www.rfgroup.com Open in urlscan Pro
2606:4700:20::681a:113 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://royalfidelity.com/
Effective URL:
https://www.rfgroup.com/
Submission: On August 12 via automatic, source certstream-suspicious (August 12th 2024, 8:16:50 am UTC) — Scanned from CA

Summary HTTP 34 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 1 countries across 11 domains to perform 34 HTTP transactions. The main IP is 2606:4700:20::681a:113, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.rfgroup.com.
TLS certificate: Issued by WE1 on July 24th 2024. Valid for: 3 months.

This is the only time www.rfgroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2606:4700:303... 2606:4700:3034::ac43:80f5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:20:... 2606:4700:20::681a:113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:400d:c09::61	15169 (GOOGLE) (GOOGLE)
2	173.194.207.97 173.194.207.97	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c03::5f	15169 (GOOGLE) (GOOGLE)
2	173.194.66.104 173.194.66.104	15169 (GOOGLE) (GOOGLE)
1	74.125.192.154 74.125.192.154	15169 (GOOGLE) (GOOGLE)
1 2	209.85.201.148 209.85.201.148	15169 (GOOGLE) (GOOGLE)
1	173.194.207.148 173.194.207.148	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c07::5f	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:400d:c01::8a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f003:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	74.125.192.94 74.125.192.94	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c01::5e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c19::65	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c09::9d	15169 (GOOGLE) (GOOGLE)
1 9	2a03:2880:f10... 2a03:2880:f103:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
34	16

2 2606:4700:3034::ac43:80f5 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

royalfidelity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.royalfidelity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:113 (United States)

ASN13335 (CLOUDFLARENET, US)

www.rfgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c09::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.207.97 (United States)

ASN15169 (GOOGLE, US)
PTR: qk-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c03::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.66.104 (United States)

ASN15169 (GOOGLE, US)
PTR: qo-in-f104.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.192.154 (United States)

ASN15169 (GOOGLE, US)
PTR: qn-in-f154.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.85.201.148 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: qu-in-f148.1e100.net

9010127.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.207.148 (United States)

ASN15169 (GOOGLE, US)
PTR: qk-in-f148.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c07::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c01::8a (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.192.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qn-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c01::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::65 (Washington, United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c09::9d (Morganton, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 108	7 KB
6	rfgroup.com www.rfgroup.com	115 KB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 77 9010127.fls.doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 210 stats.g.doubleclick.net — Cisco Umbrella Rank: 252	2 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	363 KB
3	google.com www.google.com — Cisco Umbrella Rank: 10 analytics.google.com — Cisco Umbrella Rank: 238	64 B
2	google.ca www.google.ca — Cisco Umbrella Rank: 9677	127 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	75 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 641 fonts.googleapis.com — Cisco Umbrella Rank: 110	8 KB
2	royalfidelity.com 2 redirects royalfidelity.com www.royalfidelity.com	1 KB
1	gstatic.com fonts.gstatic.com	48 KB
34	11

	Domain	Requested by
9	www.facebook.com	1 redirects www.rfgroup.com
6	www.rfgroup.com	www.rfgroup.com
4	www.googletagmanager.com	www.rfgroup.com www.googletagmanager.com
2	www.google.ca	www.rfgroup.com
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	9010127.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google.com	www.googletagmanager.com www.rfgroup.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	ajax.googleapis.com
1	ad.doubleclick.net	www.rfgroup.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	ajax.googleapis.com	www.rfgroup.com
1	www.royalfidelity.com	1 redirects
1	royalfidelity.com	1 redirects
34	17

This site contains no links.

Subject Issuer	Validity	Valid
rfgroup.com WE1	`2024-07-24` - `2024-10-22`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-21` - `2024-08-19`	3 months	crt.sh
*.google.ca WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.rfgroup.com/
Frame ID: 2EF99C8F101C7C55B5435183D20A5342
Requests: 33 HTTP requests in this frame

Frame: https://9010127.fls.doubleclick.net/activityi;dc_pre=CPKThOmB74cDFd60ywEdfSUPCQ;src=9010127;type=dv360;cat=rf_ba0;ord=468526813242;npa=0;auiddc=2044502815.1723450605;ps=1;pcor=1319503975;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4880v9188120879za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.rfgroup.com%2F
Frame ID: BA2EDB1458DD227048DF6348D4E0CA9B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

RF - Leading Investment Firm

Page URL History Show full URLs

https://royalfidelity.com/ HTTP 301
https://www.royalfidelity.com/ HTTP 301
https://www.rfgroup.com/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

