
public,max-age=3888000,immutable
Content-Type
text/css
Content-Length
5026
X-XSS-Protection
0
Expires
Fri, 02 Jul 2021 06:57:12 GMT
NetworkTracking.js
arffinancial.force.com/portal/jslibrary/1605126154230/sfdc/
4 KB
2 KB
Script
General
Full URL
https://arffinancial.force.com/portal/jslibrary/1605126154230/sfdc/NetworkTracking.js
Requested by
Host: arffinancial.force.com
URL: https://arffinancial.force.com/portal/ARFUSOnly
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.109.185.151 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl10-ncg1-c5-iad4.na151-ia4.force.com
Software
/
Resource Hash
7356a67656e9bb1d847467ed660072975deb34343b23119bde1566bb7b085fb8

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
arffinancial.force.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://arffinancial.force.com/portal/ARFUSOnly
Cookie
BrowserId=Iq-_ArtREeu7rQ_YhvCc5A; BrowserId_sec=Iq-_ArtREeu7rQ_YhvCc5A
Connection
keep-alive
Referer
https://arffinancial.force.com/portal/ARFUSOnly
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 18 May 2021 15:16:47 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 May 2021 20:44:18 GMT
Age
373265
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=10368000
Accept-Ranges
bytes
Content-Length
1545
Expires
Wed, 15 Sep 2021 15:16:47 GMT
css
fonts.googleapis.com/
11 KB
914 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700|Raleway:400,600,700
Requested by
Host: arffinancial.force.com
URL: https://arffinancial.force.com/portal/ARFUSOnly
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4c8d0019d19ef52e6c417c34e52a71dc19c992bc8c6d45bf368208db8fff400b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://arffinancial.force.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 22 May 2021 22:57:52 GMT
server
ESF
date
Sat, 22 May 2021 22:57:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 22 May 2021 22:57:52 GMT
bootstrap-glyphicons.css
netdna.bootstrapcdn.com/bootstrap/3.0.0/css/
13 KB
4 KB
Stylesheet
General
Full URL
https://netdna.bootstrapcdn.com/bootstrap/3.0.0/css/bootstrap-glyphicons.css
Requested by
Host: arffinancial.force.com
URL: https://arffinancial.force.com/portal/ARFUSOnly
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca64645c22680035acdd8149902fda928c381cafbeab0b628b5542a7323ee0e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://arffinancial.force.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 22:57:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617
age
5277131
cdn-cachedat
2021-03-11 12:01:49
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a37e5ad8d000005b7dea0f000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
7caec9e0ec065fa570dbd9bc21b9defb
cf-ray
6539a55c1e8905b7-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
lodash.min.js
cdnjs.cloudflare.com/ajax/libs/lodash.js/0.10.0/
18 KB
7 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/lodash.js/0.10.0/lodash.min.js
Requested by
Host: arffinancial.force.com
URL: https://arffinancial.force.com/portal/ARFUSOnly
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
958c2ecbdd6c6708cf566ceb9b10ffd133ceef822ce81ef460db8ca29e44bcb5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://arffinancial.force.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 22:57:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
580573
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6419
cf-request-id
0a37e5ad7f0000d709d6bfe000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:12:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ed2-464d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BhaqfyHAjqm3FNa9zQ13BO26clCYHvaVarc57%2BTitBsIPZuH0BIlM0gNICOBlBO8frHz50mF1zgtQvpMotERV5ViYBOFppzkkmMLfigVan5neVFbkKOMXqH7EEr8DbZq9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6539a55bf894d709-FRA
expires
Thu, 12 May 2022 22:57:52 GMT
angular.min.js
ajax.googleapis.com/ajax/libs/angularjs/1.3.14/
123 KB
45 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/angularjs/1.3.14/angular.min.js
Requested by
Host: arffinancial.force.com
URL: https://arffinancial.force.com/portal/ARFUSOnly
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79ff1591234ea9434d7f96516781130625b1880ba4fa8eb965b278337e11f8ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://arffinancial.force.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:43:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
119648
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46375
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 May 2022 13:43:44 GMT
daddy.js
cdn.daddyanalytics.com/w2/
4 KB
2 KB
Script
General
Full URL
https://cdn.daddyanalytics.com/w2/daddy.js
Requested by
Host: arffinancial.force.com
URL: https://arffinancial.force.com/portal/ARFUSOnly
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.88.138.44 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
5bfa8a300ce6a51b3f2d52e0e23c10b73084b26c86e434b7c66211c638ce15ec

