payment.rafigroup.com Open in urlscan Pro
2a02:4780:b:1205:0:2143:495e:2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://payment.rafigroup.com/
Submission: On July 17 via automatic, source certstream-suspicious (July 17th 2024, 8:59:53 pm UTC) — Scanned from DE

Summary HTTP 79 Redirects Links 41 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 15 domains to perform 79 HTTP transactions. The main IP is 2a02:4780:b:1205:0:2143:495e:2, located in Phoenix, United States and belongs to AS-HOSTINGER, CY. The main domain is payment.rafigroup.com.
TLS certificate: Issued by R11 on July 17th 2024. Valid for: 3 months.

This is the only time payment.rafigroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
52	2a02:4780:b:1... 2a02:4780:b:1205:0:2143:495e:2	47583 (AS-HOSTINGER) (AS-HOSTINGER)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:20:... 2606:4700:20::681a:66c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	93.184.221.165 93.184.221.165	15133 (EDGECAST) (EDGECAST)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
79	16

52 2a02:4780:b:1205:0:2143:495e:2 (Phoenix, United States)

ASN47583 (AS-HOSTINGER, CY)

payment.rafigroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rafigroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:66c (United States)

ASN13335 (CLOUDFLARENET, US)

tracker.metricool.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.184.221.165 (London, United Kingdom)

ASN15133 (EDGECAST, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	rafigroup.com payment.rafigroup.com rafigroup.com	1007 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	468 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6716	126 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 252	312 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3773
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	74 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 1356	395 B
1	t.co t.co — Cisco Umbrella Rank: 979	376 B
1	metricool.com tracker.metricool.com — Cisco Umbrella Rank: 36727	658 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1253	15 KB
1	gstatic.com fonts.gstatic.com	31 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1211	82 KB
79	15

	Domain	Requested by
50	payment.rafigroup.com	payment.rafigroup.com
5	www.googletagmanager.com	payment.rafigroup.com www.googletagmanager.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.facebook.com	payment.rafigroup.com
2	www.google.de	payment.rafigroup.com
2	stats.g.doubleclick.net	www.googletagmanager.com
2	region1.analytics.google.com	www.googletagmanager.com
2	connect.facebook.net	payment.rafigroup.com connect.facebook.net
2	rafigroup.com	payment.rafigroup.com
2	fonts.googleapis.com	payment.rafigroup.com
1	analytics.twitter.com	payment.rafigroup.com
1	t.co	payment.rafigroup.com
1	tracker.metricool.com	payment.rafigroup.com
1	static.ads-twitter.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	code.jquery.com	payment.rafigroup.com
79	16

This site contains links to these domains. Also see Links.

Domain
rafigroup.com
virtualtour.rafigroup.com
online.rafigroup.com
jinnahrafifoundation.com
play.google.com
apps.apple.com
goo.gl
www.connect-sol.com
twitter.com
www.facebook.com
www.youtube.com
www.instagram.com

Subject Issuer	Validity	Valid
payment.rafigroup.com R11	`2024-07-17` - `2024-10-15`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
rafigroup.com R10	`2024-07-17` - `2024-10-15`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-26` - `2024-07-25`	3 months	crt.sh
metricool.com GTS CA 1P5	`2024-06-04` - `2024-09-02`	3 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-08` - `2025-05-07`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.google.de WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://payment.rafigroup.com/
Frame ID: 1C5608DDF8C03286A594420C0300D959
Requests: 80 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rafi Group Online Payment

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

79
Requests

99 %
HTTPS

80 %
IPv6

15
Domains

16
Subdomains

16
IPs

4
Countries

1736 kB
Transfer

5471 kB
Size

11
Cookies

41 Outgoing links

These are links going to different origins than the main page.

URL: https://rafigroup.com/wp-content/uploads/2021/12/Rafi-Reward-Page-09-09.pdf
Title: Rafi Rewards

Search URL Search Domain Scan URL

URL: https://rafigroup.com/customer-feedback
Title: Customer Feedback

Search URL Search Domain Scan URL

URL: https://rafigroup.com/customer-testimonials/
Title: Customer Testimonials

Search URL Search Domain Scan URL

URL: https://virtualtour.rafigroup.com/
Title: Virtual Tour

Search URL Search Domain Scan URL

URL: https://rafigroup.com/dealers-registration
Title: Dealers Registration

Search URL Search Domain Scan URL

URL: https://online.rafigroup.com/Account/CustomerSignup
Title: Online Booking

Search URL Search Domain Scan URL

URL: https://rafigroup.com/

Search URL Search Domain Scan URL

URL: https://rafigroup.com/corporate/
Title: Corporate

Search URL Search Domain Scan URL

URL: https://rafigroup.com/mission-and-vision/
Title: MISSION AND VISION

Search URL Search Domain Scan URL

URL: https://rafigroup.com/why-invest-in-gwadar/
Title: Why invest in Gwadar

Search URL Search Domain Scan URL

URL: https://rafigroup.com/green-palms-gwadar/
Title: Project Details

Search URL Search Domain Scan URL

URL: https://rafigroup.com/gphp-noc-details/
Title: GPHP NOC DETAILS

Search URL Search Domain Scan URL

URL: https://rafigroup.com/green-palms-gwadar-development-images/
Title: Development Images

Search URL Search Domain Scan URL

URL: https://rafigroup.com/green-palms-gwadar-development-video/
Title: Development Videos

Search URL Search Domain Scan URL

URL: https://rafigroup.com/overseas-district/
Title: Overseas District

Search URL Search Domain Scan URL

URL: https://rafigroup.com/green-palms-lahore/
Title: Green Palms Lahore

Search URL Search Domain Scan URL

URL: https://rafigroup.com/delivered-projects/
Title: Delivered Projects

Search URL Search Domain Scan URL

URL: https://jinnahrafifoundation.com/
Title: Jinnah Rafi Foundation

Search URL Search Domain Scan URL

URL: https://rafigroup.com/contact/
Title: Contact

Search URL Search Domain Scan URL

URL: https://online.rafigroup.com/Account/CustomerSignup?_gl=1*ogizes*_gcl_au*MTczMjkzNzQ0LjE2OTI2MTg1Mjc.*_ga*NjY1Nzc2NTc2LjE2OTI2MTg1Mjc.*_ga_VF47MLXHCP*MTY5MzI4Mzg2Mi4xOC4xLjE2OTMyODQ0NjguNjAuMC4w&_ga=2.48729315.496617877.1693116512-665776576.1692618527
Title: Online Booking

Search URL Search Domain Scan URL

URL: https://rafigroup.com/blog
Title: Blog

Search URL Search Domain Scan URL

URL: https://rafigroup.com/news-letter
Title: Newsletter

Search URL Search Domain Scan URL

URL: https://rafigroup.com/media-center/
Title: Media Center

Search URL Search Domain Scan URL

URL: https://rafigroup.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=rafigroup.onlineportal

Search URL Search Domain Scan URL

URL: https://apps.apple.com/sa/app/rafi-group/id6446877680

Search URL Search Domain Scan URL

URL: https://rafigroup.com/faqs/
Title: FAQ’s

Search URL Search Domain Scan URL

URL: https://rafigroup.com/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://rafigroup.com/contact
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/vmmv9Ecej6aWKPVC9
Title: Empire Center, 9-K, Main Boulevard Gulberg II, Lahore Pakistan.