34
Requests

97 %
HTTPS

65 %
IPv6

11
Domains

17
Subdomains

16
IPs

1
Countries

638 kB
Transfer

2111 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://royalfidelity.com/ HTTP 301
https://www.royalfidelity.com/ HTTP 301
https://www.rfgroup.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://9010127.fls.doubleclick.net/activityi;src=9010127;type=dv360;cat=rf_ba0;ord=468526813242;npa=0;auiddc=2044502815.1723450605;ps=1;pcor=1319503975;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4880v9188120879za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.rfgroup.com%2F HTTP 302
https://9010127.fls.doubleclick.net/activityi;dc_pre=CPKThOmB74cDFd60ywEdfSUPCQ;src=9010127;type=dv360;cat=rf_ba0;ord=468526813242;npa=0;auiddc=2044502815.1723450605;ps=1;pcor=1319503975;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4880v9188120879za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.rfgroup.com%2F

Request Chain 26

https://www.facebook.com/tr/?id=1041935306633544&ev=PageView&dl=https%3A%2F%2Fwww.rfgroup.com%2F&rl=&if=false&ts=1723450605755&sw=1600&sh=1200&v=2.9.164&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1723450605750.304250676907730939&cs_est=true&ler=empty&cdl=API_unavailable&it=1723450605615&coo=false&tm=1&rqm=GET HTTP 302
https://www.facebook.com/tr/?redirect=0&rqm=GET&tm=1&coo=false&it=1723450605615&cdl=API_unavailable&ler=empty&cs_est=true&fbp=fb.1.1723450605750.304250676907730939&o=4126&ec=0&a=tmSimo-GTM-WebTemplate&r=stable&v=2.9.164&sh=1200&sw=1600&ts=1723450605755&if=false&rl=&dl=https%3A%2F%2Fwww.rfgroup.com%2F&ev=PageView&id=1041935306633544

34 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.rfgroup.com/
Redirect Chain

https://royalfidelity.com/
https://www.royalfidelity.com/
https://www.rfgroup.com/

5 KB
2 KB

650ms
538ms

Document
text/html

2606:4700:20::681a:113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rfgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.37
Resource Hash: 8b725fbfb37ef4d59cd30cb2762af709e9b607a7a3de5959ea45487231776409

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: max-age=1, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8b1f06652f1baaa4-YYZ
content-encoding: gzip
content-length: 1749
content-type: text/html; charset=UTF-8
date: Mon, 12 Aug 2024 08:16:44 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AwurS760L1isKGAjMakj6m3CnjTyseHCPnjpXkrZ79t%2BkhCrqcd9K8Yb2q%2BDIHdidgStmYpZhrGr91ml5cUwiKhMVTyrK2WFxeWK5n5o%2B2V15wtbu2qQqApaeTZdtXU%2BXImaVv2moTP23zw2sA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-powered-by: PHP/5.6.37

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=300
cf-cache-status: DYNAMIC
cf-ray: 8b1f0662f99e36ae-YYZ
content-type: text/html; charset=iso-8859-1
date: Mon, 12 Aug 2024 08:16:44 GMT
expires: Mon, 12 Aug 2024 08:21:44 GMT
location: https://www.rfgroup.com/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BRIuf63nVJMt6v%2BEIhZqhz%2FNuqNIoE1Xmbc1wY%2FGTRUJdlGYRzbN1Zd8EF9TMC%2FobOrY6jkuHWNIGzWIK5%2Bnfa4mYCU5oIR6vD2XKuX1Ud%2B95VUxcKgp9IwvlykvdX9rNphPvnsAYGYezF1dCYO9KHa6sEE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 main.css
www.rfgroup.com/Themes/ThemeDefault/css/ 614 KB
87 KB 303ms
302ms Stylesheet
text/css 2606:4700:20::681a:113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rfgroup.com/Themes/ThemeDefault/css/main.css
Requested by: Host: www.rfgroup.com
URL: https://www.rfgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96fe3fd5a196f290d4ae36c1c08df7bf2f4d3215bf25a8890f9709955795dcec

Request headers

Referer: https://www.rfgroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 08:16:45 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 24 Jul 2023 14:33:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "998ea-6013c7ee64d73-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B7Usif4GWtrEun1gxaLFAoMlDWitTwJ8%2BjsWPZ1SmsYGedikhHJ4LLCX7O4JG9Y6XJd97clqSQLjni%2F0nmyBvun0TOzemz%2B6vsg9MUV79r5gfjEpw4O7az0Nn4jVn02ByfXMygJF7WXzNk5UYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 8b1f0668984daaa4-YYZ
expires: Mon, 12 Aug 2024 09:16:45 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 229 KB
83 KB 137ms
59ms Script
application/javascript 2607:f8b0:400d:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11171277238

Requested by

Host: www.rfgroup.com
URL: https://www.rfgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

37d7198f831a9f46f04fd3339cbfa4009dfc3da9deb63d2df7db56020f46d0b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.rfgroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 08:16:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84315
x-xss-protection: 0
last-modified: Mon, 12 Aug 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Aug 2024 08:16:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
77 KB 60ms
59ms Script
application/javascript 2607:f8b0:400d:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9010127

