rifascs2.com Open in urlscan Pro
2606:4700:3035::6815:4ed2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rifascs2.com/
Submission Tags: phishingrod
Submission: On May 16 via api (May 16th 2024, 3:16:40 am UTC) from DE — Scanned from DE

Summary HTTP 50 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 13 domains to perform 50 HTTP transactions. The main IP is 2606:4700:3035::6815:4ed2, located in United States and belongs to CLOUDFLARENET, US. The main domain is rifascs2.com.
TLS certificate: Issued by GTS CA 1P5 on May 16th 2024. Valid for: 3 months.

This is the only time rifascs2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	2606:4700:303... 2606:4700:3035::6815:4ed2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3038::6815:eaea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700:20:... 2606:4700:20::681a:673	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1d::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:44de	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
50	15

23 2606:4700:3035::6815:4ed2 (United States)

ASN13335 (CLOUDFLARENET, US)

rifascs2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3038::6815:eaea (United States)

ASN13335 (CLOUDFLARENET, US)

rsms.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:673 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.rd.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1d::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:44de (United States)

ASN13335 (CLOUDFLARENET, US)

fbapi.rifa.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	rifascs2.com rifascs2.com	606 KB
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 tpc.googlesyndication.com — Cisco Umbrella Rank: 164	210 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	281 KB
3	rd.app cdn.rd.app	2 MB
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3095	307 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	71 KB
2	rsms.me rsms.me — Cisco Umbrella Rank: 9881	111 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	274 B
1	rifa.digital fbapi.rifa.digital
1	google.de www.google.de — Cisco Umbrella Rank: 7810	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 89	252 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	899 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	17 KB
50	13

	Domain	Requested by
23	rifascs2.com	rifascs2.com
6	pagead2.googlesyndication.com	rifascs2.com pagead2.googlesyndication.com
3	www.googletagmanager.com	rifascs2.com www.googletagmanager.com
3	cdn.rd.app	rifascs2.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	region1.analytics.google.com	www.googletagmanager.com
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	rsms.me	rifascs2.com rsms.me
1	www.facebook.com	rifascs2.com
1	fbapi.rifa.digital	www.googletagmanager.com
1	www.google.de	rifascs2.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	fonts.googleapis.com	rifascs2.com
1	cdnjs.cloudflare.com	rifascs2.com
50	14

This site contains no links.

Subject Issuer	Validity	Valid
rifascs2.com GTS CA 1P5	`2024-05-16` - `2024-08-14`	3 months	crt.sh
rsms.me E1	`2024-04-25` - `2024-07-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
cdn.rd.app E1	`2024-04-09` - `2024-07-08`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-02-23` - `2024-05-23`	3 months	crt.sh
*.google.de WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
rifa.digital GTS CA 1P5	`2024-03-23` - `2024-06-21`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://rifascs2.com/
Frame ID: 9E412235C070CB416E0F287D3F4C8A1C
Requests: 47 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240513/r20110914/zrt_lookup_fy2021.html
Frame ID: 754E80BD82D9B4D4F64D001730FDFBCB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2984742400813413&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1715829396&plat=2%3A16777216%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Frifascs2.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1715829396082&bpp=4&bdt=362&idt=72&shv=r20240513&mjsv=m202405090101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=6483941076470&frm=20&pv=2&ga_vid=705383100.1715829396&ga_sid=1715829396&ga_hid=519679188&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31083359%2C42531706%2C44798934%2C95331982%2C31083539%2C95331712%2C95332416&oid=2&pvsid=762142154309365&tmod=1337790406&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=84
Frame ID: CCAD2420F97F9CB58FE2D2F252EC18F7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E4F2EA9E59F5D00A1A8A226DD146F546
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rifas CS2 | Rifa Digital

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

50
Requests

98 %
HTTPS

100 %
IPv6

13
Domains

14
Subdomains

15
IPs

3
Countries

3562 kB
Transfer

5570 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
rifascs2.com/ 40 KB
12 KB 252ms
223ms Document
text/html 2606:4700:3035::6815:4ed2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rifascs2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:4ed2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2d563af9985da94140ab1e357815ed83c8e963b0f3e0e49e6485b9eb5bd8c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 884835b9dd50bbd7-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 16 May 2024 03:16:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tbyrfDoETNVWLAx70psN%2B7T0QBK%2FD5rRngPQ7OrXWwYQNwSnFO1tyqAI4%2FhG5pPNShMc3zDoHXLTnNCa4ysUIS8RE%2Fhky5Bkg8TQGklb%2Bb97yG4ZdRF56Zz1xIjOZhtjhH9Ko%2FSc%2BSu6ECA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding X-Inertia
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H3 200 app-C2Rkk2Fc.css
rifascs2.com/build/assets/ 13 KB
2 KB 192ms
191ms Stylesheet
text/css 2606:4700:3035::6815:4ed2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rifascs2.com/build/assets/app-C2Rkk2Fc.css

Requested by

Host: rifascs2.com
URL: https://rifascs2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:4ed2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4522082cba4909ad4b9a81e3b657c4c243f2e62f6dd5556d1a7b1a72caff6405

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rifascs2.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 03:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 14 May 2024 01:41:54 GMT
server: cloudflare
etag: W/"6642c162-3241"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=omfGLPxyZBh0dS6X7bf1z7M2O2nzOvMBV2Dref9zs4SiuQkxQzo%2FfZW5x%2F8XOZmNFapuy0zOAGYL1FAvV1DHUl8ekAEHvLsKIxWzWJ1%2BznZ%2FXNeUTteRsSMtRmHTTkeCrNbeCQo2Plmq2%2B8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 884835bb4e1cbbd7-FRA

GET
H3 200 app-CdUDQ9XR.css
rifascs2.com/build/assets/ 108 KB
17 KB 291ms
290ms Stylesheet
text/css 2606:4700:3035::6815:4ed2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rifascs2.com/build/assets/app-CdUDQ9XR.css

Requested by

Host: rifascs2.com
URL: https://rifascs2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:4ed2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ced03da2733a9109766b88a2b537f3ae293049ebe542bf932f6c137d408abcc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rifascs2.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 03:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 14 May 2024 01:41:54 GMT
server: cloudflare
etag: W/"6642c162-1b014"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L0CBo4%2FF7V%2FRUfgk9ezXafeSI7%2BN2GTOy%2FK%2Fxm6T1ZkQ2%2FqNhHM6SAmH3FJQrxbNoLdMPqJBWEuuwQegNcJrMxvFF5%2FXT4aSOEB8bMKicmia0e1Qqen6OQQB63E2eHWi8jyvPxQxyx4rwcc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 884835bb4e1ebbd7-FRA

