rifa321.me Open in urlscan Pro
2606:4700:20::ac43:4897 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rifa321.me/
Effective URL:
https://rifa321.me/
Submission: On December 31 via api (December 31st 2023, 8:28:22 pm UTC) from US — Scanned from DE

Summary HTTP 50 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 12 domains to perform 50 HTTP transactions. The main IP is 2606:4700:20::ac43:4897, located in United States and belongs to CLOUDFLARENET, US. The main domain is rifa321.me.
TLS certificate: Issued by GTS CA 1P5 on November 27th 2023. Valid for: 3 months.

This is the only time rifa321.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 19	2606:4700:20:... 2606:4700:20::ac43:4897	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	35.198.36.195 35.198.36.195	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
50	19

19 2606:4700:20::ac43:4897 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

rifa321.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.198.36.195 (São Paulo, Brazil)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 195.36.198.35.bc.googleusercontent.com

server.rifa321.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	rifa321.me 1 redirects rifa321.me server.rifa321.me	87 KB
8	youtube.com www.youtube.com — Cisco Umbrella Rank: 71	1001 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	94 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 jnn-pa.googleapis.com — Cisco Umbrella Rank: 203	41 KB
4	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 75 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 static.doubleclick.net — Cisco Umbrella Rank: 248	1 KB
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	91 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	160 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 226	3 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 89	47 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6765	408 B
50	12

	Domain	Requested by
19	rifa321.me	1 redirects rifa321.me
8	www.youtube.com	rifa321.me www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
3	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	www.googletagmanager.com	rifa321.me www.googletagmanager.com
1	server.rifa321.me	www.googletagmanager.com
1	www.facebook.com	rifa321.me
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	www.google.de	rifa321.me
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	fonts.googleapis.com	rifa321.me
50	18

This site contains links to these domains. Also see Links.

Domain
api.whatsapp.com
play.google.com
g1.globo.com
jornalipanema.com.br
www.folhametropolitana.com
www.instagram.com
www.youtube.com
www.tiktok.com
www.facebook.com

Subject Issuer	Validity	Valid
rifa321.me GTS CA 1P5	`2023-11-27` - `2024-02-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-10` - `2024-01-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
server.rifa321.me R3	`2023-11-14` - `2024-02-12`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://rifa321.me/
Frame ID: B5CD850895641DF11C3B6F4844BD5BC0
Requests: 29 HTTP requests in this frame

Frame: https://www.youtube.com/embed/1ywiv-gSWzE
Frame ID: 5FF27200A672086BC05C3DFD0A1F0DED
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rifa 321 - Sua campanha em minutos

Page URL History Show full URLs

http://rifa321.me/ HTTP 301
https://rifa321.me/ Page URL

Detected technologies

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

50
Requests

98 %
HTTPS

94 %
IPv6

12
Domains

18
Subdomains

19
IPs

4
Countries

1546 kB
Transfer

4605 kB
Size

8
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://api.whatsapp.com/send?phone=5571999947347&text=Gostaria%20de%20entrar%20em%20contato.
Title: Entrar em contato

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.rifa321.twa&hl=pt_BR&gl=US

Search URL Search Domain Scan URL

URL: https://g1.globo.com/ms/mato-grosso-do-sul/noticia/2022/10/19/na-luta-contra-o-cancer-familia-vende-rifa-para-pagar-tratamento-avaliado-em-r-300-mil.ghtml
Title: Ver mais

Search URL Search Domain Scan URL

URL: https://jornalipanema.com.br/?url=noticia%2Fsorteio-de-uma-camisa-oficial-do-brasil-autografada-para-ajudar-o-campeo-sorocabano-de-kickboxing
Title: Ver mais

Search URL Search Domain Scan URL

URL: https://www.folhametropolitana.com/time-de-futebol-americano-de-joinville-fara-a-ultima-partida-do-ano-com-acao-social/
Title: Ver mais

Search URL Search Domain Scan URL

URL: https://www.instagram.com/rifa321oficial/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@rifa321-oficial

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@rifa321oficial

Search URL Search Domain Scan URL

URL: https://www.facebook.com/rifa321oficial

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rifa321.me/ HTTP 301
https://rifa321.me/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