Requested by

Host: www.rfgroup.com
URL: https://www.rfgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

943010e3a52908879cb6bd75cfb525545a181fc3e3dd78138f25f7e641dca974

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.rfgroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 08:16:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78435
x-xss-protection: 0
last-modified: Mon, 12 Aug 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Aug 2024 08:16:45 GMT

GET
H2 200 landing-logo.png
www.rfgroup.com/Themes/ThemeDefault/images/ 2 KB
2 KB 265ms
265ms Image
image/png 2606:4700:20::681a:113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rfgroup.com/Themes/ThemeDefault/images/landing-logo.png
Requested by: Host: www.rfgroup.com
URL: https://www.rfgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 742a0522f0fff39b954f98740c7bd1a740fe8a10547a4f3b4fa7c1aa0f1061a1

Request headers

Referer: https://www.rfgroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 08:16:45 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 28 Jul 2020 10:10:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "91b-5ab7da7adcc00-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ofOQbEWx%2FZkP5ovyG7%2FWsgG5pPtYTHFj3STs1dCJliBAmOix1RLCJEFuDwxpUHxnN47m4PPj4l%2B7VOda3efMMtTOLWeEDg8HCGHH%2F6K0wtN6WAriZspTtuFbGrsBp259gk%2BXifbDhNL8DVJhiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8b1f0668984faaa4-YYZ
content-length: 1777
expires: Mon, 19 Aug 2024 08:16:45 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 293 KB
102 KB 64ms
63ms Script
application/javascript 173.194.207.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TT3FN4Q

Requested by

Host: www.rfgroup.com
URL: https://www.rfgroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.207.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qk-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

bd7e776f79d243287e7b24e6654e73cb0c12736f68123847fff643895a55e333

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.rfgroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 08:16:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103947
x-xss-protection: 0
last-modified: Mon, 12 Aug 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Aug 2024 08:16:45 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.5.18/ 16 KB
7 KB 115ms
38ms Script
text/javascript 2607:f8b0:400d:c03::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js

Requested by

Host: www.rfgroup.com
URL: https://www.rfgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rfgroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 20:54:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 559330
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6490
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Aug 2025 20:54:35 GMT

GET
H2 200 landing-bg.png
www.rfgroup.com/Themes/ThemeDefault/images/ 13 KB
12 KB 248ms
247ms Image
image/png 2606:4700:20::681a:113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rfgroup.com/Themes/ThemeDefault/images/landing-bg.png
Requested by: Host: www.rfgroup.com
URL: https://www.rfgroup.com/Themes/ThemeDefault/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 440cde7d77063b871e78ad95ecde130eda9d61f7879c4e989083c57179d68c14

Request headers

Referer: https://www.rfgroup.com/Themes/ThemeDefault/css/main.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 08:16:45 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 19 Mar 2019 01:18:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "327e-584684903bc00-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=POlhyWKO%2Fa%2FmhthUVPP7Ws%2FaSsk3pkdT1LUqZF4mXsQJJe1t3bdmEPR1bAPPH6AFVCANQ98cXkvnrUdxbJcr2JVhl4jRX%2FqPnC0eiwcgimk6POivYSDfmcQoXvbCG4U%2FOiFBJwuvBxlsWF8aKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8b1f066af8e4aaa4-YYZ
content-length: 11494
expires: Mon, 19 Aug 2024 08:16:45 GMT

GET
H2 200 flag-icon01.png
www.rfgroup.com/Themes/ThemeDefault/images/ 10 KB
10 KB 254ms
254ms Image
image/png 2606:4700:20::681a:113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rfgroup.com/Themes/ThemeDefault/images/flag-icon01.png
Requested by: Host: www.rfgroup.com
URL: https://www.rfgroup.com/Themes/ThemeDefault/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd2141d5f3ae98355a461f2a34832f597353f4dd54cebf2bbc2714ded11d29a4

Request headers

Referer: https://www.rfgroup.com/Themes/ThemeDefault/css/main.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 08:16:45 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 20 Jun 2019 16:58:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2987-58bc441012c00-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RuRIZboj%2FHCtSo5HVhklNFVfHAIDckfPMTOf3LI3qAqTOcUZYPaSOezZCBw7p3gld7PviY9imsenykBT4I%2FzE4JwBn18ENuq5RDhrYGJDiooucWrRSmRLuYDx4o%2FZ%2FPKo9kBv%2BrJsil5k319Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8b1f066af8e5aaa4-YYZ
content-length: 10399
expires: Mon, 19 Aug 2024 08:16:45 GMT