Request headers

Referer
https://arffinancial.force.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 22:57:52 GMT
Content-Encoding
gzip
Last-Modified
Sat, 12 Apr 2014 09:17:53 GMT
Server
NetDNA-cache/2.2
x-amz-request-id
EJ7J4QDPZ7H2P2FJ
ETag
W/"fdce38471f3bca30ee50cda983861138"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
application/x-javascript
Connection
keep-alive
x-amz-id-2
ncFtvpcJ510mfBAh/b6+x17EHjOuM2lmYdBWa86o3QynucuHlarNQSe0X6x6y+9cV/+0o7nnKJg=
__stats.js
hello.staticstuff.net/w/
15 KB
6 KB
Script
General
Full URL
https://hello.staticstuff.net/w/__stats.js
Requested by
Host: arffinancial.force.com
URL: https://arffinancial.force.com/portal/ARFUSOnly
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cc45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9207e08553cdc8400560c9a755854babaf93b9d3abc4f6a7a35f60c2e0abec6

Request headers

Referer
https://arffinancial.force.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 22:57:52 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
884
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=604800
cf-ray
6539a55c2f2b4ed3-FRA
x-proxy-cache
HIT
cf-request-id
0a37e5ad9b00004ed349934000000001
expires
Sat, 29 May 2021 22:57:52 GMT
ARF_Exclamation
arffinancial.force.com/portal/resource/1530290590000/
3 KB
4 KB
Image
General
Full URL
https://arffinancial.force.com/portal/resource/1530290590000/ARF_Exclamation
Requested by
Host: arffinancial.force.com
URL: https://arffinancial.force.com/portal/ARFUSOnly
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.109.185.151 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl10-ncg1-c5-iad4.na151-ia4.force.com
Software
/
Resource Hash
52dc2a3fa163bb2f96ef73c192a456f1b8b3efbf7fd2b50af4a16d2df4fc6af8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
arffinancial.force.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://arffinancial.force.com/portal/ARFUSOnly
Cookie
BrowserId=Iq-_ArtREeu7rQ_YhvCc5A; BrowserId_sec=Iq-_ArtREeu7rQ_YhvCc5A
Connection
keep-alive
Referer
https://arffinancial.force.com/portal/ARFUSOnly
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 03:28:21 GMT
Last-Modified
Fri, 29 Jun 2018 16:43:10 GMT
Age
242971
X-FRAME-OPTIONS
SAMEORIGIN
P3P
CP="CUR OTR STA"
Cache-Control
public,max-age=3888000,immutable
Content-Type
image/png
Content-Length
3375
X-XSS-Protection
0
Expires
Sun, 04 Jul 2021 03:28:21 GMT
munchkin.js
munchkin.marketo.net/
1 KB
1 KB
Script
General
Full URL
https://munchkin.marketo.net/munchkin.js
Requested by
Host: arffinancial.force.com
URL: https://arffinancial.force.com/portal/ARFUSOnly
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-60-75.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
fda1fb640da96d01d0af5a1e96b524c5d099e8a1345edae5beef24b9d39a653c

Request headers

Referer
https://arffinancial.force.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sat, 22 May 2021 22:57:52 GMT
Content-Encoding
gzip
Last-Modified
Fri, 14 May 2021 03:42:28 GMT
Server
AkamaiNetStorage
ETag
"3f6637fc1dc79a5409c94151ce4e9ad0:1620963748.318501"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
760
hotjar-940204.js
static.hotjar.com/c/
4 KB
2 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-940204.js?sv=6
Requested by
Host: arffinancial.force.com
URL: https://arffinancial.force.com/portal/ARFUSOnly
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.219.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-219-92.mrs52.r.cloudfront.net
Software
/
Resource Hash
70c8e018c66f537fd4aee50af6dddc432ac5e6ab1fb412e451e0fecfd6934b60
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://arffinancial.force.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 22:57:52 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
MRS52-P2
etag
W/612da1765373b66367a721900238af2b
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
content-length
1914
via
1.1 ee464261ee466fae8314a91098b35372.cloudfront.net (CloudFront)
x-amz-cf-id
ZAlpiei49tH047FOnqBhOUJtxP4_zuu0ii3yV3o7P29_1ABuQurkWg==
munchkin.js
munchkin.marketo.net/159/
11 KB
5 KB
Script
General
Full URL
https://munchkin.marketo.net/159/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-60-75.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc

Request headers

Referer
https://arffinancial.force.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 22:57:52 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 May 2020 02:24:14 GMT
Server
AkamaiNetStorage
ETag
"79274ffc293e4f76fc372b953f780d16:1588904654.430334"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
4810
Expires
Mon, 30 Aug 2021 22:57:52 GMT
ARFMerchantApp_Background.jpg
arffinancial.force.com/portal/resource/1543930344000/ARF_Images/images/background/
52 KB
52 KB
Image
General
Full URL
https://arffinancial.force.com/portal/resource/1543930344000/ARF_Images/images/background/ARFMerchantApp_Background.jpg
Requested by
Host: arffinancial.force.com
URL: https://arffinancial.force.com/portal/ARFUSOnly
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.109.185.151 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl10-ncg1-c5-iad4.na151-ia4.force.com
Software
/
Resource Hash
3a97fc6719a40003ac1e9d541456d065ba7bb59a5e39672e56e0f6d7a463a9e2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
arffinancial.force.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://arffinancial.force.com/portal/ARFUSOnly
Cookie
BrowserId=Iq-_ArtREeu7rQ_YhvCc5A; BrowserId_sec=Iq-_ArtREeu7rQ_YhvCc5A
Connection
keep-alive
Referer
https://arffinancial.force.com/portal/ARFUSOnly
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 02:18:10 GMT
Last-Modified
Tue, 4 Dec 2018 13:32:24 GMT
Age
74382
X-FRAME-OPTIONS
SAMEORIGIN
P3P
CP="CUR OTR STA"
Cache-Control
public,max-age=3888000,immutable
Content-Type
image/jpeg
Content-Length
53179
X-XSS-Protection
0
Expires
Tue, 06 Jul 2021 02:18:10 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700|Raleway:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://arffinancial.force.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 21:32:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:50 GMT
server
sffe
age
350746
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
expires
Wed, 18 May 2022 21:32:06 GMT
modules.0d0a898aa455aaa7acd5.js
script.hotjar.com/
219 KB
58 KB
Script
General
Full URL
https://script.hotjar.com/modules.0d0a898aa455aaa7acd5.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-940204.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.219.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-219-3.mrs52.r.cloudfront.net
Software
/
Resource Hash
6344ba60b5407714ea496dc2195e55d55a0de6446844786b976a5df387283dd2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://arffinancial.force.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 12:09:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
125327
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59007
access-control-allow-origin
*
last-modified
Fri, 21 May 2021 12:08:20 GMT
etag
"93ac925b3658bdcc78077b657a6a72f4"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 ab94358e0d2d36f8b4f6ff94645b8b39.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
MRS52-P2
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
kmYEHYQ4KI9IM8yLuXjYIEHpcyvNf6PF4Olw6yUPrNsS_PcHMEu_pA==
box-21ccaa45726c0f3c8c458f7a87eb2298.html
vars.hotjar.com/ Frame B173
2 KB
1 KB
Document
General
Full URL
https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-940204.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.49.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-49-97.mrs52.r.cloudfront.net
Software
/
Resource Hash
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-21ccaa45726c0f3c8c458f7a87eb2298.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://arffinancial.force.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://arffinancial.force.com/

Response headers

content-type
text/html
content-length
1044
date
Thu, 20 May 2021 13:17:05 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"6a4e2ae376c29011d2e53de65a08d0b7"
last-modified
Thu, 20 May 2021 13:16:24 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 f1f5d974f7fdb5d7a316f8977e43daae.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
x-amz-cf-id
qjvRypMaUhvQGsMYCmHIudQkXaYrt6KZ4NmMlMeELOq6xowDHG6W5w==
age
207647
in.php
win.staticstuff.net/
155 B
450 B
Script
General
Full URL
https://win.staticstuff.net/in.php?site_id=100706955&type=pageview&href=%2Fportal%2FARFUSOnly&title=ARF%20-%20Quote&res=1600x1200&lang=en&custom[DaddyAnalytics]=1621724272494-9090142&jsuid=972786955&mime=js&x=0.6328049230820347
Requested by
Host: hello.staticstuff.net
URL: https://hello.staticstuff.net/w/__stats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.145.13.14 Portland, United States, ASN2044 (IINET-2044, US),
Reverse DNS
getclicky.com
Software
nginx /
Resource Hash
01531e0e290979c4503c5e76643c2b4a24a9d1d9cb829720d474f6b41f4a756a

Request headers

Referer
https://arffinancial.force.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 22:57:53 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate, post-check=0, pre-check=0
expires
Mon, 26 Jul 1997 05:00:00 GMT
Cookie set NetworkTrackingServlet
arffinancial.force.com/portal/_ui/networks/tracking/
0
357 B
XHR
General
Full URL
https://arffinancial.force.com/portal/_ui/networks/tracking/NetworkTrackingServlet
Requested by
Host: arffinancial.force.com
URL: https://arffinancial.force.com/portal/jslibrary/1605126154230/sfdc/NetworkTracking.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.109.185.151 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl10-ncg1-c5-iad4.na151-ia4.force.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Origin
https://arffinancial.force.com
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Sec-Fetch-Dest
empty
Cookie
BrowserId=Iq-_ArtREeu7rQ_YhvCc5A; BrowserId_sec=Iq-_ArtREeu7rQ_YhvCc5A; _first_pageview=1; _jsuid=972786955; _hjTLDTest=1; _hjid=20ee4a9a-ea22-4b7b-ae06-890aa7b704c3; _hjFirstSeen=1; heatmaps_g2g_100706955=yes
Connection
keep-alive
Content-Length
183
Pragma
no-cache
Host
arffinancial.force.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Cache-Control
no-cache
Referer
https://arffinancial.force.com/portal/ARFUSOnly
Sec-Fetch-Site
same-origin
Referer
https://arffinancial.force.com/portal/ARFUSOnly
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Set-Cookie
pctrk=359a17b3-7bf9-445f-bbfc-ebb5e2e6c050; domain=arffinancial.force.com; path=/; expires=Sun, 22-May-2022 22:57:54 GMT; Max-Age=31536000; secure; SameSite=None
Content-Type
application/json; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| PerfConstants object| PerfLogLevel object| Perf function| $ function| jQuery object| jQuery1124032909690327342767 object| NetworkTracking object| UITheme function| _ object| angular function| openSuccessStories function| daddy_init string| da_data object| clicky_custom object| clicky_obj object| clicky undefined| test object| clicky_site_ids object| _genericStats object| _genericStatsCustom function| hj object| _hjSettings function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin object| MunchkinTracker object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules

8 Cookies

Domain/Path Name / Value
.arffinancial.force.com/ Name: heatmaps_g2g_100706955
Value: yes
.force.com/ Name: _hjid
Value: 20ee4a9a-ea22-4b7b-ae06-890aa7b704c3
.force.com/ Name: _hjTLDTest
Value: 1
.arffinancial.force.com/ Name: _jsuid
Value: 972786955
.force.com/ Name: BrowserId_sec
Value: Iq-_ArtREeu7rQ_YhvCc5A
.arffinancial.force.com/ Name: _first_pageview
Value: 1
.force.com/ Name: _hjFirstSeen
Value: 1
.force.com/ Name: BrowserId
Value: Iq-_ArtREeu7rQ_YhvCc5A

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
arffinancial.force.com
cdn.daddyanalytics.com
cdnjs.cloudflare.com
covidproofbusinessloans.com
fonts.googleapis.com
fonts.gstatic.com
hello.staticstuff.net
munchkin.marketo.net
netdna.bootstrapcdn.com
script.hotjar.com
static.hotjar.com
vars.hotjar.com
win.staticstuff.net
13.109.185.151
146.88.138.44
184.168.131.241
198.145.13.14
2606:4700::6810:125e
2606:4700::6810:cc45
2606:4700::6812:acf
2a00:1450:4001:809::200a
2a00:1450:4001:810::2003
2a00:1450:4001:82f::200a
52.84.49.97
54.192.219.3
54.192.219.92
88.221.60.75
01531e0e290979c4503c5e76643c2b4a24a9d1d9cb829720d474f6b41f4a756a
1702b2236c00899a18deed80c351f2fb1ee511d086300d2a50446707e92821cf
27d92130c0321dad5a03760fd5ac98a3d04ed4c94d88418fe6d50da1f7fc5cbe
326ff9c737ff7e059dc61b832081aa80a9137d0615f5cd49af27f6ad48961360
3a97fc6719a40003ac1e9d541456d065ba7bb59a5e39672e56e0f6d7a463a9e2
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
4c8d0019d19ef52e6c417c34e52a71dc19c992bc8c6d45bf368208db8fff400b
52dc2a3fa163bb2f96ef73c192a456f1b8b3efbf7fd2b50af4a16d2df4fc6af8
5830f6b53e1ea91abd5de97ef219269702f413575cfe0dd6149712d68d7d61eb
5bfa8a300ce6a51b3f2d52e0e23c10b73084b26c86e434b7c66211c638ce15ec
602c095d503dd416b77efd1c0c28d69e69219c404af969f26e97cf2826d04c45
6344ba60b5407714ea496dc2195e55d55a0de6446844786b976a5df387283dd2
70c8e018c66f537fd4aee50af6dddc432ac5e6ab1fb412e451e0fecfd6934b60
7356a67656e9bb1d847467ed660072975deb34343b23119bde1566bb7b085fb8
79ff1591234ea9434d7f96516781130625b1880ba4fa8eb965b278337e11f8ae
958c2ecbdd6c6708cf566ceb9b10ffd133ceef822ce81ef460db8ca29e44bcb5
9949456ce35e64ea7c9aba42d4f4e15bc062c835d288fdf4f60f7feb79286cba
be4e2bdba9e0c981f86db60fac11798607e8e66ca9da78a3937b40674ab75a65
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
ca64645c22680035acdd8149902fda928c381cafbeab0b628b5542a7323ee0e4
d9207e08553cdc8400560c9a755854babaf93b9d3abc4f6a7a35f60c2e0abec6
e247f8b32bfc8600fa6d19a43022a9220c104998612d0646e94d2c3332612246
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fda1fb640da96d01d0af5a1e96b524c5d099e8a1345edae5beef24b9d39a653c