50 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
rifa321.me/
Redirect Chain

http://rifa321.me/
https://rifa321.me/

14 KB
4 KB

481ms
389ms

Document
text/html

2606:4700:20::ac43:4897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rifa321.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.6
Resource Hash: 011caf5488904a29b6091721fb51e33df5b61e9d13438d76402682f2a5d13947

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate,no-store, max-age=0, no-cache
cf-cache-status: DYNAMIC
cf-ray: 83e5449d1ff01c3e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 31 Dec 2023 20:28:17 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2B2QQ7sy9WiTJv%2FKBbqry0zR1WWjVwcMTEHlt2USr1OkZeCaTlUXGi1rEEwO6MDa%2BjC2QH6oZdMZh2CgEvJSNsBigNxoasyMi0GKH2NZaU6tVzQNpmWb%2FOoZpxeMiyYiuNDLLCElbI8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/8.1.6

Redirect headers

CF-RAY: 83e5449c0cc74d5c-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sun, 31 Dec 2023 20:28:16 GMT
Expires: Sun, 31 Dec 2023 21:28:16 GMT
Location: https://rifa321.me/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=88mlym1m2CcTWvt54Ck6IZTXsE33SUlWE6P0vM8BBh2QsiD%2Bs81NzTxpZ%2FNZwpmQocs2pCdnwF3FqehWyIIMY3OpbqZX4vWbpyBBuqRHg06MxlCtGgFq6cnaijT4SdY%2FDEy1DLr8UDo%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 139ms
48ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Requested by

Host: rifa321.me
URL: https://rifa321.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df1557b4778eaa3469791fd84066eff1ec3ee82aa8769a58938a8c6ea34a9772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rifa321.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 31 Dec 2023 20:28:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 31 Dec 2023 18:59:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 31 Dec 2023 20:28:17 GMT

GET
H2 200 style.css
rifa321.me/theme2/home-alterado-03-06-2023/style/ 13 KB
3 KB 339ms
337ms Stylesheet
text/css 2606:4700:20::ac43:4897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rifa321.me/theme2/home-alterado-03-06-2023/style/style.css
Requested by: Host: rifa321.me
URL: https://rifa321.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7317f6b95876fc3647f1ff17fb969fa66656963ff27cc7bca009d3bca549500e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rifa321.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:28:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 03 Jun 2023 05:13:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"da4ffe1bda95d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ronXDaOkOKk5Z%2BcHOSg%2FlEM59g9uIUbKFiuX%2BB5eVswtLeFJwv0GkHsTv4faV8S%2B%2FepjlR5%2FRCCq%2FcG%2B0YejftcGMpxwqvE%2BMPxq%2Bb1bd4h2aQEdhNTEcqVYc1fkgkVsV42XKCTDag0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 83e5449f9b4b1c3e-FRA

GET
H2 200 Logo%20RIFA%20321.png
rifa321.me/theme2/home-alterado-03-06-2023/imgs/ 4 KB
5 KB 50ms
49ms Image
image/png 2606:4700:20::ac43:4897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rifa321.me/theme2/home-alterado-03-06-2023/imgs/Logo%20RIFA%20321.png
Requested by: Host: rifa321.me
URL: https://rifa321.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bc82e24956e136980a176446f184cd1f9a207a0b3cf5d206d976c9a64823559

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rifa321.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:28:17 GMT
cf-cache-status: HIT
last-modified: Sat, 03 Jun 2023 03:13:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1295
etag: "a924fc54c995d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LnyE2LmsbDSR3WqpW392%2Bcw%2BWi%2FdYtnpIGBTdqnKhrLl1vCfKfpYmbO96kyTRI0%2BQcSw%2FFYAe4Scn2Xffmgg70OhDrtx7zFqGH4W%2FuJLVwtGndgzTT9GO2EdYPO93XSpEd%2Fy%2BVgd4B0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83e5449f9b521c3e-FRA
content-length: 4606

GET
H2 200 iconTicket.png
rifa321.me/theme2/home-alterado-03-06-2023/imgs/ 437 B
756 B 429ms
428ms Image
image/png 2606:4700:20::ac43:4897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rifa321.me/theme2/home-alterado-03-06-2023/imgs/iconTicket.png
Requested by: Host: rifa321.me
URL: https://rifa321.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d58daf523501f1fccc9f64074e0376efe715660ace44669ab909d59b39406455