POST
H3 200 collect
www.google.com/ccm/ 0
0 127ms
50ms Ping
text/html 173.194.66.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.rfgroup.com%2F&frm=0&rnd=1375116911.1723450605&auid=2044502815.1723450605&npa=0&gtm=45be4880za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&tft=1723450605308&tfd=1720&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11171277238
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 173.194.66.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: qo-in-f104.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.rfgroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11171277238/ 3 KB
1 KB 124ms
49ms Script
text/javascript 74.125.192.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11171277238/?random=1723450605302&cv=11&fst=1723450605302&bg=ffffff&guid=ON&async=1&gtm=45be4880za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.rfgroup.com%2F&hn=www.googleadservices.com&frm=0&tiba=RF%20-%20Leading%20Investment%20Firm&npa=0&pscdl=noapi&auid=2044502815.1723450605&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11171277238

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.192.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qn-in-f154.1e100.net

Software

cafe /

Resource Hash

2abe01131aa6af11d24804fa6ce37b10fd3e992368851c89220068e5bead75ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rfgroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Aug 2024 08:16:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1361
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CPKThOmB74cDFd60ywEdfSUPCQ;src=9010127;type=dv360;cat=rf_ba0;ord=468526813242;npa=0;auiddc=2044502815.1723450605;ps=1;pcor=1319503975;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;...
9010127.fls.doubleclick.net/ Frame BA2E
Redirect Chain

https://9010127.fls.doubleclick.net/activityi;src=9010127;type=dv360;cat=rf_ba0;ord=468526813242;npa=0;auiddc=2044502815.1723450605;ps=1;pcor=1319503975;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=...
https://9010127.fls.doubleclick.net/activityi;dc_pre=CPKThOmB74cDFd60ywEdfSUPCQ;src=9010127;type=dv360;cat=rf_ba0;ord=468526813242;npa=0;auiddc=2044502815.1723450605;ps=1;pcor=1319503975;uaa=;uab=;...

0
0

54ms
52ms

Document
text/html

209.85.201.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9010127.fls.doubleclick.net/activityi;dc_pre=CPKThOmB74cDFd60ywEdfSUPCQ;src=9010127;type=dv360;cat=rf_ba0;ord=468526813242;npa=0;auiddc=2044502815.1723450605;ps=1;pcor=1319503975;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4880v9188120879za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.rfgroup.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-9010127

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.201.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f148.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rfgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 321
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Aug 2024 08:16:45 GMT
expires: Mon, 12 Aug 2024 08:16:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Aug 2024 08:16:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9010127.fls.doubleclick.net/activityi;dc_pre=CPKThOmB74cDFd60ywEdfSUPCQ;src=9010127;type=dv360;cat=rf_ba0;ord=468526813242;npa=0;auiddc=2044502815.1723450605;ps=1;pcor=1319503975;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4880v9188120879za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.rfgroup.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=9010127;type=dv360;cat=rf_ba0;ord=468526813242;npa=0;auiddc=2044502815.1723450605;ps=1;pcor=1319503975;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;f...
ad.doubleclick.net/ 0
23 B 142ms
100ms Image
image/png 173.194.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=9010127;type=dv360;cat=rf_ba0;ord=468526813242;npa=0;auiddc=2044502815.1723450605;ps=1;pcor=1319503975;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4880v9188120879za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.rfgroup.com%2F?

Requested by

Host: www.rfgroup.com
URL: https://www.rfgroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.207.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qk-in-f148.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rfgroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Aug 2024 08:16:45 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"18318847709754236335"}],"aggregatable_trigger_data":[{"filters":[{"14":["14428315"]}],"key_piece":"0x8d26b1dea7135ef3","source_keys":["12","13","14","15","16","17","18","19","20","21","628482872","628482873","628482874","628482875","634763888","634763889","634763890","634763891","634994288","634994289","634994290","634994291"]},{"key_piece":"0x160359ebb8fd9a29","not_filters":{"14":["14428315"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","628482872","628482873","628482874","628482875","634763888","634763889","634763890","634763891","634994288","634994289","634994290","634994291"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628482872":65,"628482873":65,"628482874":65,"628482875":6356,"634763888":655,"634763889":655,"634763890":655,"634763891":63569,"634994288":65,"634994289":65,"634994290":65,"634994291":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"13000741939727154627","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"18318847709754236335","filters":[{"14":["14428315"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"18318847709754236335","filters":[{"14":["14428315"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"18318847709754236335","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"18318847709754236335","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["9010127"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1012 B 124ms
48ms Stylesheet
text/css 2607:f8b0:400d:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:300,400,700

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c07::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2168f4508dede8adee3a42ec6c0b26d2d8e50409f366eaa0fe0ffe8444f00b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.rfgroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Aug 2024 08:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 12 Aug 2024 08:16:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Aug 2024 08:16:45 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 308 KB
102 KB 61ms
61ms Script
application/javascript 173.194.207.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DKL3B451QY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TT3FN4Q

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.207.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qk-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