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/8TG8hhKb3yPPVYvY6
Title: 2nd floor, Redco Plaza, Jinnah Avenue, Blue Area, Islamabad.

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/VNQHLRPhDooLEfRE9
Title: Plot # 14-E, 1st Floor, Street # 26 Tauheed Commercial Area, Phase V, DHA, Karachi Pakistan.

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/1YA5gq3ZpyMn7nvt7
Title: Main Airport Road, Adjacent to Coast Guard Gwadar Pakistan.

Search URL Search Domain Scan URL

URL: https://www.connect-sol.com/
Title: Powered by Connect Solutions

Search URL Search Domain Scan URL

URL: https://twitter.com/Greenpalmspk

Search URL Search Domain Scan URL

URL: https://www.facebook.com/GreenPalmsGwadarPK/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCfFtWKBCLBbYCARLTXvbwCg

Search URL Search Domain Scan URL

URL: https://www.instagram.com/greenpalmshousing/

Search URL Search Domain Scan URL

URL: https://rafigroup.com/careers/
Title: Careers

Search URL Search Domain Scan URL

URL: https://rafigroup.com/customer-feedback/
Title: Customer Feedback

Search URL Search Domain Scan URL

URL: https://www.facebook.com/GreenPalmsHousing/
Title: Facebook

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

79 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
payment.rafigroup.com/ 224 KB
60 KB 518ms
208ms Document
text/html 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/7.4.33

Resource Hash

6b4f09108e55a4b10b8df25b749ed66d372a7ce91c7beb9b89d5914a3043fa39

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Wed, 17 Jul 2024 20:59:48 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://payment.rafigroup.com/wp-json/>; rel="https://api.w.org/" <https://payment.rafigroup.com/wp-json/wp/v2/pages/6187>; rel="alternate"; type="application/json" <https://payment.rafigroup.com/>; rel=shortlink
platform: hostinger
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 main.css
payment.rafigroup.com/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/css/ 2 KB
645 B 280ms
277ms Stylesheet
text/css 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/css/main.css?ver=4.3

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

67101d080092b55300df8f248ce62f05655d7bedce24c3cfa1959ee08ad81bf6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:48 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 31 May 2024 06:13:16 GMT
server: LiteSpeed
etag: "60c-66596a7c-62545f8928c7e785;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
platform: hostinger
content-length: 506
expires: Fri, 16 Aug 2024 20:59:48 GMT

GET
H2 200 dashicons.min.css
payment.rafigroup.com/wp-includes/css/ 58 KB
34 KB 279ms
278ms Stylesheet
text/css 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-includes/css/dashicons.min.css?ver=6.3.1

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:48 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 15 Sep 2023 07:22:37 GMT
server: LiteSpeed
etag: "e688-6504063d-7a54110f7e86ced0;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
platform: hostinger
content-length: 35099
expires: Fri, 16 Aug 2024 20:59:48 GMT

GET
H2 200 extra.min.css
payment.rafigroup.com/wp-content/plugins/menu-icons/css/ 815 B
355 B 279ms
278ms Stylesheet
text/css 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/plugins/menu-icons/css/extra.min.css?ver=0.13.14

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

968ab8ae6f33119ee267a11ce60920934e0d5e9d4714a3eb6b47cb9f05e42a0f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:48 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 31 May 2024 06:15:01 GMT
server: LiteSpeed
etag: "32f-66596ae5-eec8e5610d48059;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
platform: hostinger
content-length: 271
expires: Fri, 16 Aug 2024 20:59:48 GMT

GET
H2 200 style.min.css
payment.rafigroup.com/wp-includes/css/dist/block-library/ 102 KB
12 KB 280ms
279ms Stylesheet
text/css 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.1

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:48 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 15 Sep 2023 07:22:37 GMT
server: LiteSpeed
etag: "19824-6504063d-beec0b80ab10fa21;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
platform: hostinger
content-length: 12669
expires: Fri, 16 Aug 2024 20:59:48 GMT

GET
H2 200 style.min.css
payment.rafigroup.com/wp-content/plugins/float-menu/public/assets/css/ 10 KB
2 KB 280ms
279ms Stylesheet
text/css 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/plugins/float-menu/public/assets/css/style.min.css?ver=6.0.1

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

0825523d245d840358bb742b169bd651e496fe56443a0bae4eef680816bd55d4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:48 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 31 May 2024 06:13:20 GMT
server: LiteSpeed
etag: "262f-66596a80-94f38bd73eeeb91b;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
platform: hostinger
content-length: 2007
expires: Fri, 16 Aug 2024 20:59:48 GMT

GET
H2 200 all.min.css
payment.rafigroup.com/wp-content/plugins/float-menu//vendors/fontawesome/css/ 100 KB
21 KB 282ms
281ms Stylesheet
text/css 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/plugins/float-menu//vendors/fontawesome/css/all.min.css?ver=6.5.1

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:48 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 31 May 2024 06:13:20 GMT
server: LiteSpeed
etag: "190f1-66596a80-2f46a9653f09d5df;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
platform: hostinger
content-length: 21702
expires: Fri, 16 Aug 2024 20:59:48 GMT

GET
H2 200 style.css
payment.rafigroup.com/wp-content/plugins/salient-social/css/ 19 KB
3 KB 281ms
280ms Stylesheet
text/css 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/plugins/salient-social/css/style.css?ver=1.1

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

3cb89230f6f93e48595a2876e5678e4c5d6d2a50c96f7ac8500c52bb9eadccaa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:48 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 24 Sep 2021 21:07:56 GMT
server: LiteSpeed
etag: "4b17-614e3e2c-9c9c779f9f42b85d;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
platform: hostinger
content-length: 2927
expires: Fri, 16 Aug 2024 20:59:48 GMT

GET
H2 200 font-awesome.min.css
payment.rafigroup.com/wp-content/themes/salient/css/ 51 KB
9 KB 281ms
280ms Stylesheet
text/css 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/themes/salient/css/font-awesome.min.css?ver=4.6.4

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

f8214d5a3bfa62a210a1173a5baf9d9e2eb3da26f6333a058109ee5018617674

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:48 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 24 Sep 2021 21:07:56 GMT
server: LiteSpeed
etag: "ccc9-614e3e2c-e4c955b3a43ba6f5;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
platform: hostinger
content-length: 9608
expires: Fri, 16 Aug 2024 20:59:48 GMT

GET
H2 200 grid-system.css
payment.rafigroup.com/wp-content/themes/salient/css/ 69 KB
6 KB 281ms
280ms Stylesheet
text/css 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/themes/salient/css/grid-system.css?ver=12.1.2

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

2c1957013a03513b971a71270fc8ed505ee37fdcd49bbc599ca23e107f18982d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:48 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 24 Sep 2021 21:07:56 GMT
server: LiteSpeed
etag: "1146b-614e3e2c-d396aa155322afdf;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
platform: hostinger
content-length: 5594
expires: Fri, 16 Aug 2024 20:59:48 GMT

GET
H2 200 style.css
payment.rafigroup.com/wp-content/themes/salient/css/ 579 KB
78 KB 422ms
421ms Stylesheet
text/css 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/themes/salient/css/style.css?ver=12.1.2

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

70555e9024a96098500219b2db26bd10edacfac77e24325cf0e59c3c65167a33

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:48 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 24 Sep 2021 21:07:56 GMT
server: LiteSpeed
etag: "90aed-614e3e2c-79dc885ed0dcccfe;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
platform: hostinger
content-length: 79764
expires: Fri, 16 Aug 2024 20:59:48 GMT