GET
H3 200 app-czMLJR-s.js Show response
rifascs2.com/build/assets/ 341 KB
123 KB 301ms
299ms Script
application/javascript 2606:4700:3035::6815:4ed2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rifascs2.com/build/assets/app-czMLJR-s.js

Requested by

Host: rifascs2.com
URL: https://rifascs2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:4ed2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08e94fe9f3e2fee54f578a73cced3ac8b0b97a87aeb52ecbd2f979d3b9169d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rifascs2.com/
Origin: https://rifascs2.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 03:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 14 May 2024 01:41:54 GMT
server: cloudflare
etag: W/"6642c162-555cf"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F0g9votyF4KdBEiaymgd7YARLyl9yknS4VDlxgAs2Y%2FErpvR3Xa6iyqFxT0Yy40yn0D6lF4N0uoeIBZ7BoBWrb2qTHFkQq%2FA6m%2FE523C2JuVKPjVOm5Wal7E2jrwxRZhQq9gdAsRjs8yhs4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 884835bb4e1fbbd7-FRA

GET
H3 200 inter.css
rsms.me/inter/ 7 KB
1 KB 34ms
13ms Stylesheet
text/css 2606:4700:3038::6815:eaea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/inter.css
Requested by: Host: rifascs2.com
URL: https://rifascs2.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eaea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fedfb7def1421aa9d58d1732be7164e33eec27b9c87193e010b9ddaa67b6a18

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rifascs2.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fastly-request-id: 3ee4d7de42760ba7bd6a3616bb25aabaf2c14071
date: Thu, 16 May 2024 03:16:35 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Wed, 01 May 2024 09:48:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35
x-cache: HIT
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 712
x-served-by: cache-fra-eddf8230133-FRA
last-modified: Mon, 25 Mar 2024 16:53:19 GMT
server: cloudflare
x-github-request-id: 150E:39B013:2581C44:261EC24:6610C0E4
x-timer: S1713295968.841799,VS0,VE2
etag: W/"6601abff-1b8d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xv1J28vJy3KnHhpF2P9cWtZqxrpjkjLUbYCJe1LuHigId7oGoaaDrGlHcyPkSoRDBYHPvPAzaseMOabASM%2FzYNkdSd60bAEtp1jnVk2WgtmiVBjv1UrFWM0j1lOi%2F%2BiQJXbh%2Fjoo"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 884835bb6df79bd7-FRA
x-cache-hits: 2

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/ 99 KB
17 KB 26ms
15ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/all.min.css

Requested by

Host: rifascs2.com
URL: https://rifascs2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5e8e8eb22e2eaf1ad02370c22c63c04774ab0b83b4329d5945333750814bb2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rifascs2.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 03:16:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1724790
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 17188
last-modified: Mon, 25 Jul 2022 19:31:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "62deef96-4324"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ievyg9d4Rfvwxz17FTmYSsqpkq%2FWM8v8EE%2Fydmm5EVioQLlMOCRE52q3TumKeIavPzLf1JyPlQ4Ohtm6KzwJM8PN%2FIB1spEcR47VVMIidMPkDYQ3lFCp49G%2BonqmgicT56U27Hb%2FzrEZMIrh%2B1T4xB0c"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 884835bb59691ca9-FRA
expires: Tue, 06 May 2025 03:16:35 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
899 B 42ms
15ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lexend:wght@400;500&display=swap

Requested by

Host: rifascs2.com
URL: https://rifascs2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1a10c6fb64f864a5967f229ad7857a97a6aec9032a48ff406b7bb59afc6ed4b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rifascs2.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 May 2024 03:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 May 2024 03:16:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 May 2024 03:16:35 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
51 KB 38ms
22ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2984742400813413

Requested by

Host: rifascs2.com
URL: https://rifascs2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d28e952f50c0029498bd273ab6ef25d88245d8da7f0b77bec5711581441995a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rifascs2.com/
Origin: https://rifascs2.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 03:16:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52151
x-xss-protection: 0
server: cafe
etag: 6663637272420519855
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 16 May 2024 03:16:36 GMT

GET
H2 200 61029217062116642027.png
cdn.rd.app/logos/ 13 KB
13 KB 654ms
615ms Image
image/png 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.rd.app/logos/61029217062116642027.png
Requested by: Host: rifascs2.com
URL: https://rifascs2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c76334919b816fe606d32e4894fd190f4f40e9a8b3ecaba7a6859f6020960d8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rifascs2.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 03:16:36 GMT
cf-cache-status: MISS
last-modified: Thu, 25 Jan 2024 19:41:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "57c30782e373e03da257aabc727ad1bd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ohSVPgjuRGuLJQgj%2F01sX1bUOqpHqCP3VCxsmpDGefjcGIexIfhx%2BwKBTxb%2BNHxDtga1SKZZVv4d%2FDjpbK7mPw6VuN%2BVj%2BaTLjWJEMw4JAct4mVhUPeLI%2BrDnzsSFeGBeugl3oQY3ko%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 884835bb8ef6928d-FRA
content-length: 13264

GET
H2 200 ak47-gelo-compacto-mw-17053401477217.jpg
cdn.rd.app/raffles/ 1 MB
1 MB 632ms
609ms Image
image/jpeg 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.rd.app/raffles/ak47-gelo-compacto-mw-17053401477217.jpg
Requested by: Host: rifascs2.com
URL: https://rifascs2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71304dbd1c64836f3d9a10517bdf720c908ab5b3463f1936433aa98d3d65aae8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rifascs2.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 03:16:36 GMT
cf-cache-status: MISS
last-modified: Mon, 15 Jan 2024 17:35:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6ef162cd23ac7c87de082f14a9953ca9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FE8%2B9QHoI%2BKNtByVmrdGdaXcBz6c4hQEvbCM9tn7NvjjeKZV3%2F1pjGwx0G%2F25Ei8tX6nl0AQhcu9N9V5yYV1V%2FS8yKPQtDpC3c%2BMWeoq9CNPT3sx5r9lEjxs%2BlomQe7eJIBNDYX0dvA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 884835bb8ef7928d-FRA
content-length: 1150502