73b79047ef4f3ccf4656e9c4dd3e5bd720da19e134b48d5fe0b2997ba1cc352d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.rfgroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 08:16:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104395
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 12 Aug 2024 08:16:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 116ms
37ms Script
text/javascript 2607:f8b0:400d:c01::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TT3FN4Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::8a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rfgroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Aug 2024 06:46:45 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5400
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 12 Aug 2024 08:46:45 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
60 KB 93ms
31ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TT3FN4Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.rfgroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 12 Aug 2024 08:16:45 GMT
document-policy: force-load-at-top
x-fb-server-load: 33
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58865
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=12, mss=1297, tbw=2780, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: z07yicOd4A8MG+2VhSkvdab6JJeZjC3UhzTS7EnWIfzfCjFMIT0FzHfi1WAiTJvAHRRIBWHws78cqbJgORSKQg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/11171277238/ 42 B
64 B 42ms
41ms Image
image/gif 173.194.66.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11171277238/?random=1723450605302&cv=11&fst=1723449600000&bg=ffffff&guid=ON&async=1&gtm=45be4880za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.rfgroup.com%2F&hn=www.googleadservices.com&frm=0&tiba=RF%20-%20Leading%20Investment%20Firm&npa=0&pscdl=noapi&auid=2044502815.1723450605&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfkdybX19W3ftaegCuAHrCazS1Bv3Deg&random=3135921978&rmt_tld=0&ipr=y

Requested by

Host: www.rfgroup.com
URL: https://www.rfgroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.66.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qo-in-f104.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rfgroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Aug 2024 08:16:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/11171277238/ 42 B
64 B 85ms
42ms Image
image/gif 74.125.192.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/11171277238/?random=1723450605302&cv=11&fst=1723449600000&bg=ffffff&guid=ON&async=1&gtm=45be4880za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.rfgroup.com%2F&hn=www.googleadservices.com&frm=0&tiba=RF%20-%20Leading%20Investment%20Firm&npa=0&pscdl=noapi&auid=2044502815.1723450605&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfkdybX19W3ftaegCuAHrCazS1Bv3Deg&random=3135921978&rmt_tld=1&ipr=y

Requested by

Host: www.rfgroup.com
URL: https://www.rfgroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.192.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qn-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rfgroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Aug 2024 08:16:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v34/ 47 KB
48 KB 121ms
38ms Font
font/woff2 2607:f8b0:400d:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rfgroup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 02:39:39 GMT
x-content-type-options: nosniff
age: 538626
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48336
x-xss-protection: 0
last-modified: Wed, 01 May 2024 20:31:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Aug 2025 02:39:39 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
0 105ms
39ms Fetch
text/plain 2607:f8b0:4004:c19::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-DKL3B451QY&gtm=45je4880v872879905z8832405747za200zb832405747&_p=1723450605253&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=697919626.1723450606&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723450605&sct=1&seg=0&dl=https%3A%2F%2Fwww.rfgroup.com%2F&dt=RF%20-%20Leading%20Investment%20Firm&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1953
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DKL3B451QY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c19::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.rfgroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Aug 2024 08:16:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rfgroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
245 B 116ms
37ms Ping
text/plain 2607:f8b0:400d:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DKL3B451QY&cid=697919626.1723450606&gtm=45je4880v872879905z8832405747za200zb832405747&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DKL3B451QY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c09::9d Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.rfgroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Aug 2024 08:16:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rfgroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 45ms
45ms Image
image/gif 74.125.192.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DKL3B451QY&cid=697919626.1723450606&gtm=45je4880v872879905z8832405747za200zb832405747&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=0&tag_exp=0&z=1589791083

Requested by

Host: www.rfgroup.com
URL: https://www.rfgroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.192.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qn-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rfgroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Aug 2024 08:16:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
208 B 38ms
37ms XHR
text/plain 2607:f8b0:400d:c01::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=2124003624&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rfgroup.com%2F&ul=en-ca&de=UTF-8&dt=RF%20-%20Leading%20Investment%20Firm&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1277638412&gjid=1809483186&cid=697919626.1723450606&tid=UA-15775414-17&_gid=821645354.1723450606&_r=1&_slc=1&gtm=45He4880n81TT3FN4Qv832405747za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=469302579

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::8a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rfgroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Aug 2024 08:16:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rfgroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1041935306633544 Show response
connect.facebook.net/signals/config/ 74 KB
15 KB 113ms
112ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1041935306633544?v=2.9.164&r=stable&domain=www.rfgroup.com&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d3e7a270b64eec03e9628707349e38523ba7eba91ac976ad69b750f4c9922742