GET
H2 200 header-secondary-nav.css
payment.rafigroup.com/wp-content/themes/salient/css/header/ 9 KB
2 KB 423ms
422ms Stylesheet
text/css 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/themes/salient/css/header/header-secondary-nav.css?ver=12.1.2

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

b16815e52ca39af52167af7058edbeb7cae8d012d6ccfc9232629925b33efb32

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:48 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 24 Sep 2021 21:07:56 GMT
server: LiteSpeed
etag: "232f-614e3e2c-7361ad8533cfd9b1;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
platform: hostinger
content-length: 1557
expires: Fri, 16 Aug 2024 20:59:48 GMT

GET
H2 200 magnific.css
payment.rafigroup.com/wp-content/themes/salient/css/plugins/ 11 KB
2 KB 423ms
422ms Stylesheet
text/css 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/themes/salient/css/plugins/magnific.css?ver=8.6.0

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

c3c0a7bc226e2b64dea9c09b64ce42656fad59ccecb482205765bba37afa292a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:48 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 24 Sep 2021 21:07:56 GMT
server: LiteSpeed
etag: "2ac9-614e3e2c-a8026fb8495514a4;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
platform: hostinger
content-length: 2275
expires: Fri, 16 Aug 2024 20:59:48 GMT

GET
H2 200 responsive.css
payment.rafigroup.com/wp-content/themes/salient/css/ 114 KB
14 KB 423ms
422ms Stylesheet
text/css 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/themes/salient/css/responsive.css?ver=12.1.2

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

360b4245140d84ea715eae349aba2fe71cf340b1bda9a07cced6e34a297b3892

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:48 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 24 Sep 2021 21:07:56 GMT
server: LiteSpeed
etag: "1c957-614e3e2c-36d324878e6af245;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
platform: hostinger
content-length: 14415
expires: Fri, 16 Aug 2024 20:59:48 GMT

GET
H2 200 select2.css
payment.rafigroup.com/wp-content/themes/salient/css/plugins/ 10 KB
2 KB 423ms
423ms Stylesheet
text/css 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/themes/salient/css/plugins/select2.css?ver=6.2

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

b550332dc744e5b9947e3cc052f75b0ccc2596e02184641eaf64c3167bf7389b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:48 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 24 Sep 2021 21:07:56 GMT
server: LiteSpeed
etag: "290b-614e3e2c-c1bcdaad885d8dc2;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
platform: hostinger
content-length: 1986
expires: Fri, 16 Aug 2024 20:59:48 GMT

GET
H2 200 skin-material.css
payment.rafigroup.com/wp-content/themes/salient/css/ 106 KB
14 KB 424ms
423ms Stylesheet
text/css 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/themes/salient/css/skin-material.css?ver=12.1.2

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

0416f2e4b31e816413eb933fac9f4c62623a6b1aebf524256775b2da5b77ac19

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:48 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 24 Sep 2021 21:07:56 GMT
server: LiteSpeed
etag: "1a720-614e3e2c-2b2533a6b83642e3;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
platform: hostinger
content-length: 14125
expires: Fri, 16 Aug 2024 20:59:48 GMT

GET
BLOB 200
OK ca0161ff-99de-41b2-8a95-0fa341a4b49b
https://payment.rafigroup.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://payment.rafigroup.com/ca0161ff-99de-41b2-8a95-0fa341a4b49b
Requested by: Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 js_composer.min.css
payment.rafigroup.com/wp-content/plugins/js_composer_salient/assets/css/ 109 KB
12 KB 397ms
396ms Stylesheet
text/css 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/plugins/js_composer_salient/assets/css/js_composer.min.css?ver=6.2.0

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

198209611aa67382f0ba7bb0759c9b2a8a8560ca5f1a60dc2dda0763c3b1e4c2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:48 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 29 Aug 2023 05:27:04 GMT
server: LiteSpeed
etag: "1b398-64ed81a8-aa52fb37a2448cbe;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
platform: hostinger
content-length: 12445
expires: Fri, 16 Aug 2024 20:59:48 GMT

GET
H2 200 animate.min.css
payment.rafigroup.com/wp-content/plugins/js_composer_salient/assets/lib/bower/animate-css/ 51 KB
3 KB 397ms
396ms Stylesheet
text/css 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/plugins/js_composer_salient/assets/lib/bower/animate-css/animate.min.css?ver=6.2.0

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

1c3fbf3f4938451bc3b7781f832b7da84c23eec5b979ac7541ec754e67e3b6d2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:48 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 29 Aug 2023 05:27:03 GMT
server: LiteSpeed
etag: "caa8-64ed81a7-2f4133a2e3675ee2;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
platform: hostinger
content-length: 3377
expires: Fri, 16 Aug 2024 20:59:48 GMT

GET
H2 200 pum-site-styles.css
payment.rafigroup.com/wp-content/uploads/pum/ 17 KB
3 KB 397ms
396ms Stylesheet
text/css 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/uploads/pum/pum-site-styles.css?generated=1717137253&ver=1.19.0

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

cb649c7da47d332ab8de12c010fcb2173f8ebf4697305b6cc8026195421b5092

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:48 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 31 May 2024 06:34:13 GMT
server: LiteSpeed
etag: "4505-66596f65-bd9a187352f2ac76;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
platform: hostinger
content-length: 3108
expires: Fri, 16 Aug 2024 20:59:48 GMT

GET
H2 200 css
fonts.googleapis.com/ 807 B
813 B 53ms
28ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Libre+Baskerville%3A400italic&ver=1707802211

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1a9a47183fa8dfa254cf04f36eec8bfaa5a4c6c93de5e0a556516ce3cbeb5a70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 17 Jul 2024 20:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 17 Jul 2024 20:52:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Jul 2024 20:59:48 GMT

GET
H2 200 jquery.min.js Show response
payment.rafigroup.com/wp-includes/js/jquery/ 85 KB
29 KB 398ms
397ms Script
application/x-javascript 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:48 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 15 Sep 2023 07:22:37 GMT
server: LiteSpeed
etag: "155ba-6504063d-fa5ff30ee2fcbc08;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 29502
expires: Wed, 24 Jul 2024 20:59:48 GMT

GET
H2 200 jquery-migrate.min.js Show response
payment.rafigroup.com/wp-includes/js/jquery/ 13 KB
5 KB 397ms
397ms Script
application/x-javascript 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:48 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 15 Sep 2023 07:22:37 GMT
server: LiteSpeed
etag: "3509-6504063d-6c549829a72f229f;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 4671
expires: Wed, 24 Jul 2024 20:59:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 207 KB
75 KB 106ms
34ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-116486500-1

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cbf6ef096329ed2fd24e4678a877803164fe8c48af838004a72b1e019970b6ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76354
x-xss-protection: 0
last-modified: Wed, 17 Jul 2024 18:36:38 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Jul 2024 20:59:49 GMT

GET
H3 200 Logo-Transparent.png
payment.rafigroup.com/wp-content/uploads/2020/10/ 6 KB
6 KB 148ms
148ms Image
image/png 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payment.rafigroup.com/wp-content/uploads/2020/10/Logo-Transparent.png

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

e3ce4bd1e2040072a531451de7af550b7e55fdc4fd5a24a31d6a95f42f9b1e4e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:48 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 24 Sep 2021 10:07:57 GMT
server: LiteSpeed
etag: "1797-614da37d-947f29cfa865106a;;;"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 6039
expires: Thu, 17 Jul 2025 20:59:48 GMT