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rifa321.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:28:17 GMT
cf-cache-status: MISS
last-modified: Sat, 03 Jun 2023 03:13:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "a9627b54c995d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UUAQQxIgmmzsJhWCfjVayqlRod%2F4G2GLkb2BCX1RTZ3KR6e%2FK%2BNcrgSklKkjRKkVIwfph6RpAQX27nsvsZcO3Vs4Ao0JgJMlZOCo3%2ByQH8Nu7U5AuD5ri2gqkrpeEe1u6MIf1GutQnw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83e5449f9b551c3e-FRA
content-length: 437

GET
H2 200 iconMoeda.png
rifa321.me/theme2/home-alterado-03-06-2023/imgs/ 743 B
1 KB 48ms
48ms Image
image/png 2606:4700:20::ac43:4897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rifa321.me/theme2/home-alterado-03-06-2023/imgs/iconMoeda.png
Requested by: Host: rifa321.me
URL: https://rifa321.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c74bb77c5151a9bd468f98c8f833082a9afda3ded764570a5f2c535c384af0c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rifa321.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:28:17 GMT
cf-cache-status: HIT
last-modified: Sat, 03 Jun 2023 03:13:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1294
etag: "618f153c995d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ojKIdoyI4tBZIp8Ggq3sJfyImOQs60QcoiLuy4ohft7faiaE7l35UTcL6ZLcUS48Uo1K0pONR5U3ITZU3fV%2BSotDttm56Fsc8U9awpv4D6Xqv7VF%2Bf7AcQf138TvgIkWV8gYDvdKpGs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83e5449ffbc21c3e-FRA
content-length: 743

GET
H2 200 iconPincel.png
rifa321.me/theme2/home-alterado-03-06-2023/imgs/ 600 B
926 B 413ms
412ms Image
image/png 2606:4700:20::ac43:4897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rifa321.me/theme2/home-alterado-03-06-2023/imgs/iconPincel.png
Requested by: Host: rifa321.me
URL: https://rifa321.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94eb9ffaf69873a4bfbc51c0fee2cd93888987ed8008538ef02a947cc3256966

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rifa321.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:28:17 GMT
cf-cache-status: MISS
last-modified: Sat, 03 Jun 2023 03:13:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "93512a54c995d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2eUZATB3hBu9SCamafpn6wv64F9i4lo4ZMXA0DRyx4aQ%2FTSc8zs37b1rvleaZjEvlz95TXHsb4e2iV4XGi9dwy%2BPsEbEhzwzIjzx62xOxVzfYCjhetNE2ebIIu4NiUHwMsrQzy0iQmg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83e544a04c281c3e-FRA
content-length: 600

GET
H2 200 iconSlides.png
rifa321.me/theme2/home-alterado-03-06-2023/imgs/ 443 B
798 B 432ms
423ms Image
image/png 2606:4700:20::ac43:4897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rifa321.me/theme2/home-alterado-03-06-2023/imgs/iconSlides.png
Requested by: Host: rifa321.me
URL: https://rifa321.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7635154185bc559b1235352f963fb67b1725241575eae252a8168907a782c25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rifa321.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:28:17 GMT
cf-cache-status: MISS
last-modified: Sat, 03 Jun 2023 03:13:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "ac766f54c995d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uUNooC2GxJ%2BtOzC9%2BporBdXRrYamGhUFWpfqsM%2FJlOLxqt1V6kkYOBdIjOMFG7Ai88p52cLSYkKqFjyCrRsNKxTQCDI4pWWIKIsn1yujfPXoCaVevwb%2FwU8zAdNrjdLndMQHzeearLY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83e544a1cdf11c3e-FRA
content-length: 443

GET
H2 200 google-play-badge.png
rifa321.me/theme2/home-alterado-03-06-2023/imgs/ 6 KB
7 KB 342ms
333ms Image
image/png 2606:4700:20::ac43:4897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rifa321.me/theme2/home-alterado-03-06-2023/imgs/google-play-badge.png
Requested by: Host: rifa321.me
URL: https://rifa321.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2454118e90bd1b663ac8e9ae87fed3fa0a59f22579c7946da6a70018b478bea0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rifa321.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:28:17 GMT
cf-cache-status: MISS
last-modified: Sat, 03 Jun 2023 03:13:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "d8cc6653c995d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L20qjYTrx%2FPnXwWJU9ZLLdXQW4ibUEoCX3cQ9rCHRGEJ%2Bp5SJDq3T5%2BcDHJXutP6xmln73KYSttkvuniZUaTLXQV1i3tL4%2BZ02IKFvYZRBF2VW2hLy94kJuXor1FbloCQKlx4kfwWLQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83e544a1cdf51c3e-FRA
content-length: 6520