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.rfgroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 12 Aug 2024 08:16:45 GMT
document-policy: force-load-at-top
x-fb-server-load: 34
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=65, mss=1297, tbw=64394, tp=-1, tpl=-1, uplat=81, ullat=0
pragma: public
x-fb-debug: oA8FyMzJbRWgJUyRIL/ghqd9VIkcgzTfoBonTAbaWOZGMp2YLLuXrqfsD+J1wEikkxLqUzxA+s3o1U/ST/TIFQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 96ms
31ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1041935306633544&ev=ViewContent&dl=https%3A%2F%2Fwww.rfgroup.com%2F&rl=&if=false&ts=1723450605754&sw=1600&sh=1200&v=2.9.164&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.1.1723450605750.304250676907730939&cs_est=true&est_source=193942879346383&ler=empty&cdl=API_unavailable&it=1723450605615&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.rfgroup.com
URL: https://www.rfgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.rfgroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=10, mss=1297, tbw=2880, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Aug 2024 08:16:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
854 B 194ms
129ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1041935306633544&ev=ViewContent&dl=https%3A%2F%2Fwww.rfgroup.com%2F&rl=&if=false&ts=1723450605754&sw=1600&sh=1200&v=2.9.164&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.1.1723450605750.304250676907730939&cs_est=true&est_source=193942879346383&ler=empty&cdl=API_unavailable&it=1723450605615&coo=false&es=automatic&tm=3&rqm=FGET

Requested by

Host: www.rfgroup.com
URL: https://www.rfgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.rfgroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xa0cf10faf2a91f85","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["14:5234476983279439","14:4429606930409467","7834:5234476983279439","7834:4429606930409467","564:5234476983279439","564:4429606930409467","10196:5234476983279439","10196:4429606930409467","10853:5234476983279439","10853:4429606930409467","31:5234476983279439","31:4429606930409467","8053:5234476983279439","8053:4429606930409467","617:5234476983279439","617:4429606930409467"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Mon, 12 Aug 2024 08:16:45 GMT
x-fb-server-load: 30
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402163985893492289", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=14, mss=1297, tbw=8723, tp=-1, tpl=-1, uplat=100, ullat=0
pragma: no-cache
x-fb-debug: kUU+a4QShlyX5V3UkATKbSMxBwjalZzPf+41uHlSG1Zm82+HbCM44cBPTz8yVeV3cNMAX2//jGe3oLXjPlyjeQ==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402163985893492289"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/
www.facebook.com/tr/
Redirect Chain

https://www.facebook.com/tr/?id=1041935306633544&ev=PageView&dl=https%3A%2F%2Fwww.rfgroup.com%2F&rl=&if=false&ts=1723450605755&sw=1600&sh=1200&v=2.9.164&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=412...
https://www.facebook.com/tr/?redirect=0&rqm=GET&tm=1&coo=false&it=1723450605615&cdl=API_unavailable&ler=empty&cs_est=true&fbp=fb.1.1723450605750.304250676907730939&o=4126&ec=0&a=tmSimo-GTM-WebTempl...

0
102 B

30ms
30ms

Image
text/plain

2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?redirect=0&rqm=GET&tm=1&coo=false&it=1723450605615&cdl=API_unavailable&ler=empty&cs_est=true&fbp=fb.1.1723450605750.304250676907730939&o=4126&ec=0&a=tmSimo-GTM-WebTemplate&r=stable&v=2.9.164&sh=1200&sw=1600&ts=1723450605755&if=false&rl=&dl=https%3A%2F%2Fwww.rfgroup.com%2F&ev=PageView&id=1041935306633544

Requested by

Host: www.rfgroup.com
URL: https://www.rfgroup.com/

Protocol

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.rfgroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=14, mss=1297, tbw=3903, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Aug 2024 08:16:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Redirect headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=10, mss=1297, tbw=2880, tp=-1, tpl=-1, uplat=1, ullat=0
pragma: no-cache
date: Mon, 12 Aug 2024 08:16:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
content-type: text/plain
location: /tr/?redirect=0&rqm=GET&tm=1&coo=false&it=1723450605615&cdl=API_unavailable&ler=empty&cs_est=true&fbp=fb.1.1723450605750.304250676907730939&o=4126&ec=0&a=tmSimo-GTM-WebTemplate&r=stable&v=2.9.164&sh=1200&sw=1600&ts=1723450605755&if=false&rl=&dl=https%3A%2F%2Fwww.rfgroup.com%2F&ev=PageView&id=1041935306633544
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
852 B 196ms
132ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1041935306633544&ev=PageView&dl=https%3A%2F%2Fwww.rfgroup.com%2F&rl=&if=false&ts=1723450605755&sw=1600&sh=1200&v=2.9.164&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1723450605750.304250676907730939&cs_est=true&ler=empty&cdl=API_unavailable&it=1723450605615&coo=false&tm=1&rqm=FGET