GET
H3 200 jquery.js Show response
payment.rafigroup.com/wp-includes/js/jquery/ 278 KB
78 KB 154ms
154ms Script
application/x-javascript 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-includes/js/jquery/jquery.js?ver=1.11.3

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

1771fb9faa52eee780bcfbb6218fa4bd2e61cd3a1b00547a0bc546afac340094

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:48 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 15 Sep 2023 07:22:37 GMT
server: LiteSpeed
etag: "45958-6504063d-65fbfd3a7fb8748;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 79733
expires: Wed, 24 Jul 2024 20:59:48 GMT

GET
H2 200 jquery-1.11.0.js Show response
code.jquery.com/ 276 KB
82 KB 29ms
6ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.0.js
Requested by: Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ce0343e1d6f489768eeefe022c12181c6a0822e756239851310acf076d23d10c

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:48 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1331428
x-cache: HIT, HIT
content-length: 83550
x-served-by: cache-lga21937-LGA, cache-fra-etou8220129-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1721249989.832789,VS0,VE0
etag: W/"28feccc0-45140"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 4, 116

GET
H3 200 app.js Show response
payment.rafigroup.com/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/ 9 KB
3 KB 146ms
146ms Script
application/x-javascript 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/app.js?ver=4.3

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

fa8bacee748f47358fc778aecee9ada1d56593f1275c9d05c62d67ee0318c6ec

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:48 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 31 May 2024 06:13:16 GMT
server: LiteSpeed
etag: "22d9-66596a7c-f593f1d79d0af983;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 2740
expires: Wed, 24 Jul 2024 20:59:48 GMT

GET
H3 200 floatMenu.min.js Show response
payment.rafigroup.com/wp-content/plugins/float-menu/public/assets/js/ 17 KB
5 KB 144ms
143ms Script
application/x-javascript 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/plugins/float-menu/public/assets/js/floatMenu.min.js?ver=6.0.1

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

766ad58da0cb9aea71a8c3d881835e12e7511bbd1fcc6dea613f7233e6651f85

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:49 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 31 May 2024 06:13:20 GMT
server: LiteSpeed
etag: "442e-66596a80-c1a93d1a2c8c9ec0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 4914
expires: Wed, 24 Jul 2024 20:59:49 GMT

GET
H3 200 velocity.min.js Show response
payment.rafigroup.com/wp-content/plugins/float-menu/public/assets/js/ 44 KB
15 KB 151ms
150ms Script
application/x-javascript 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/plugins/float-menu/public/assets/js/velocity.min.js?ver=6.0.1

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

fc878d154f60d539e3f6938aab78c6808536fe488a4beb7543ba70ca6ee6a680

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:49 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 31 May 2024 06:13:20 GMT
server: LiteSpeed
etag: "aef7-66596a80-225700a7b817c1fb;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 15525
expires: Wed, 24 Jul 2024 20:59:49 GMT

GET
H3 200 salient-social.js Show response
payment.rafigroup.com/wp-content/plugins/salient-social/js/ 11 KB
2 KB 182ms
180ms Script
application/x-javascript 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/plugins/salient-social/js/salient-social.js?ver=1.1

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

42b8fc6ce4cc6ff19e274ff39b9c52897f46ddadf046ea63089d064004382947

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:49 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 24 Sep 2021 21:07:56 GMT
server: LiteSpeed
etag: "2a2c-614e3e2c-d704aef62c71e089;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1919
expires: Wed, 24 Jul 2024 20:59:49 GMT

GET
H3 200 jquery.easing.js Show response
payment.rafigroup.com/wp-content/themes/salient/js/third-party/ 6 KB
2 KB 182ms
180ms Script
application/x-javascript 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/themes/salient/js/third-party/jquery.easing.js?ver=1.3

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

87cf46420f28b91d2ffcbca2ec817b93c99b5d43c9366b08d5f4c6f6fbb635c1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:49 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 24 Sep 2021 21:07:56 GMT
server: LiteSpeed
etag: "19c9-614e3e2c-aa051bd6a3f5c145;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1841
expires: Wed, 24 Jul 2024 20:59:49 GMT

GET
H3 200 jquery.mousewheel.js Show response
payment.rafigroup.com/wp-content/themes/salient/js/third-party/ 3 KB
1 KB 183ms
181ms Script
application/x-javascript 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/themes/salient/js/third-party/jquery.mousewheel.js?ver=3.1.13

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

956e41167b70caf9f21f5a4f435fa8aefed819777d00608b60399a6ad51b16c2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:49 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 24 Sep 2021 21:07:56 GMT
server: LiteSpeed
etag: "ad9-614e3e2c-f662544f9d0e6ea3;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1133
expires: Wed, 24 Jul 2024 20:59:49 GMT

GET
H3 200 priority.js Show response
payment.rafigroup.com/wp-content/themes/salient/js/ 7 KB
2 KB 182ms
180ms Script
application/x-javascript 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/themes/salient/js/priority.js?ver=12.1.2

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

59a3b2cb204dc1b6108c9608e54ed72fbe51be18688023c9560801366a09e900

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:49 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 24 Sep 2021 21:07:56 GMT
server: LiteSpeed
etag: "1dad-614e3e2c-ac51c0d16b726911;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1727
expires: Wed, 24 Jul 2024 20:59:49 GMT

GET
H3 200 transit.js Show response
payment.rafigroup.com/wp-content/themes/salient/js/third-party/ 7 KB
3 KB 182ms
180ms Script
application/x-javascript 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/themes/salient/js/third-party/transit.js?ver=0.9.9

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

aa177ef15fc557a7778d92a1aa910b9ded10d3b8400eea9ccb08c0f19d0fde8c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:49 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 24 Sep 2021 21:07:56 GMT
server: LiteSpeed
etag: "1cff-614e3e2c-98db0ae18d444acf;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 2570
expires: Wed, 24 Jul 2024 20:59:49 GMT

GET
H3 200 waypoints.js Show response
payment.rafigroup.com/wp-content/themes/salient/js/third-party/ 18 KB
3 KB 182ms
181ms Script
application/x-javascript 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/themes/salient/js/third-party/waypoints.js?ver=4.0.1

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

04188b0cf2772d0097ee6ea6abe0feba436b3c8aa667568dc8dabc97bf4332a6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:49 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 24 Sep 2021 21:07:56 GMT
server: LiteSpeed
etag: "4888-614e3e2c-e3a41d305f2a9728;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 3486
expires: Wed, 24 Jul 2024 20:59:49 GMT

GET
H3 200 imagesLoaded.min.js Show response
payment.rafigroup.com/wp-content/themes/salient/js/third-party/ 5 KB
2 KB 182ms
181ms Script
application/x-javascript 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/themes/salient/js/third-party/imagesLoaded.min.js?ver=4.1.4

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5a65b0ca177f1c0433c0ead611692521c23e6668846a2861fedc09ae11416ffc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:49 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 24 Sep 2021 21:07:56 GMT
server: LiteSpeed
etag: "15e0-614e3e2c-a3a246e8b7a66173;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1704
expires: Wed, 24 Jul 2024 20:59:49 GMT

GET
H3 200 hoverintent.js Show response
payment.rafigroup.com/wp-content/themes/salient/js/third-party/ 2 KB
944 B 183ms
181ms Script
application/x-javascript 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/themes/salient/js/third-party/hoverintent.js?ver=1.9