GET
H2 200 ak47-gelo-compacto-pouco-usada-ou-pix-no-valor-da-skin-17056084728266.jpg
cdn.rd.app/raffles/ 1 MB
1 MB 891ms
889ms Image
image/jpeg 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.rd.app/raffles/ak47-gelo-compacto-pouco-usada-ou-pix-no-valor-da-skin-17056084728266.jpg
Requested by: Host: rifascs2.com
URL: https://rifascs2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71304dbd1c64836f3d9a10517bdf720c908ab5b3463f1936433aa98d3d65aae8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rifascs2.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 03:16:36 GMT
cf-cache-status: MISS
last-modified: Thu, 18 Jan 2024 20:07:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6ef162cd23ac7c87de082f14a9953ca9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4LXD6SeUb%2ByYOhhzEDTep5EQc8sIW2OKId%2F5k8jUcTnkXZca8d0r6%2BF0lPEPqXT%2Fkz2HoNKVc%2BeuhYFLauxRhTOdKPf1Ld4%2B1CafAi88eG1oIVmUBkPivHLLNYF85EBI81OzL%2BNdqMI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 884835bd2f9f928d-FRA
content-length: 1150502

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 266 KB
93 KB 50ms
25ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MDPCFZ7

Requested by

Host: rifascs2.com
URL: https://rifascs2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

be66483f59046f8512e8834b03dc0469bb86c5300ef2e9f83936a9bfab0c287c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rifascs2.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 03:16:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94492
x-xss-protection: 0
last-modified: Thu, 16 May 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 May 2024 03:16:36 GMT

GET
H3 200 Inter-Medium.woff2
rsms.me/inter/font-files/ 109 KB
110 KB 33ms
24ms Font
font/woff2 2606:4700:3038::6815:eaea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/font-files/Inter-Medium.woff2?v=4.0
Requested by: Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eaea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8458f8afa67b5691c1fcbe51607a2dafb53a9839e48131c608a186b65415d96d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rsms.me/inter/inter.css
Origin: https://rifascs2.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fastly-request-id: 5c5cdb66b0370d4245dbdc6d4b480358e74eb469
date: Thu, 16 May 2024 03:16:36 GMT
via: 1.1 varnish
expires: Wed, 01 May 2024 23:40:42 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache: MISS
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 111380
x-served-by: cache-fra-eddf8230105-FRA
last-modified: Mon, 25 Mar 2024 16:53:19 GMT
server: cloudflare
x-github-request-id: EFAA:309BDC:1396E49:141CBEF:6632D0A1
x-timer: S1715829396.058879,VS0,VE0
etag: "6601abff-1b314"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ACE31ZZav7YCIgML%2FZ7n8tJrGcxX5Qw0qzqYAIxudkWYs0xavVZltD9%2B8dm19ndub%2FHo7oed4fwYUT5QylQknCmmh7IhOop28ppn%2FzqbRvQDarAWBe7fDhzycDfKXa6X6Aa%2B0rkd"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
x-origin-cache: HIT
cf-ray: 884835bd4a173611-FRA
x-cache-hits: 2

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405090101/ 412 KB
139 KB 48ms
34ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2984742400813413&plah=rifascs2.com&aplac=true&bust=31083539

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2984742400813413

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4c313cec8130aefc6b0e9cb96f2e861accff31082cd4c3aa429b333ba255a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rifascs2.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 03:16:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142604
x-xss-protection: 0
server: cafe
etag: 16866327520844394558
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 16 May 2024 03:16:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 310 KB
103 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KHYBPRP9RF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDPCFZ7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc07452cf44872d9f5c9cce54896f38c709b7a2c29820a146a57932a5e7516b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rifascs2.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 03:16:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 105608
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 16 May 2024 03:16:36 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 28ms
7ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDPCFZ7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rifascs2.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 16 May 2024 03:16:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57845
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1326, tbw=2773, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: w7Irx61FArDGqp0GIl7j44XrkU8vJ+jIY0QGP9fl47WMW7VsOSHdSFEsPnotyerAIG8HGx/T/y/gwqxnBgOEdw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 239 KB
85 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-10846468162&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDPCFZ7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1fcea9c2fadd53f8419a8685ae5d8f9012fa3f713b565fb3ea2fccbe1a2a448a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rifascs2.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 03:16:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86754
x-xss-protection: 0
last-modified: Thu, 16 May 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 May 2024 03:16:36 GMT

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240513/r20110914/ Frame 754E 0
0 19ms
6ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20240513/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2984742400813413&plah=rifascs2.com&aplac=true&bust=31083539

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://rifascs2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 41043
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 May 2024 15:52:33 GMT
etag: 5035419970550746386
expires: Wed, 29 May 2024 15:52:33 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame CCAD 0
0 41ms
36ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2984742400813413&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1715829396&plat=2%3A16777216%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Frifascs2.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1715829396082&bpp=4&bdt=362&idt=72&shv=r20240513&mjsv=m202405090101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=6483941076470&frm=20&pv=2&ga_vid=705383100.1715829396&ga_sid=1715829396&ga_hid=519679188&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31083359%2C42531706%2C44798934%2C95331982%2C31083539%2C95331712%2C95332416&oid=2&pvsid=762142154309365&tmod=1337790406&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=84

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://rifascs2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 May 2024 03:16:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
38ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&cls=px-4%20bg-white%20h-%5B48px%5D%20sm%3Ah-%5B64px%5D%20min-w-full%20fixed&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: rifascs2.com
URL: https://rifascs2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rifascs2.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 16 May 2024 03:16:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 619464952447923 Show response
connect.facebook.net/signals/config/ 56 KB
12 KB 74ms
74ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/619464952447923?v=2.9.156&r=stable&domain=rifascs2.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e849e3d4af58f71bc8ea022c6e83b0300fa7624c01878f0c5df9ec364e39a9ef

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rifascs2.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 16 May 2024 03:16:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=63, mss=1326, tbw=63319, tp=-1, tpl=-1, uplat=67, ullat=0
pragma: public
x-fb-debug: sq/CMlPDVY8s4nGChAFdAY/RQeQR7W+fNSDJQopaB+qjOKLwbCRUVf6VBgxxnltuyH7AJJflaRHcX2Cn4nIAyg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 40ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KHYBPRP9RF&gtm=45je45f0v875720306z8857888618za200&_p=1715829396022&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=705383100.1715829396&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715829396&sct=1&seg=0&dl=https%3A%2F%2Frifascs2.com%2F&dt=Rifas%20CS2%20%7C%20Rifa%20Digital&en=page_view&_fv=1&_ss=1&tfd=756
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KHYBPRP9RF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rifascs2.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 16 May 2024 03:16:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rifascs2.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
252 B 62ms
18ms Ping
text/plain 2a00:1450:400c:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KHYBPRP9RF&cid=705383100.1715829396&gtm=45je45f0v875720306z8857888618za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KHYBPRP9RF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rifascs2.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 16 May 2024 03:16:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rifascs2.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
55 B 35ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KHYBPRP9RF&gtm=45je45f0v875720306z8857888618za200&_p=1715829396022&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=705383100.1715829396&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=AAAC&_s=2&sid=1715829396&sct=1&seg=1&dl=https%3A%2F%2Frifascs2.com%2F&dt=Rifas%20CS2%20%7C%20Rifa%20Digital&en=page_view&_et=2&tfd=761
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KHYBPRP9RF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rifascs2.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 16 May 2024 03:16:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rifascs2.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 32ms
17ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KHYBPRP9RF&cid=705383100.1715829396&gtm=45je45f0v875720306z8857888618za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=589698117