GET
H2 200 iconBandeira.png
rifa321.me/theme2/home-alterado-03-06-2023/imgs/ 412 B
729 B 56ms
48ms Image
image/png 2606:4700:20::ac43:4897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rifa321.me/theme2/home-alterado-03-06-2023/imgs/iconBandeira.png
Requested by: Host: rifa321.me
URL: https://rifa321.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cf179f4c924782d20118bc10acaf314cc1dfc4cc9d4a6654c6ff93ab1b04951

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rifa321.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:28:17 GMT
cf-cache-status: HIT
last-modified: Sat, 03 Jun 2023 03:13:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1294
etag: "107e5853c995d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mxgyZb5uv2nJyayYQ55TJWiYySGmMafJMdmcyrjHU%2B4nsZucca7G5PFSp14ZY8F77m3YynTJf8q5zl2Z83A7i%2F1Zoi7xtYIe0gTdrhUZj6gPMw8NDJeUEpmu%2FyfmAI4oRvz9R3TfcyU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83e544a1cdf61c3e-FRA
content-length: 412

GET
H2 200 iconGrafico.png
rifa321.me/theme2/home-alterado-03-06-2023/imgs/ 354 B
674 B 428ms
420ms Image
image/png 2606:4700:20::ac43:4897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rifa321.me/theme2/home-alterado-03-06-2023/imgs/iconGrafico.png
Requested by: Host: rifa321.me
URL: https://rifa321.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f8619450311ac1b74f23933aeb6c7d46e4420cc852755e66c6606c83dcc69df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rifa321.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:28:17 GMT
cf-cache-status: MISS
last-modified: Sat, 03 Jun 2023 03:13:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "75f2ab53c995d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O9LuP%2BkQeIgMyPxJRc2cfPywJIfm25H8pxNZZZATWY99YYm9Mh0VieURycIMZD2jfULFzPOB5T60yJKh7Mg7HHNpcgQSsdDYw2Wbfe6PZcwlM4xG%2B9Q46T%2Bg6juP%2B2w4wuevnVFOte8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83e544a1ddf91c3e-FRA
content-length: 354

GET
H2 200 iconSeta.png
rifa321.me/theme2/home-alterado-03-06-2023/imgs/ 512 B
829 B 423ms
416ms Image
image/png 2606:4700:20::ac43:4897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rifa321.me/theme2/home-alterado-03-06-2023/imgs/iconSeta.png
Requested by: Host: rifa321.me
URL: https://rifa321.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 466c1aa5932826a68d7cec842f3e8263bfb4a16eaf15b95c65c0232d12d6558c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rifa321.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:28:17 GMT
cf-cache-status: MISS
last-modified: Sat, 03 Jun 2023 03:13:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "823d3654c995d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3jkQZ8XRd%2B6fwtEE2lcL744z3PgQvZPqKLX0U9Hyq%2FBpk6LQ9%2ByVCs30SO41B8c2hobAOuT6skWUXyvaryWQNwtmrKJEW5NZVNUFTrhOcd8yaHLLtN5aoj3yCcKVe6Ie38GohNm1pzs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83e544a1ddfa1c3e-FRA
content-length: 512

GET
H2 200 g1Logo.png
rifa321.me/theme2/home-alterado-03-06-2023/imgs/ 45 KB
45 KB 416ms
410ms Image
image/png 2606:4700:20::ac43:4897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rifa321.me/theme2/home-alterado-03-06-2023/imgs/g1Logo.png
Requested by: Host: rifa321.me
URL: https://rifa321.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5528382f2c69bdb69e3774d43f958830a96a4e566baae2d149f2dedf0b3c2278

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rifa321.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:28:17 GMT
cf-cache-status: MISS
last-modified: Sat, 03 Jun 2023 03:13:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "8ef61053c995d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CRsQEpWR%2B%2BZnMg%2FFDJDtTmW%2FzF3vCyBCD%2Bwb6KOFyCPrKxxrhUCTZVNBxRxSRxapUxgU5eLSxxLAIuu0eGGBpuiQ4B8e5MjEqAdPRgG6clAjEP7s53iuxbGnuEQlDS84ABrWWhULza8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83e544a1ddfd1c3e-FRA
content-length: 45651