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

2f9627512fca0229865430f588e22896916969f33cf92f51a0793028a1a45f7c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:49 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 24 Sep 2021 21:07:56 GMT
server: LiteSpeed
etag: "8ce-614e3e2c-ad5ae48e23844f64;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 892
expires: Wed, 24 Jul 2024 20:59:49 GMT

GET
H3 200 magnific.js Show response
payment.rafigroup.com/wp-content/themes/salient/js/third-party/ 47 KB
13 KB 183ms
181ms Script
application/x-javascript 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/themes/salient/js/third-party/magnific.js?ver=7.0.1

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

773d12971ed2348e780482568fae18c567b891f356bd01ee1fb7adad7b800900

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:49 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 24 Sep 2021 21:07:56 GMT
server: LiteSpeed
etag: "bdd0-614e3e2c-3efb495c7d14324f;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 13522
expires: Wed, 24 Jul 2024 20:59:49 GMT

GET
H3 200 superfish.js Show response
payment.rafigroup.com/wp-content/themes/salient/js/third-party/ 9 KB
3 KB 195ms
193ms Script
application/x-javascript 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/themes/salient/js/third-party/superfish.js?ver=1.4.8

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

66f7412f7462e317d894dd4a942290b87ec249151a2648aa6caeb8bab1735d42

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:49 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 24 Sep 2021 21:07:56 GMT
server: LiteSpeed
etag: "24fe-614e3e2c-16865ebdf4c92472;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 2743
expires: Wed, 24 Jul 2024 20:59:49 GMT

GET
H3 200 init.js Show response
payment.rafigroup.com/wp-content/themes/salient/js/ 531 KB
92 KB 199ms
197ms Script
application/x-javascript 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/themes/salient/js/init.js?ver=12.1.2

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

9ef66d95c454cf8d600a7f2f2be3c6fa618c61ea23bbe27e56df0286452558a5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:49 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 24 Sep 2021 21:07:56 GMT
server: LiteSpeed
etag: "84a69-614e3e2c-8bd82d9f9fa36500;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 94344
expires: Wed, 24 Jul 2024 20:59:49 GMT

GET
H3 200 touchswipe.min.js Show response
payment.rafigroup.com/wp-content/plugins/salient-core/js/third-party/ 9 KB
3 KB 492ms
491ms Script
application/x-javascript 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/plugins/salient-core/js/third-party/touchswipe.min.js?ver=1.0

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

a23757ebb210c2d1c0455713594401d07ef51a74dcd3f7b5cd4a0ed2d8ecf1e0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:49 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 24 Sep 2021 21:07:56 GMT
server: LiteSpeed
etag: "24a0-614e3e2c-3686717584cedcf5;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 3141
expires: Wed, 24 Jul 2024 20:59:49 GMT

GET
H3 200 select2.min.js Show response
payment.rafigroup.com/wp-content/themes/salient/js/third-party/ 65 KB
17 KB 493ms
492ms Script
application/x-javascript 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/themes/salient/js/third-party/select2.min.js?ver=3.5.2

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

1e38fc406a9878a9c42e613c7104f4636fe822452f3d3733f39f0af703452557

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:49 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 24 Sep 2021 21:07:56 GMT
server: LiteSpeed
etag: "103da-614e3e2c-816b9556df331003;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 17537
expires: Wed, 24 Jul 2024 20:59:49 GMT

GET
H3 200 js_composer_front.min.js Show response
payment.rafigroup.com/wp-content/plugins/js_composer_salient/assets/js/dist/ 29 KB
6 KB 502ms
501ms Script
application/x-javascript 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/plugins/js_composer_salient/assets/js/dist/js_composer_front.min.js?ver=6.2.0

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

91a1b69f5547f742099a5923d2d2483a49501f112a07f1d85dc6a8c6ff71978e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:49 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 29 Aug 2023 05:27:04 GMT
server: LiteSpeed
etag: "7210-64ed81a8-b7a7fde80d7b28de;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 6058
expires: Wed, 24 Jul 2024 20:59:49 GMT

GET
H3 200 core.min.js Show response
payment.rafigroup.com/wp-includes/js/jquery/ui/ 21 KB
7 KB 505ms
504ms Script
application/x-javascript 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:49 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 15 Sep 2023 07:22:37 GMT
server: LiteSpeed
etag: "53be-6504063d-fa3501adb13c964;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 6774
expires: Wed, 24 Jul 2024 20:59:49 GMT

GET
H3 200 pum-site-scripts.js Show response
payment.rafigroup.com/wp-content/uploads/pum/ 69 KB
16 KB 507ms
506ms Script
application/x-javascript 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1717137253&ver=1.19.0

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

0681e4ee562398c075dedfb2b4afe76ce8206fc2ae8745f2b1076f62d3d13be7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:49 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 31 May 2024 06:34:13 GMT
server: LiteSpeed
etag: "1155c-66596f65-a278845f69df24e5;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 16601
expires: Wed, 24 Jul 2024 20:59:49 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
632 B 33ms
32ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/wp-content/uploads/pum/pum-site-styles.css?generated=1717137253&ver=1.19.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c55bb187432531f48be10df58477eb1ab34d4ec4b7aecfb4c179845a5227fcd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 17 Jul 2024 20:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 17 Jul 2024 19:03:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Jul 2024 20:59:48 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 290 KB
101 KB 97ms
25ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PWXM3DQ

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aa42350883916552a978a023d89f57e422f83aa0d468f13d75cc5a4c874f0a17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102988
x-xss-protection: 0
last-modified: Wed, 17 Jul 2024 18:36:38 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Jul 2024 20:59:49 GMT

GET
H3 200 Ripple-1.3s-224px.gif
payment.rafigroup.com/wp-content/uploads/2020/10/ 92 KB
92 KB 457ms
456ms Image
image/gif 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payment.rafigroup.com/wp-content/uploads/2020/10/Ripple-1.3s-224px.gif

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

3d6bc8a2b8a96fe983b0a4bc5a9c8abc34048f53cfc5d650b642e2f3b05bcd77

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:49 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 24 Sep 2021 10:07:57 GMT
server: LiteSpeed
etag: "16ea9-614da37d-17ce6a77fda87b79;;;"
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
platform: hostinger
content-length: 93865
expires: Thu, 17 Jul 2025 20:59:49 GMT

GET
DATA 200
OK truncated
/ 31 KB
31 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6db83b2803fed3f9b574567755102b18c401904a374c8acf4c9a2e9b0159cb4f

Request headers

Referer
Origin: https://payment.rafigroup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3 200 OpenSans-Regular.woff
payment.rafigroup.com/wp-content/themes/salient/css/fonts/ 54 KB
54 KB 231ms
231ms Font
application/font-woff 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/themes/salient/css/fonts/OpenSans-Regular.woff

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

2770b375eb18d7a74fbbd60a0f9a14214857770f35dac85ce9c5daf9353faf97

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
Origin: https://payment.rafigroup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:49 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 24 Sep 2021 21:07:56 GMT
server: LiteSpeed
etag: "d7e4-614e3e2c-54eb13f946427560;;;"
content-type: application/font-woff
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 55268
expires: Wed, 24 Jul 2024 20:59:49 GMT

GET
H3 200 fontawesome-webfont.woff
payment.rafigroup.com/wp-content/themes/salient/css/fonts/ 96 KB
96 KB 311ms
310ms Font
application/font-woff 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/themes/salient/css/fonts/fontawesome-webfont.woff?v=4.2