Requested by

Host: rifascs2.com
URL: https://rifascs2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rifascs2.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 16 May 2024 03:16:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 404 collect
fbapi.rifa.digital/g/ 0
0 259ms
228ms Ping
text/html 2606:4700:20::ac43:44de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fbapi.rifa.digital/g/collect?v=2&tid=G-KHYBPRP9RF&gtm=45je45f0v875720306z8857888618za200&_p=1715829396022&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=705383100.1715829396&ul=de-de&sr=1600x1200&_fplc=0&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=3&sid=1715829396&sct=1&seg=1&dl=https%3A%2F%2Frifascs2.com%2F&dt=Rifas%20CS2%20%7C%20Rifa%20Digital&en=PageView&ep.event_id=1715829396129.160312.1&_et=1&tfd=771
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KHYBPRP9RF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rifascs2.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

GET
H3 200 UserProfile-CQqzW7T9.js Show response
rifascs2.com/build/assets/ 12 KB
5 KB 200ms
200ms Script
application/javascript 2606:4700:3035::6815:4ed2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rifascs2.com/build/assets/UserProfile-CQqzW7T9.js

Requested by

Host: rifascs2.com
URL: https://rifascs2.com/build/assets/app-czMLJR-s.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:4ed2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c90389a6f10f5d1c26f53f4eca23aa57ba6ce19ab9ec35906a162c54ec30e31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://rifascs2.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 03:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 14 May 2024 01:41:54 GMT
server: cloudflare
etag: W/"6642c162-30e8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MUPKZceDWUJvfY2J55kfSCoP9fljLCaNI%2BCO6CLuvyuTseVjIblXuvl6ocWG0L%2FK%2FA7li33QEG9ofwflAVN8FYJntVQkvamWQYCIaTvtbKAZWzw3%2BclznbAgOAjwguqDlyTrAvBDeSRUMio%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 884835beafffbbd7-FRA

GET
H3 200 Tooltip-CgTnK2pW.js Show response
rifascs2.com/build/assets/ 14 KB
6 KB 204ms
203ms Script
application/javascript 2606:4700:3035::6815:4ed2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rifascs2.com/build/assets/Tooltip-CgTnK2pW.js

Requested by

Host: rifascs2.com
URL: https://rifascs2.com/build/assets/app-czMLJR-s.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:4ed2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df2123c99d650743c50ff14a19c4cec68e51e2eeb4c51a3c30c271d0ea9b091e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://rifascs2.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 03:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 14 May 2024 01:41:54 GMT
server: cloudflare
etag: W/"6642c162-3649"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TEzaEFAENs5s4XCz2Wkit7SD%2F088TGz34mY4WhsU8C%2FlHPc%2Bne9CsjBHF4AOhY%2F0y%2BmWRBvKJccUQZ9h0XMyI7%2BY6rjZJliLbIv0dpkfP%2BZ2FNsen2scMqsRr29ei2sCMM0wPZi7fL1mOe0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 884835bea800bbd7-FRA

GET
H3 200 _plugin-vue_export-helper-DlAUqK2U.js Show response
rifascs2.com/build/assets/ 91 B
578 B 209ms
208ms Script
application/javascript 2606:4700:3035::6815:4ed2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rifascs2.com/build/assets/_plugin-vue_export-helper-DlAUqK2U.js

Requested by

Host: rifascs2.com
URL: https://rifascs2.com/build/assets/app-czMLJR-s.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:4ed2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb85b0f263dbe24e857338301c0627076592e9f1f1a5662929f86d2c126444aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://rifascs2.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 03:16:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 14 May 2024 01:41:54 GMT
server: cloudflare
etag: W/"6642c162-5b"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tijs2fctf67eAn%2FFpKWUz1BnYzWpAK%2Frarx0clOBvaLEe3O5zMgighFu2zwz3SI92sBIcpaKv7vqfOxHZMDFGR2YjR8cuPbfGAu4HB%2BSA1e9cs5HtgbQkqIkqGQrnW5%2B38AejgN55gWc%2BhI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 884835bea801bbd7-FRA

GET
H3 200 ArrowRightIcon-CmDReLwT.js Show response
rifascs2.com/build/assets/ 448 B
810 B 199ms
197ms Script
application/javascript 2606:4700:3035::6815:4ed2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rifascs2.com/build/assets/ArrowRightIcon-CmDReLwT.js

Requested by

Host: rifascs2.com
URL: https://rifascs2.com/build/assets/app-czMLJR-s.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:4ed2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5041c84ea8c1da7d8a995c80295bf6b7556c0764b8e63d067d567993dd037089

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://rifascs2.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 03:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 14 May 2024 01:41:54 GMT
server: cloudflare
etag: W/"6642c162-1c0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oPMAbswpy0xywqs6V%2FB7r6Pba2y25CAfBrvwzcqeEwHdTyHOxyUK%2FghnIAMYMagTcrE0ixmzs8wyyfB8Brm5nQf7glX1eavCu3E5j7Z%2FXc2p%2FrJmWDIhsrisEwYxoywsE2bo7G0U9E99x8s%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 884835bea802bbd7-FRA

GET
H3 200 ModalV2-DT3N2FhE.js Show response
rifascs2.com/build/assets/ 2 KB
1 KB 192ms
190ms Script
application/javascript 2606:4700:3035::6815:4ed2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rifascs2.com/build/assets/ModalV2-DT3N2FhE.js

Requested by

Host: rifascs2.com
URL: https://rifascs2.com/build/assets/app-czMLJR-s.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:4ed2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f733c3c20bc9ce1eb8550fb24b31575b6b481c0c78c52d72a161413da7a3352f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://rifascs2.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 03:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 14 May 2024 01:41:54 GMT
server: cloudflare
etag: W/"6642c162-75e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p4gJV%2FFH8J0Q2sEkJLqq7OvXWYgidNBgM5PpGSEEnLBcmtgLlUZq3fJ284h81OMdZyhIZWAQUQ%2BObcLTZ7simVwqnZ3aVpb0sxQV0EVMPXcoIBswC55RNSZvRIQXMnijgm807HOpDFOfcdM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 884835bea804bbd7-FRA