Requested by

Host: www.rfgroup.com
URL: https://www.rfgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.rfgroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Mon, 12 Aug 2024 08:16:45 GMT
document-policy: force-load-at-top
x-fb-server-load: 29
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402163984789488392", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=14, mss=1297, tbw=9599, tp=-1, tpl=-1, uplat=102, ullat=0
pragma: no-cache
x-fb-debug: zGxrVFg6sdMH1q8dpTml/tvF8x/RyU2YfNO3FckI7Y6hAv8TLo9o9cP3nKSyzBM2o3v6gE4sSW7jNDTUN6aZ1w==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402163984789488392"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 94ms
30ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1041935306633544&ev=ViewContent&dl=https%3A%2F%2Fwww.rfgroup.com%2F&rl=&if=false&ts=1723450605758&sw=1600&sh=1200&v=2.9.164&r=stable&a=tmgoogletagmanager&ec=3&o=4126&fbp=fb.1.1723450605750.304250676907730939&cs_est=true&est_source=193942879346383&ler=empty&cdl=API_unavailable&it=1723450605615&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.rfgroup.com
URL: https://www.rfgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.rfgroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=10, mss=1297, tbw=2880, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Aug 2024 08:16:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 192ms
128ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1041935306633544&ev=ViewContent&dl=https%3A%2F%2Fwww.rfgroup.com%2F&rl=&if=false&ts=1723450605758&sw=1600&sh=1200&v=2.9.164&r=stable&a=tmgoogletagmanager&ec=3&o=4126&fbp=fb.1.1723450605750.304250676907730939&cs_est=true&est_source=193942879346383&ler=empty&cdl=API_unavailable&it=1723450605615&coo=false&es=automatic&tm=3&rqm=FGET

Requested by

Host: www.rfgroup.com
URL: https://www.rfgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.rfgroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xa0cf10faf2a91f85","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["14:5234476983279439","14:4429606930409467","7834:5234476983279439","7834:4429606930409467","564:5234476983279439","564:4429606930409467","10196:5234476983279439","10196:4429606930409467","10853:5234476983279439","10853:4429606930409467","31:5234476983279439","31:4429606930409467","8053:5234476983279439","8053:4429606930409467","617:5234476983279439","617:4429606930409467"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Mon, 12 Aug 2024 08:16:45 GMT
x-fb-server-load: 20
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402163985731644900", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=14, mss=1297, tbw=4049, tp=-1, tpl=-1, uplat=97, ullat=0
pragma: no-cache
x-fb-debug: oXCWfjQ6aFI4L3/Ag244YV5edgqZ8mb6w3RXrLLRMkyEF2koUHr0kwsIOMaUXeI+Bw9f//hWbOF5J4vkQBOwLQ==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402163985731644900"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 31ms
29ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1041935306633544&ev=PageView&dl=https%3A%2F%2Fwww.rfgroup.com%2F&rl=&if=false&ts=1723450605758&sw=1600&sh=1200&v=2.9.164&r=stable&a=tmgoogletagmanager&ec=2&o=4126&fbp=fb.1.1723450605750.304250676907730939&cs_est=true&ler=empty&cdl=API_unavailable&it=1723450605615&coo=false&rqm=GET

Requested by

Host: www.rfgroup.com
URL: https://www.rfgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.rfgroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=14, mss=1297, tbw=3756, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Aug 2024 08:16:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
852 B 98ms
97ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1041935306633544&ev=PageView&dl=https%3A%2F%2Fwww.rfgroup.com%2F&rl=&if=false&ts=1723450605758&sw=1600&sh=1200&v=2.9.164&r=stable&a=tmgoogletagmanager&ec=2&o=4126&fbp=fb.1.1723450605750.304250676907730939&cs_est=true&ler=empty&cdl=API_unavailable&it=1723450605615&coo=false&rqm=FGET

Requested by

Host: www.rfgroup.com
URL: https://www.rfgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.rfgroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Mon, 12 Aug 2024 08:16:45 GMT
document-policy: force-load-at-top
x-fb-server-load: 23
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402163986374413280", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=14, mss=1297, tbw=7849, tp=-1, tpl=-1, uplat=66, ullat=0
pragma: no-cache
x-fb-debug: znZ/tjlckLN6okjpdu8WhyaCIOKTcBkSsz/sD+t8AWZVfT6MC+jwo2nXnZUQmhyK3IeS/lrLNqO06vkH14YZxA==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402163986374413280"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 favicon.ico
www.rfgroup.com/Themes/ThemeDefault/images/ 1 KB
978 B 39ms
38ms Other
image/x-icon 2606:4700:20::681a:113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rfgroup.com/Themes/ThemeDefault/images/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d671aba63acafa3a40951d1bbf235f2bfc0232ea2f6543035d7acd0ac8f240b9