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/wp-content/themes/salient/css/font-awesome.min.css?ver=4.6.4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/wp-content/themes/salient/css/font-awesome.min.css?ver=4.6.4
Origin: https://payment.rafigroup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:49 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 24 Sep 2021 21:07:56 GMT
server: LiteSpeed
etag: "17ee8-614e3e2c-859431cb2e5e4da0;;;"
content-type: application/font-woff
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 98024
expires: Wed, 24 Jul 2024 20:59:49 GMT

GET
H3 200 OpenSans-Bold.woff
payment.rafigroup.com/wp-content/themes/salient/css/fonts/ 57 KB
57 KB 394ms
393ms Font
application/font-woff 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/themes/salient/css/fonts/OpenSans-Bold.woff

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

37d8bced2c9ce5998a53e111927c75b7bffb235ee5769db693ddb9d80eb1b0e2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
Origin: https://payment.rafigroup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:49 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 24 Sep 2021 21:07:56 GMT
server: LiteSpeed
etag: "e234-614e3e2c-c18980e4f0904282;;;"
content-type: application/font-woff
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 57908
expires: Wed, 24 Jul 2024 20:59:49 GMT

GET
H3 200 OpenSans-SemiBold.woff
payment.rafigroup.com/wp-content/themes/salient/css/fonts/ 56 KB
56 KB 418ms
417ms Font
application/font-woff 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/themes/salient/css/fonts/OpenSans-SemiBold.woff

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

9aedda6dc1f4b694308bdb972962044ab0c1f2a3929dead40c3f208168d98f5a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
Origin: https://payment.rafigroup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:49 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 24 Sep 2021 21:07:56 GMT
server: LiteSpeed
etag: "e120-614e3e2c-735ec13e1bb37027;;;"
content-type: application/font-woff
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 57632
expires: Wed, 24 Jul 2024 20:59:49 GMT

GET
H2 200 kmKhZrc3Hgbbcjq75U4uslyuy4kn0qNcWxEQDA.woff2
fonts.gstatic.com/s/librebaskerville/v14/ 30 KB
31 KB 58ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librebaskerville/v14/kmKhZrc3Hgbbcjq75U4uslyuy4kn0qNcWxEQDA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Baskerville%3A400italic&ver=1707802211

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d809e5e194d9762855a81f8e4002da916b66a81ddc4b3fbdaf770ce4aa0fb560

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://payment.rafigroup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 03:11:15 GMT
x-content-type-options: nosniff
age: 150514
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30696
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:09:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Jul 2025 03:11:15 GMT

GET
H3 200 Vid-BG.jpg
payment.rafigroup.com/wp-content/uploads/2020/10/ 38 KB
38 KB 482ms
481ms Image
image/jpeg 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payment.rafigroup.com/wp-content/uploads/2020/10/Vid-BG.jpg

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

1058eaaddf26b402509e7d29d2860e79891dbce313fd9de14b1451a9e4aaba03

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:49 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 24 Sep 2021 10:07:57 GMT
server: LiteSpeed
etag: "97a4-614da37d-5639a94d514dcac7;;;"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
platform: hostinger
content-length: 38820
expires: Thu, 17 Jul 2025 20:59:49 GMT

GET
H2 200 google-logo-2.png
rafigroup.com/wp-content/uploads/2023/10/ 7 KB
7 KB 463ms
144ms Image
image/png 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rafigroup.com/wp-content/uploads/2023/10/google-logo-2.png

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

10cc38c103b630e2506eeb2cffbefd571d7602a5d262da4e04648355c2a894d1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:49 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 05 Oct 2023 09:57:53 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=10368000,public
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 6667
expires: Thu, 14 Nov 2024 20:59:49 GMT

GET
H2 200 google-logo.png
rafigroup.com/wp-content/uploads/2023/10/ 7 KB
7 KB 463ms
145ms Image
image/png 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rafigroup.com/wp-content/uploads/2023/10/google-logo.png

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

b9c484fa2266ba48fb4d5b3f8d9c832ae2b6f5af6e20fc07de5b81d5e4de61f2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:49 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 05 Oct 2023 09:57:53 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=10368000,public
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 7203
expires: Thu, 14 Nov 2024 20:59:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 309 KB
103 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VF47MLXHCP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWXM3DQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6cb433fe2da54caee13fdb39736e163b8c3298bd8614ef59ff7eaa6a6272795c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104974
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 17 Jul 2024 20:59:49 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 35ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWXM3DQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 17 Jul 2024 20:29:07 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1842
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 17 Jul 2024 22:29:07 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 34ms
7ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWXM3DQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:49 GMT
content-encoding: gzip
last-modified: Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kiad7000168-IAD, cache-fra-etou8220108-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 224 KB
60 KB 29ms
8ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a1e56a128f0a2db19bd6c3581fb0a7a4ec91197dbbdf349b61f82933550a574d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 17 Jul 2024 20:59:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58677
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1328, tbw=2780, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: ToK5wmkl2tGpox55lMTAJYODaefCPo6mOsDMzZJ9yqjZ7DRw2us0d+dLkpltapWF44i4loD6Z/bT76SChj0XTg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 207 KB
75 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-116486500-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWXM3DQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0b13b08a6789f3cb11344aa056d41e703de93a5554e74586f889805cef80a185

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76300
x-xss-protection: 0
last-modified: Wed, 17 Jul 2024 18:36:38 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Jul 2024 20:59:49 GMT

GET
H3 200 c3po.jpg
tracker.metricool.com/ 70 B
658 B 86ms
54ms Image
image/png 2606:4700:20::681a:66c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tracker.metricool.com/c3po.jpg?hash=30e485c60c9dd90a8fa3d744ac831f08

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:66c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.metricool.com https://ads.tiktok.com
X-Content-Type-Options	nosniff

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jul 2024 20:59:49 GMT
content-security-policy: frame-ancestors https://*.metricool.com https://ads.tiktok.com
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s%2Frq%2BSHvo4a7rBpxe6xqgTq0cyvtNErfujzxLMACZbUb7kh664qdeKGLusZ6i4jb3aNFqiu821j0ng1yDIBknwqoyaF84J4Fei6CZdEbqBuNUvy4Odk8XgEUYaR0tRj1eg9jdvfk%2BUWTjxJEV%2F32bEZGaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8a4d28704bf866bd-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 357 KB
115 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7BPMPELXSB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-116486500-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b30c648898615efd61268d030e2ab71cf557b57d0532e80173f56b776c3b27a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 118064
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 17 Jul 2024 20:59:49 GMT

GET
H2 200 adsct
t.co/i/ 43 B
376 B 148ms
120ms Image
image/gif 93.184.221.165
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=396be86b-33d2-4a2d-aa29-27f7f77a6b8f&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bc7b3ecd-70b4-4412-9c37-f94a2841ade3&tw_document_href=https%3A%2F%2Fpayment.rafigroup.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1xpj&type=javascript&version=2.3.30

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time: 109
date: Wed, 17 Jul 2024 20:59:48 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 82357d0d0d6e1d7d
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 1eb613dd1f8aa3e7cdb477bf1a31edd91423caf143d9f65e14690905092fe9a2
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 218ms
196ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=396be86b-33d2-4a2d-aa29-27f7f77a6b8f&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bc7b3ecd-70b4-4412-9c37-f94a2841ade3&tw_document_href=https%3A%2F%2Fpayment.rafigroup.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1xpj&type=javascript&version=2.3.30