GET
H3 200 transition-DF4es14Y.js Show response
rifascs2.com/build/assets/ 23 KB
9 KB 201ms
199ms Script
application/javascript 2606:4700:3035::6815:4ed2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rifascs2.com/build/assets/transition-DF4es14Y.js

Requested by

Host: rifascs2.com
URL: https://rifascs2.com/build/assets/app-czMLJR-s.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:4ed2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

315a68e263353aefd9df9ef8159166d7207bd9595e578bc056e1dad228a52461

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://rifascs2.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 03:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 14 May 2024 01:41:54 GMT
server: cloudflare
etag: W/"6642c162-5be4"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zok%2F9EVq6X5qq4BzKJh%2FZKqGyWDD0e2M80Wc5vxV0FdoIybfRPr9PNAdY3HWObHEahIHuDLFcPSm7%2FgieRtMkebqQiG0hcAwN70f6SFJiYoW%2BmnoUMklYNDBL4qHAEkAftYGrLLbBxXn%2B8k%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 884835bea805bbd7-FRA

GET
H3 200 use-outside-click-ex9HXzr3.js Show response
rifascs2.com/build/assets/ 5 KB
3 KB 195ms
194ms Script
application/javascript 2606:4700:3035::6815:4ed2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rifascs2.com/build/assets/use-outside-click-ex9HXzr3.js

Requested by

Host: rifascs2.com
URL: https://rifascs2.com/build/assets/app-czMLJR-s.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:4ed2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f4e320d23cade6842e7856d4bf5fc3728a56a1b2d6c25091ad25d24f8964757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://rifascs2.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 03:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 14 May 2024 01:41:54 GMT
server: cloudflare
etag: W/"6642c162-145d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bPEugWRdmCBCRij%2BMxOnk7Z%2F%2FQ6lcPoQaSOMJmCj3E1B%2FLeHd%2FZFSdi4fqQdk6RM6EMFzfrVn2QD4SDIJUG8o7ssgfiOUy4JmbqMbZPx2Wef6NSHYeWVAJxi3UL%2FvUwzHOiox4TbFGrocd0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 884835bea806bbd7-FRA

GET
H3 200 keyboard-CmdIE763.js Show response
rifascs2.com/build/assets/ 4 KB
2 KB 207ms
206ms Script
application/javascript 2606:4700:3035::6815:4ed2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rifascs2.com/build/assets/keyboard-CmdIE763.js

Requested by

Host: rifascs2.com
URL: https://rifascs2.com/build/assets/app-czMLJR-s.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:4ed2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adb886310054842fbeb92380e0ab098706c1503d97fae7d3b0f5d3eafebfc3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://rifascs2.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 03:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 14 May 2024 01:41:54 GMT
server: cloudflare
etag: W/"6642c162-e54"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G382L%2BMpoX2NmOHRFe%2FKLk7uYPoeyqRaWeDABJjfgiaSVdjOypeQ1yjDElS%2FtcSU1ldU1%2BkX%2FtD2eiJl%2FuAVjUk1sREY8TRdPwOpGzoFHVDuQeu1dsVPPn2ICHvOaDlZ5NDP6jqqXZ7SN%2FM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 884835bea807bbd7-FRA

GET
H3 200 hidden-CjP5Wd-o.js Show response
rifascs2.com/build/assets/ 703 B
974 B 194ms
193ms Script
application/javascript 2606:4700:3035::6815:4ed2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rifascs2.com/build/assets/hidden-CjP5Wd-o.js

Requested by

Host: rifascs2.com
URL: https://rifascs2.com/build/assets/app-czMLJR-s.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:4ed2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6f96d47c4cab271fff69a95d39b4309ebebd7e828efead16adb70ce163f36da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://rifascs2.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 03:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 14 May 2024 01:41:54 GMT
server: cloudflare
etag: W/"6642c162-2bf"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O4BB9ABzJbMXVlojHHfKvlg9S76AlptKjmgcS7uXfL1UDfRJzARh0HexRmO6kMYk8PZy67ag%2BpfRxnZqy2GH6P6ZlL6q1JTi4HUI6Lmh7z4ZiU2NFmNlJ%2FtGZovVG%2BsQ%2Fda%2FqWLjCEA1GII%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 884835bea809bbd7-FRA

GET
H3 200 PhoneInput-CxpNW6q8.js Show response
rifascs2.com/build/assets/ 646 B
942 B 200ms
198ms Script
application/javascript 2606:4700:3035::6815:4ed2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rifascs2.com/build/assets/PhoneInput-CxpNW6q8.js

Requested by

Host: rifascs2.com
URL: https://rifascs2.com/build/assets/app-czMLJR-s.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:4ed2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5856f8e9e45ca00f1a6d9fdbfb5731dfef816515fac2f8b471a7eeca6481a055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://rifascs2.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 03:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 14 May 2024 01:41:54 GMT
server: cloudflare
etag: W/"6642c162-286"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yl2W%2Fmq5CI2DdVE31xpIGqYiXFCIxsQR7E2V4gHEZ%2Bq0b1G3u%2F41iCH0uZuOgDyKlgx2ZKjSwEi%2Fok%2BS0rxvV10N5Krv7pQq6Zhw%2FKvz5x43EAiQ4IEZsijd6qLghm%2Fokh%2BgaujVMwIVd94%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 884835bea80abbd7-FRA

GET
H3 200 countries-_dlOgJfJ.js Show response
rifascs2.com/build/assets/ 2 KB
1 KB 190ms
189ms Script
application/javascript 2606:4700:3035::6815:4ed2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rifascs2.com/build/assets/countries-_dlOgJfJ.js

Requested by

Host: rifascs2.com
URL: https://rifascs2.com/build/assets/app-czMLJR-s.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:4ed2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

867f4d910537ac245d49041ad732aa5caecea7a6cc916bc9ab924c7cbfaaa084

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://rifascs2.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 03:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 14 May 2024 01:41:54 GMT
server: cloudflare
etag: W/"6642c162-62a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pOkQNlfhSFHt7RdoUSQGfkYsLrKsrC3OKDwvDcQujtefnt%2FpVXsJVBtv1ATrzADz2gjM5zFTRDr0IKQD10CtGVHTP%2FzyKeSu27sJsXDnRQJuEtkGHYMpkd5rtHulpBERCbZzH9qGX%2BWyZfI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 884835bea80bbbd7-FRA