Request headers

Referer: https://www.rfgroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 08:16:46 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 237609
content-length: 578
last-modified: Tue, 19 Mar 2019 01:18:36 GMT
server: cloudflare
etag: "47e-5846848c6b300-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GTIGwPmDdbZ25o2xE3nNCf0fxUbXlBUcfSnJkEPHDM0gIfulv1LrZoUSoMBer7jysReDZPX1CXmhsABAjY1l6vfkTrtZPVnokWXzWsqOA0NeNQJm%2FXQ1wX96uLkv0gzeGaEPpHZ5X%2BKMli3qkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8b1f066f6a16aaa4-YYZ
expires: Sun, 08 Sep 2024 14:16:37 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.rfgroup.com/	1970-01-20 22:44:17	Name: atf_csrf_cookie_rfd Value: 0f64ecb0385897baddcaec99647f093b
www.rfgroup.com/	1970-01-20 22:44:17	Name: atf_session Value: 002e031cb4c7d6c9423638ea78f7de537bf13588
www.rfgroup.com/	1969-12-31 23:59:59	Name: LANDINGPAGE Value: YES
.rfgroup.com/	1970-01-21 00:53:46	Name: _gcl_au Value: 1.1.2044502815.1723450605
.doubleclick.net/	1970-01-20 23:27:22	Name: ar_debug Value: 1
.rfgroup.com/	1970-01-21 08:20:10	Name: _ga_DKL3B451QY Value: GS1.1.1723450605.1.0.1723450605.60.0.0
.doubleclick.net/	1970-01-21 08:20:10	Name: IDE Value: AHWqTUlvb6L_WtR7Fs7HXcJIDGaAWyl1hsLMpwcXurMgeoPjvl08Ba3S2u7mmBgJMiw
.doubleclick.net/	1970-01-21 03:03:22	Name: receive-cookie-deprecation Value: 1
.rfgroup.com/	1970-01-21 08:20:10	Name: _ga Value: GA1.2.697919626.1723450606
.rfgroup.com/	1970-01-20 22:45:37	Name: _gid Value: GA1.2.821645354.1723450606
.rfgroup.com/	1970-01-20 22:44:10	Name: _gat_UA-15775414-17 Value: 1
.rfgroup.com/	1970-01-21 00:53:46	Name: _fbp Value: fb.1.1723450605750.304250676907730939
.facebook.com/	1970-01-21 00:53:46	Name: fr Value: 0HMv1VyOMErhLmQll..BmucTt...1.0.BmucTt.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9010127.fls.doubleclick.net
ad.doubleclick.net
ajax.googleapis.com
analytics.google.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
royalfidelity.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.rfgroup.com
www.royalfidelity.com
173.194.207.148
173.194.207.97
173.194.66.104
209.85.201.148
2606:4700:20::681a:113
2606:4700:3034::ac43:80f5
2607:f8b0:4004:c19::65
2607:f8b0:400d:c01::5e
2607:f8b0:400d:c01::8a
2607:f8b0:400d:c03::5f
2607:f8b0:400d:c07::5f
2607:f8b0:400d:c09::61
2607:f8b0:400d:c09::9d
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
74.125.192.154
74.125.192.94
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2168f4508dede8adee3a42ec6c0b26d2d8e50409f366eaa0fe0ffe8444f00b08
2abe01131aa6af11d24804fa6ce37b10fd3e992368851c89220068e5bead75ef
37d7198f831a9f46f04fd3339cbfa4009dfc3da9deb63d2df7db56020f46d0b7
440cde7d77063b871e78ad95ecde130eda9d61f7879c4e989083c57179d68c14
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
73b79047ef4f3ccf4656e9c4dd3e5bd720da19e134b48d5fe0b2997ba1cc352d
742a0522f0fff39b954f98740c7bd1a740fe8a10547a4f3b4fa7c1aa0f1061a1
8b725fbfb37ef4d59cd30cb2762af709e9b607a7a3de5959ea45487231776409
943010e3a52908879cb6bd75cfb525545a181fc3e3dd78138f25f7e641dca974
96fe3fd5a196f290d4ae36c1c08df7bf2f4d3215bf25a8890f9709955795dcec
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
bd7e776f79d243287e7b24e6654e73cb0c12736f68123847fff643895a55e333
cd2141d5f3ae98355a461f2a34832f597353f4dd54cebf2bbc2714ded11d29a4
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
d3e7a270b64eec03e9628707349e38523ba7eba91ac976ad69b750f4c9922742
d671aba63acafa3a40951d1bbf235f2bfc0232ea2f6543035d7acd0ac8f240b9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

www.rfgroup.com Open in urlscan Pro 2606:4700:20::681a:113 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

34 Requests

97 %HTTPS

65 %IPv6

11 Domains

17 Subdomains

16 IPs

1 Countries

638 kBTransfer

2111 kBSize

13 Cookies

0 Outgoing links

Page URL History

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.rfgroup.com Open in urlscan Pro
2606:4700:20::681a:113 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

97 %
HTTPS

65 %
IPv6

11
Domains

17
Subdomains

16
IPs

1
Countries

638 kB
Transfer

2111 kB
Size

13
Cookies

34 HTTP transactions
0 data transactions