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time: 189
date: Wed, 17 Jul 2024 20:59:48 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 0cd0ebf86a34d346
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 6c08dd39f2724206d1a8488d0cfd753df98de048b00c1c28d7073a10108160db
content-length: 43

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
212 B 15ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1412334528&t=pageview&_s=1&dl=https%3A%2F%2Fpayment.rafigroup.com%2F&ul=de-de&de=UTF-8&dt=Rafi%20Group%20Online%20Payment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1584100617&gjid=778895944&cid=876256074.1721249989&tid=UA-140666643-1&_gid=4581212.1721249989&_r=1&_slc=1&gtm=45He47f0n81PWXM3DQv812004550za200&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&npa=1&z=587774474

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 17 Jul 2024 20:59:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.rafigroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
68 B 14ms
14ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1412334528&t=pageview&_s=1&dl=https%3A%2F%2Fpayment.rafigroup.com%2F&ul=de-de&de=UTF-8&dt=Rafi%20Group%20Online%20Payment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=1895763514&gjid=2091036195&cid=876256074.1721249989&tid=UA-116486500-1&_gid=4581212.1721249989&_r=1&gtm=457e47f0za200zb812004550&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&jsscut=1&npa=1&z=1715824585

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 17 Jul 2024 20:59:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.rafigroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 373360243288735 Show response
connect.facebook.net/signals/config/ 68 KB
14 KB 252ms
251ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/373360243288735?v=2.9.161&r=stable&domain=payment.rafigroup.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8c94b4a81eb52db97be1b7db46704e238477e5d91ddf65a99807ea046695a706

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 17 Jul 2024 20:59:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=15, rtx=0, c=64, mss=1328, tbw=64210, tp=-1, tpl=-1, uplat=244, ullat=0
pragma: public
x-fb-debug: c1JvAYWrCn0sGEUZpHyJ8W+BOw8LFnQqlZnaliZClJDLbSgmgGPKJb3IO8FGXfWeaGTlUsF6KbRoQa9RFmPJ/A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 35ms
13ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-VF47MLXHCP&gtm=45je47f0v879418977z8812004550za200zb812004550&_p=1721249988985&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=876256074.1721249989&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721249989&sct=1&seg=0&dl=https%3A%2F%2Fpayment.rafigroup.com%2F&dt=Rafi%20Group%20Online%20Payment&en=page_view&_fv=1&_ss=1&tfd=1377&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VF47MLXHCP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jul 2024 20:59:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.rafigroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
258 B 52ms
18ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VF47MLXHCP&cid=876256074.1721249989&gtm=45je47f0v879418977z8812004550za200zb812004550&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VF47MLXHCP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jul 2024 20:59:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.rafigroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 48ms
32ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VF47MLXHCP&cid=876256074.1721249989&gtm=45je47f0v879418977z8812004550za200zb812004550&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&z=535718660

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jul 2024 20:59:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 15ms
14ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-7BPMPELXSB&gtm=45je47h0h2v9103506754za200&_p=1721249988985&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=876256074.1721249989&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1721249989&sct=1&seg=0&dl=https%3A%2F%2Fpayment.rafigroup.com%2F&dt=Rafi%20Group%20Online%20Payment&en=page_view&_fv=1&_ss=1&tfd=1414&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7BPMPELXSB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jul 2024 20:59:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.rafigroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 17ms
17ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7BPMPELXSB&cid=876256074.1721249989&gtm=45je47h0h2v9103506754za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7BPMPELXSB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jul 2024 20:59:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.rafigroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 32ms
32ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7BPMPELXSB&cid=876256074.1721249989&gtm=45je47h0h2v9103506754za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&z=864252408

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jul 2024 20:59:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 22ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=373360243288735&ev=PageView&dl=https%3A%2F%2Fpayment.rafigroup.com%2F&rl=&if=false&ts=1721249989468&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4126&fbp=fb.1.1721249989467.8114053130223&cs_est=true&ler=empty&cdl=API_unavailable&it=1721249989202&coo=false&rqm=GET

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2784, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 17 Jul 2024 20:59:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 175ms
160ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=373360243288735&ev=PageView&dl=https%3A%2F%2Fpayment.rafigroup.com%2F&rl=&if=false&ts=1721249989468&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4126&fbp=fb.1.1721249989467.8114053130223&cs_est=true&ler=empty&cdl=API_unavailable&it=1721249989202&coo=false&rqm=FGET

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x95364d4eca49042a","source_keys":["1","2"]},{"key_piece":"0x7ac4ff263733c433","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Wed, 17 Jul 2024 20:59:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7392712411938394260", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=3101, tp=-1, tpl=-1, uplat=152, ullat=0
pragma: no-cache
x-fb-debug: bcFEE7MxuplRbGYqVKO/drDxLIvcNXh/zVtlA6dRuxRQSiUqOnL2bqKhnhghBz+0bkdJ3uZ6H6Kn13DNBnRFig==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7392712411938394260"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 wp-emoji-release.min.js Show response
payment.rafigroup.com/wp-includes/js/ 18 KB
5 KB 144ms
144ms Script
application/x-javascript 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3.1

Requested by

Host: payment.rafigroup.com
URL: https://payment.rafigroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:49 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 15 Sep 2023 07:22:37 GMT
server: LiteSpeed
etag: "4904-6504063d-314b3151ed3f9bf;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 4605
expires: Wed, 24 Jul 2024 20:59:49 GMT

GET
H3 200 FavIcon-150x150-1-100x100.png
payment.rafigroup.com/wp-content/uploads/2020/10/ 3 KB
3 KB 144ms
143ms Other
image/png 2a02:4780:b:1205:0:2143:495e:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.rafigroup.com/wp-content/uploads/2020/10/FavIcon-150x150-1-100x100.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:1205:0:2143:495e:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

e6c6427b49cd29fbe5e257ee9755aff8f8b7e9baf4a400fca7c34c0aad24d9d7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://payment.rafigroup.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 20:59:49 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 24 Sep 2021 10:07:57 GMT
server: LiteSpeed
etag: "bff-614da37d-f4ad04f916ad1532;;;"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
platform: hostinger
content-length: 3071
expires: Thu, 17 Jul 2025 20:59:49 GMT

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
payment.rafigroup.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: bc4ba0aa7f640ddad657a7d7d2dbb5eb
.rafigroup.com/	1970-01-21 00:17:05	Name: _gcl_au Value: 1.1.1602512880.1721249989
.rafigroup.com/	1970-01-20 22:08:56	Name: _gid Value: GA1.2.4581212.1721249989
.rafigroup.com/	1970-01-20 22:07:30	Name: _gat_UA-140666643-1 Value: 1
.rafigroup.com/	1970-01-20 22:07:30	Name: _gat_gtag_UA_116486500_1 Value: 1
.rafigroup.com/	1970-01-21 07:43:29	Name: _ga_VF47MLXHCP Value: GS1.1.1721249989.1.0.1721249989.60.0.0
.rafigroup.com/	1970-01-21 07:43:29	Name: _ga Value: GA1.1.876256074.1721249989
.rafigroup.com/	1970-01-21 07:43:29	Name: _ga_7BPMPELXSB Value: GS1.1.1721249989.1.0.1721249989.60.0.0
.t.co/	1970-01-21 07:43:29	Name: muc_ads Value: 1ddeb4bf-751e-4801-af9f-f25bf0f00e94
.twitter.com/	1970-01-21 07:43:29	Name: personalization_id Value: "v1_mSkEoKt7yK2m+/E1fIQIvw=="
.rafigroup.com/	1970-01-21 00:17:05	Name: _fbp Value: fb.1.1721249989467.8114053130223