GET
H3 200 CountrySelect-B47p0BRI.js Show response
rifascs2.com/build/assets/ 3 KB
2 KB 210ms
209ms Script
application/javascript 2606:4700:3035::6815:4ed2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rifascs2.com/build/assets/CountrySelect-B47p0BRI.js

Requested by

Host: rifascs2.com
URL: https://rifascs2.com/build/assets/app-czMLJR-s.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:4ed2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

493e24360fa9410d399d6b19a5cb98201299cea837deec0b635d635e7a0d652d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://rifascs2.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 03:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 14 May 2024 01:41:54 GMT
server: cloudflare
etag: W/"6642c162-b3b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=syO75kid4azhjvW8PBZKkdWYRHpO5lXmTXVxpABakH88MA2M0hLRUsrFmaIsqTdwoqHBAUtkqF%2BFG5h8CKegPyXqMUlbgEuJx9BzgJigKX2f%2B0o1%2Bl587k0eN%2B3MJ6r18p2DTsgBtZkHVcs%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 884835bea80cbbd7-FRA

GET
H3 200 listbox-Bhwvq0vo.js Show response
rifascs2.com/build/assets/ 11 KB
4 KB 209ms
208ms Script
application/javascript 2606:4700:3035::6815:4ed2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rifascs2.com/build/assets/listbox-Bhwvq0vo.js

Requested by

Host: rifascs2.com
URL: https://rifascs2.com/build/assets/app-czMLJR-s.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:4ed2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f694cf2f03396b80d18c51762ef0f95045e2de047a8fee6f4623f33dac0d7df3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://rifascs2.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 03:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 14 May 2024 01:41:54 GMT
server: cloudflare
etag: W/"6642c162-2acf"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iHFSMdhhSE6vedFCfDdVKI6rOfLzTpwnVXoYBraGdgRzgCGZWqNC4kp8M0mFuqDmB0t2%2Ff0xVA5dociCFz9kVrop1xRmCmcVHQxTfgEReZOuaNC4spZpjpzvIekcJOM1sbKiJiyzoF%2F4Als%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 884835bea80fbbd7-FRA

GET
H3 200 form-BAFRk4p4.js Show response
rifascs2.com/build/assets/ 959 B
1 KB 196ms
195ms Script
application/javascript 2606:4700:3035::6815:4ed2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rifascs2.com/build/assets/form-BAFRk4p4.js

Requested by

Host: rifascs2.com
URL: https://rifascs2.com/build/assets/app-czMLJR-s.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:4ed2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe4160e50954d794dce67f8b38818d958cc52203463567e02ecefc801d59c6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://rifascs2.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 03:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 14 May 2024 01:41:54 GMT
server: cloudflare
etag: W/"6642c162-3bf"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BXHXRNyKHyetTQqi76dUI%2BCUfxVnzBKw3Cn6nd1CA79CBKlbV70xYVtnEXVkPdanSGCFaC2a650rtJplW3129nBm0%2FEIF%2BtLqlfPc7vmmHk8kux0%2FMWFy7PoJOlj1dRqXg1MzyieAReNYY8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 884835bea811bbd7-FRA

GET
H3 200 use-resolve-button-type-rC9aKRRa.js Show response
rifascs2.com/build/assets/ 455 B
805 B 203ms
202ms Script
application/javascript 2606:4700:3035::6815:4ed2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rifascs2.com/build/assets/use-resolve-button-type-rC9aKRRa.js

Requested by

Host: rifascs2.com
URL: https://rifascs2.com/build/assets/app-czMLJR-s.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:4ed2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6caf7a3e03a1640befb8e6be9327554562ed96d4c97dd4e41dc5d18fcb46352

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://rifascs2.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 03:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 14 May 2024 01:41:54 GMT
server: cloudflare
etag: W/"6642c162-1c7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7EvHpXEmrCJ8%2BCek%2BF4ychjdqAz%2BbOVEvwftwqaDWXDtCjIhY3xy8zBWRkgi%2BEk7Uy2NCMTeTJpwEBDANok6i3DJ2B0KVCf42pYSev4vinmAT%2FWrUO5riP2wOyKL%2BR7qCZJ6qIFTp0Ja%2Foc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 884835bea812bbd7-FRA

GET
H3 200 use-text-value-D9jqaqfM.js Show response
rifascs2.com/build/assets/ 2 KB
1 KB 204ms
203ms Script
application/javascript 2606:4700:3035::6815:4ed2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rifascs2.com/build/assets/use-text-value-D9jqaqfM.js

Requested by

Host: rifascs2.com
URL: https://rifascs2.com/build/assets/app-czMLJR-s.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:4ed2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbb46f868998e50dc37985da452c5c7cc81d09b4d51320ea1fc837393196b485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://rifascs2.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 03:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 14 May 2024 01:41:54 GMT
server: cloudflare
etag: W/"6642c162-81e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZAaUNxuyiZmMn1fp%2FD9QSulpaTxxHBiOGAjH45o1Cj1zmuOYppmbxFlcBL5ZYCSXu4hHkkokBgQr5RfD183LUuVeLiNS%2BwwHKF3QCV2EKqavbYV8sNC0fa4RdNaZ4AnvcUgiqsoifW6Bivo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 884835bea813bbd7-FRA

GET
H3 200 ShoppingCartIcon-DXTo2XUV.js Show response
rifascs2.com/build/assets/ 671 B
908 B 211ms
210ms Script
application/javascript 2606:4700:3035::6815:4ed2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rifascs2.com/build/assets/ShoppingCartIcon-DXTo2XUV.js

Requested by

Host: rifascs2.com
URL: https://rifascs2.com/build/assets/app-czMLJR-s.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:4ed2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00057bf5ff2ea73e04754e70a551100a112b29a97e52eb726d2ba942350af167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://rifascs2.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 03:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 14 May 2024 01:41:54 GMT
server: cloudflare
etag: W/"6642c162-29f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kKfWFLwb4Zxuncm58bC%2Fq4FwqC%2BVR1gZ6%2B0KdzKUqkN4vHwgVmrUjXdCFRfrrfcn7XeBMVFpRhI6wBiehDqxNsAWaXQDSZV36WLpjT0eNEInMoswYng5%2FF%2F017WRHjXUX6Iln5seZarDW7s%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 884835bea814bbd7-FRA

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 26ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=619464952447923&ev=PageView&dl=https%3A%2F%2Frifascs2.com%2F&rl=&if=false&ts=1715829396277&sw=1600&sh=1200&v=2.9.156&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1715829396277.239410892&ler=empty&cdl=API_unavailable&it=1715829396191&coo=false&eid=1715829396129.160312.1&tm=1&rqm=GET

Requested by

Host: rifascs2.com
URL: https://rifascs2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rifascs2.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1326, tbw=2765, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 16 May 2024 03:16:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 22ms
21ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240513&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de15109effbbe26ecaba9e793a9dba84e53abcae959724ef7ff91a9f5e7170b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rifascs2.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 03:16:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12886
x-xss-protection: 0

GET
H3 200 favicon2.png
rifascs2.com/images/ 412 KB
412 KB 375ms
375ms Other
image/png 2606:4700:3035::6815:4ed2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rifascs2.com/images/favicon2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:4ed2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4beab007326b210349e30a05dc28160e8e058f840f8be41b8e3650dd6e11761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rifascs2.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 03:16:37 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 421668
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Nov 2023 03:03:39 GMT
server: cloudflare
etag: "6554350b-66f24"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Z3WKS91ylLpZ%2BI2Y1nVaKi%2FipthgWO6RURRq6uGb71wH27P1o4a%2FNdQT52TiT4OwN%2BAWA4xSwK8T1%2BDM%2FQIk%2BSgVbVrUp7saLZ6NzoMEsh9tG79CJjekYxf7fHWqlPT8mrab6whB%2BQw0wg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 884835c48c61bbd7-FRA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 62ms
26ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rifascs2.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 03:16:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 16 May 2024 03:16:37 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E4F2 0
0 25ms
6ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://rifascs2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 18050
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 15 May 2024 22:15:47 GMT
expires: Thu, 15 May 2025 22:15:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H3 200 favicon2.png
rifascs2.com/images/ 412 KB
0 0ms
0ms Other
image/png 2606:4700:3035::6815:4ed2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rifascs2.com/images/favicon2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:4ed2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4beab007326b210349e30a05dc28160e8e058f840f8be41b8e3650dd6e11761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rifascs2.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 03:16:37 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 421668
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Nov 2023 03:03:39 GMT
server: cloudflare
etag: "6554350b-66f24"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Z3WKS91ylLpZ%2BI2Y1nVaKi%2FipthgWO6RURRq6uGb71wH27P1o4a%2FNdQT52TiT4OwN%2BAWA4xSwK8T1%2BDM%2FQIk%2BSgVbVrUp7saLZ6NzoMEsh9tG79CJjekYxf7fHWqlPT8mrab6whB%2BQw0wg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 884835c48c61bbd7-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240513&jk=762142154309365&bg=!a2ilaCfNAAav94VWj_c7ADQBe5WfONZ_gJWfl1XbB80UG4fbMF8SQ_AnSDo8NoXdx76wRr6l6uVyiegJBIQuVB-GIiSUAgAAACFSAAAAAWgBB34ANnyV7oy1zADZlQIdqEU7nIPm14ckqkzD4BUIXk2aiXCVMwEqSV1XiRxXm3ybRAKzfxj7wSFNrAoAWC3AlzUOIng6jAo7FdXuGAuim9LcVChsbqi9YxwhQFsgdo3Q72spZSrmsmTsaQ_uoaa0p7RrctZ2-Tbt_R2WKis5Ki_RKCVbvfaAjOd_zG-YQ8sMh2ij0wWZApCEL6I87I9YDU5XG15Tqu2AYCQmnmDPNjI2llqkTg99UtKgwcVxDM4TW8h8GYVXCKiN4a_GaroFkuZtu_9NxVBozuWManJt_LFKlfKKRGkkEHoU4c6hh2wOwpxSwRdFsNQ94xiQb1ljHY2OKPI0fjIxVKUNGCZvTmySM1ClJCNortVTE60ZPEAiWxWudLp3Pshapp1x3sgUac3vmrMiN7XXdhY-Nhuil0dxXOU3DteNyGtqZQHSAcZZcsPvVUJxiORhH4Mq2VXb7ETkaKbApyVqivGxk9cWpKU95aqnVmsx9EON8XguSIuYLfl1xrgMoRVVeU9C0v18oVLgR-PgNtssT-dyzqIRbq8gM-rNi61_o8ju2rgH1ecHX0bg6guCLYxy3-o4_7A8KR-iHPA1gWozEZRw95uKNAkFYbKzi18MtouDu-wqzPvGbBUSNzw_uI1MWvpUB0JY7ZEpUDo5d-CjGebBp3pDxi2rdaW5LeforNJQfPndvwHPePgVN1TDbGs3rjyKLmqfvi0uMrRH2hs_LE-ZAK3yXWZoci6WIISDh2-5d5z_5-1b9trd2l7-_RbK8m9Q38ucmkahQBsZnJQ8kLlnAAHOTP2L45loMyFykNEmvzmb06iXj5Sk5WDvi2raHtIwusOU7rBX5-W-kn9rYyqcs2WcEARf7-1i2YRVm67DUQ-6Q-47U4wBEGN9dhTKxMFclgVxqutXDLGGTsW9OddTzEFIjBDnRQZzoS46HS0LrUtqlAqTDqijKFgvHcrE7kAbVNRisQC1Cyhw9HfhGdiRmC6T-FHAXfcvgjZKBUF1TOxuvHf5GWERBsi2bt7Z-ydIg7pzHlt9HP_vbIHwHViIOcKXxw4Z-MBdRG640Q

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rifascs2.com/	1970-01-20 20:37:38	Name: XSRF-TOKEN Value: eyJpdiI6IlFoeWx0UHd0UklPUnlsb1pwbVlPYmc9PSIsInZhbHVlIjoiT2xUZGFyNllvL3ZHSHl1NU1YN0ozUEpqdHhVZGhxVXAyUzFJcGVmNzRsbVhZOTEzTnQzY2hMYjRmTU9FT1pxbjJOc1IrUGFtL2RyZVF5bHNaVU50a1pIalRDa1pBU0Q2bHE0a3dkTVFaU0ZwMVBUcHp0QkZ6R0tEMmdzc0w4aSsiLCJtYWMiOiI5YjkyODE1NTE5MGYzYmYzZjUzMjZjOGVhYzMyZDY0ZTNjNTEwZGY1M2I5ZTdjNjVjYmM2ZGFhOWQxYzA3ZDAxIiwidGFnIjoiIn0%3D
rifascs2.com/	1970-01-20 20:37:38	Name: rifadigital_session Value: eyJpdiI6Ilk3Tm5OeWZYMUlaRU4vdWNzT2l6cnc9PSIsInZhbHVlIjoiRGUyQlpGZkJSU2wzcmJ2Nk9nVXdWZHQ5NHFKRUY4NUVQb3Z1THJ6U3A1VXhZUkVpcjdpU2tyM0xHSnNCV1ZPa1Y1a3J0K2hDUzlUUVczZXJoNkZzc2x6QmExN1pIb25keEVkMVU1YW1xR3V6RGlFTjg0Sy8vWXlMUTlnR2N1aFAiLCJtYWMiOiJmNWU3NjcxOTA1MDVlZDY0NDJjZjBmNGVmNDcxYzJmNTFlYjdmZWM1MWM0MGMwMWI2MjY1OGE1ZTlmYzRiNzc5IiwidGFnIjoiIn0%3D
.rifascs2.com/	1970-01-20 22:46:45	Name: _gcl_au Value: 1.1.2102325453.1715829396
.rifascs2.com/	1970-01-21 06:13:09	Name: _ga Value: GA1.1.705383100.1715829396
.rifascs2.com/	1970-01-21 06:13:09	Name: _ga_KHYBPRP9RF Value: GS1.1.1715829396.1.1.1715829396.60.0.0
.rifascs2.com/	1970-01-20 22:46:45	Name: _fbp Value: fb.1.1715829396277.239410892