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
code.jquery.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
payment.rafigroup.com
rafigroup.com
region1.analytics.google.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tracker.metricool.com
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
104.244.42.3
146.75.120.157
2001:4860:4802:32::36
2606:4700:20::681a:66c
2a00:1450:4001:800::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:827::200e
2a00:1450:4001:829::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9d
2a02:4780:b:1205:0:2143:495e:2
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:600::649
93.184.221.165
0416f2e4b31e816413eb933fac9f4c62623a6b1aebf524256775b2da5b77ac19
04188b0cf2772d0097ee6ea6abe0feba436b3c8aa667568dc8dabc97bf4332a6
0681e4ee562398c075dedfb2b4afe76ce8206fc2ae8745f2b1076f62d3d13be7
0825523d245d840358bb742b169bd651e496fe56443a0bae4eef680816bd55d4
0b13b08a6789f3cb11344aa056d41e703de93a5554e74586f889805cef80a185
1058eaaddf26b402509e7d29d2860e79891dbce313fd9de14b1451a9e4aaba03
10cc38c103b630e2506eeb2cffbefd571d7602a5d262da4e04648355c2a894d1
1771fb9faa52eee780bcfbb6218fa4bd2e61cd3a1b00547a0bc546afac340094
198209611aa67382f0ba7bb0759c9b2a8a8560ca5f1a60dc2dda0763c3b1e4c2
1a9a47183fa8dfa254cf04f36eec8bfaa5a4c6c93de5e0a556516ce3cbeb5a70
1c3fbf3f4938451bc3b7781f832b7da84c23eec5b979ac7541ec754e67e3b6d2
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e38fc406a9878a9c42e613c7104f4636fe822452f3d3733f39f0af703452557
2770b375eb18d7a74fbbd60a0f9a14214857770f35dac85ce9c5daf9353faf97
2c1957013a03513b971a71270fc8ed505ee37fdcd49bbc599ca23e107f18982d
2f9627512fca0229865430f588e22896916969f33cf92f51a0793028a1a45f7c
360b4245140d84ea715eae349aba2fe71cf340b1bda9a07cced6e34a297b3892
37d8bced2c9ce5998a53e111927c75b7bffb235ee5769db693ddb9d80eb1b0e2
3cb89230f6f93e48595a2876e5678e4c5d6d2a50c96f7ac8500c52bb9eadccaa
3d6bc8a2b8a96fe983b0a4bc5a9c8abc34048f53cfc5d650b642e2f3b05bcd77
42b8fc6ce4cc6ff19e274ff39b9c52897f46ddadf046ea63089d064004382947
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
59a3b2cb204dc1b6108c9608e54ed72fbe51be18688023c9560801366a09e900
5a65b0ca177f1c0433c0ead611692521c23e6668846a2861fedc09ae11416ffc
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
66f7412f7462e317d894dd4a942290b87ec249151a2648aa6caeb8bab1735d42
67101d080092b55300df8f248ce62f05655d7bedce24c3cfa1959ee08ad81bf6
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6b4f09108e55a4b10b8df25b749ed66d372a7ce91c7beb9b89d5914a3043fa39
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cb433fe2da54caee13fdb39736e163b8c3298bd8614ef59ff7eaa6a6272795c
6db83b2803fed3f9b574567755102b18c401904a374c8acf4c9a2e9b0159cb4f
70555e9024a96098500219b2db26bd10edacfac77e24325cf0e59c3c65167a33
766ad58da0cb9aea71a8c3d881835e12e7511bbd1fcc6dea613f7233e6651f85
773d12971ed2348e780482568fae18c567b891f356bd01ee1fb7adad7b800900
87cf46420f28b91d2ffcbca2ec817b93c99b5d43c9366b08d5f4c6f6fbb635c1
8c94b4a81eb52db97be1b7db46704e238477e5d91ddf65a99807ea046695a706
91a1b69f5547f742099a5923d2d2483a49501f112a07f1d85dc6a8c6ff71978e
956e41167b70caf9f21f5a4f435fa8aefed819777d00608b60399a6ad51b16c2
968ab8ae6f33119ee267a11ce60920934e0d5e9d4714a3eb6b47cb9f05e42a0f
9aedda6dc1f4b694308bdb972962044ab0c1f2a3929dead40c3f208168d98f5a
9ef66d95c454cf8d600a7f2f2be3c6fa618c61ea23bbe27e56df0286452558a5
a1e56a128f0a2db19bd6c3581fb0a7a4ec91197dbbdf349b61f82933550a574d
a23757ebb210c2d1c0455713594401d07ef51a74dcd3f7b5cd4a0ed2d8ecf1e0
aa177ef15fc557a7778d92a1aa910b9ded10d3b8400eea9ccb08c0f19d0fde8c
aa42350883916552a978a023d89f57e422f83aa0d468f13d75cc5a4c874f0a17
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b16815e52ca39af52167af7058edbeb7cae8d012d6ccfc9232629925b33efb32
b30c648898615efd61268d030e2ab71cf557b57d0532e80173f56b776c3b27a5
b550332dc744e5b9947e3cc052f75b0ccc2596e02184641eaf64c3167bf7389b
b9c484fa2266ba48fb4d5b3f8d9c832ae2b6f5af6e20fc07de5b81d5e4de61f2
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7
c3c0a7bc226e2b64dea9c09b64ce42656fad59ccecb482205765bba37afa292a
c55bb187432531f48be10df58477eb1ab34d4ec4b7aecfb4c179845a5227fcd2
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cb649c7da47d332ab8de12c010fcb2173f8ebf4697305b6cc8026195421b5092
cbf6ef096329ed2fd24e4678a877803164fe8c48af838004a72b1e019970b6ea
ce0343e1d6f489768eeefe022c12181c6a0822e756239851310acf076d23d10c
d809e5e194d9762855a81f8e4002da916b66a81ddc4b3fbdaf770ce4aa0fb560
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ce4bd1e2040072a531451de7af550b7e55fdc4fd5a24a31d6a95f42f9b1e4e
e6c6427b49cd29fbe5e257ee9755aff8f8b7e9baf4a400fca7c34c0aad24d9d7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9
f8214d5a3bfa62a210a1173a5baf9d9e2eb3da26f6333a058109ee5018617674
fa8bacee748f47358fc778aecee9ada1d56593f1275c9d05c62d67ee0318c6ec
fc878d154f60d539e3f6938aab78c6808536fe488a4beb7543ba70ca6ee6a680

payment.rafigroup.com Open in urlscan Pro 2a02:4780:b:1205:0:2143:495e:2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

79 Requests

99 %HTTPS

80 %IPv6

15 Domains

16 Subdomains

16 IPs

4 Countries

1736 kBTransfer

5471 kBSize

11 Cookies

41 Outgoing links

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

payment.rafigroup.com Open in urlscan Pro
2a02:4780:b:1205:0:2143:495e:2 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

99 %
HTTPS

80 %
IPv6

15
Domains

16
Subdomains

16
IPs

4
Countries

1736 kB
Transfer

5471 kB
Size

11
Cookies

79 HTTP transactions
1 data transactions