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/619464952447923?v=2.9.156&r=stable&domain=rifascs2.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://fbapi.rifa.digital/g/collect?v=2&tid=G-KHYBPRP9RF&gtm=45je45f0v875720306z8857888618za200&_p=1715829396022&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=705383100.1715829396&ul=de-de&sr=1600x1200&_fplc=0&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=3&sid=1715829396&sct=1&seg=1&dl=https%3A%2F%2Frifascs2.com%2F&dt=Rifas%20CS2%20%7C%20Rifa%20Digital&en=PageView&ep.event_id=1715829396129.160312.1&_et=1&tfd=771 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.rd.app
cdnjs.cloudflare.com
connect.facebook.net
fbapi.rifa.digital
fonts.googleapis.com
pagead2.googlesyndication.com
region1.analytics.google.com
rifascs2.com
rsms.me
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google.de
www.googletagmanager.com
pagead2.googlesyndication.com
2001:4860:4802:32::36
2606:4700:20::681a:673
2606:4700:20::ac43:44de
2606:4700:3035::6815:4ed2
2606:4700:3038::6815:eaea
2606:4700::6811:190e
2a00:1450:4001:806::2002
2a00:1450:4001:810::200a
2a00:1450:4001:827::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2001
2a00:1450:400c:c1d::9c
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
00057bf5ff2ea73e04754e70a551100a112b29a97e52eb726d2ba942350af167
08e94fe9f3e2fee54f578a73cced3ac8b0b97a87aeb52ecbd2f979d3b9169d80
1a10c6fb64f864a5967f229ad7857a97a6aec9032a48ff406b7bb59afc6ed4b6
1fcea9c2fadd53f8419a8685ae5d8f9012fa3f713b565fb3ea2fccbe1a2a448a
2c90389a6f10f5d1c26f53f4eca23aa57ba6ce19ab9ec35906a162c54ec30e31
315a68e263353aefd9df9ef8159166d7207bd9595e578bc056e1dad228a52461
4522082cba4909ad4b9a81e3b657c4c243f2e62f6dd5556d1a7b1a72caff6405
493e24360fa9410d399d6b19a5cb98201299cea837deec0b635d635e7a0d652d
5041c84ea8c1da7d8a995c80295bf6b7556c0764b8e63d067d567993dd037089
5856f8e9e45ca00f1a6d9fdbfb5731dfef816515fac2f8b471a7eeca6481a055
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6f4e320d23cade6842e7856d4bf5fc3728a56a1b2d6c25091ad25d24f8964757
71304dbd1c64836f3d9a10517bdf720c908ab5b3463f1936433aa98d3d65aae8
7c76334919b816fe606d32e4894fd190f4f40e9a8b3ecaba7a6859f6020960d8
8458f8afa67b5691c1fcbe51607a2dafb53a9839e48131c608a186b65415d96d
867f4d910537ac245d49041ad732aa5caecea7a6cc916bc9ab924c7cbfaaa084
8fe4160e50954d794dce67f8b38818d958cc52203463567e02ecefc801d59c6c
8fedfb7def1421aa9d58d1732be7164e33eec27b9c87193e010b9ddaa67b6a18
adb886310054842fbeb92380e0ab098706c1503d97fae7d3b0f5d3eafebfc3ba
b4beab007326b210349e30a05dc28160e8e058f840f8be41b8e3650dd6e11761
b6caf7a3e03a1640befb8e6be9327554562ed96d4c97dd4e41dc5d18fcb46352
be66483f59046f8512e8834b03dc0469bb86c5300ef2e9f83936a9bfab0c287c
c5e8e8eb22e2eaf1ad02370c22c63c04774ab0b83b4329d5945333750814bb2f
cb85b0f263dbe24e857338301c0627076592e9f1f1a5662929f86d2c126444aa
ced03da2733a9109766b88a2b537f3ae293049ebe542bf932f6c137d408abcc1
d28e952f50c0029498bd273ab6ef25d88245d8da7f0b77bec5711581441995a1
d4c313cec8130aefc6b0e9cb96f2e861accff31082cd4c3aa429b333ba255a6c
dbb46f868998e50dc37985da452c5c7cc81d09b4d51320ea1fc837393196b485
dc07452cf44872d9f5c9cce54896f38c709b7a2c29820a146a57932a5e7516b3
de15109effbbe26ecaba9e793a9dba84e53abcae959724ef7ff91a9f5e7170b3
df2123c99d650743c50ff14a19c4cec68e51e2eeb4c51a3c30c271d0ea9b091e
e2d563af9985da94140ab1e357815ed83c8e963b0f3e0e49e6485b9eb5bd8c2e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f96d47c4cab271fff69a95d39b4309ebebd7e828efead16adb70ce163f36da
e849e3d4af58f71bc8ea022c6e83b0300fa7624c01878f0c5df9ec364e39a9ef
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f694cf2f03396b80d18c51762ef0f95045e2de047a8fee6f4623f33dac0d7df3
f733c3c20bc9ce1eb8550fb24b31575b6b481c0c78c52d72a161413da7a3352f

rifascs2.com Open in urlscan Pro 2606:4700:3035::6815:4ed2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

50 Requests

98 %HTTPS

100 %IPv6

13 Domains

14 Subdomains

15 IPs

3 Countries

3562 kBTransfer

5570 kBSize

6 Cookies

0 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

rifascs2.com Open in urlscan Pro
2606:4700:3035::6815:4ed2 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

98 %
HTTPS

100 %
IPv6

13
Domains

14
Subdomains

15
IPs

3
Countries

3562 kB
Transfer

5570 kB
Size

6
Cookies

50 HTTP transactions
0 data transactions