GET
H2 200 logo2.png
rifa321.me/theme2/home-alterado-03-06-2023/imgs/ 8 KB
9 KB 331ms
325ms Image
image/png 2606:4700:20::ac43:4897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rifa321.me/theme2/home-alterado-03-06-2023/imgs/logo2.png
Requested by: Host: rifa321.me
URL: https://rifa321.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d5fc049875bf2d15920cf074b0cf9b86f93d64083f67988b2df29b847030ce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rifa321.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:28:17 GMT
cf-cache-status: MISS
last-modified: Sat, 03 Jun 2023 03:13:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "9310855c995d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0DEMkW4SBboC7GtSPe0kGOmJ9Vm64N0kQgEvkVohM9hB7kW5yU0NBHwksHpGqBa8UBbgtCvCzmLPPyEmLfxk%2BWy6C8vBjfodpLM2o4zq2e4Efa7Mdkh6q9wxh%2F1zTdwPc%2Bb1FssI3O8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83e544a1ddff1c3e-FRA
content-length: 8618

GET
H2 200 logoFm.png
rifa321.me/theme2/home-alterado-03-06-2023/imgs/ 4 KB
4 KB 343ms
338ms Image
image/png 2606:4700:20::ac43:4897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rifa321.me/theme2/home-alterado-03-06-2023/imgs/logoFm.png
Requested by: Host: rifa321.me
URL: https://rifa321.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82c33cd09826d2990b1741a21692595b7d9ad324ea7e10080b90aef229d37c15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rifa321.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:28:17 GMT
cf-cache-status: MISS
last-modified: Sat, 03 Jun 2023 03:13:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "9aac4355c995d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xdak%2FK%2B43MatQuVH1mYuKnTY6TfXj4BTIzLb41vJ11U3Kh%2FWXr3j2%2F480JgIvYOYKTFiOIoXYzobJSyijyo43pPxJUEpuHCDPYjtxlME2LRX2r8%2B39MStoUwKVBVnT9Y4NlgpC61vMs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83e544a1de011c3e-FRA
content-length: 3602

GET
H2 200 iconInstagram.png
rifa321.me/theme2/home-alterado-03-06-2023/imgs/ 943 B
1 KB 442ms
438ms Image
image/png 2606:4700:20::ac43:4897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rifa321.me/theme2/home-alterado-03-06-2023/imgs/iconInstagram.png
Requested by: Host: rifa321.me
URL: https://rifa321.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2b17249ffeb5a403c867aa54591c179b8fb122eaa0faae0148b1557d41e3072

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rifa321.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:28:17 GMT
cf-cache-status: MISS
last-modified: Sat, 03 Jun 2023 03:13:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "c2ce553c995d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c0KF5fCNuE08YRzncLtRak3FJbEglIhMa6lK7Fs2c76j6EP4MvrIGhMT7kW3hGPte6kJYrdDQcTV5Z8w%2BKdB%2FNwve8%2FBbLw8kqqyBbS6qoHa8pDDGB%2FbKA9ZPxVW%2FEo6ezB3h55g164%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83e544a1de031c3e-FRA
content-length: 943

GET
H2 200 iconYoutube.png
rifa321.me/theme2/home-alterado-03-06-2023/imgs/ 743 B
1 KB 416ms
412ms Image
image/png 2606:4700:20::ac43:4897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rifa321.me/theme2/home-alterado-03-06-2023/imgs/iconYoutube.png
Requested by: Host: rifa321.me
URL: https://rifa321.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d565622a0b589357f8774b61318e684669e18877f5e10afd8aca9c625673936d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rifa321.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:28:17 GMT
cf-cache-status: MISS
last-modified: Sat, 03 Jun 2023 03:13:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5ebc254c995d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXv4szL69uWdOsdU3%2BdLpCYtGcVttSqa1iVYBeD%2Fv5pQCpF3R3HRrvLoQJom5rMMEM9ZRWKCiI2UlyUjMrItDNYiRmg%2BY%2BBy0EfOwWLdhJ9IlGmudsvH8TruHT2cCTWHqr3sa7vS56c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83e544a1de061c3e-FRA
content-length: 743

GET
H2 200 iconTikTok.png
rifa321.me/theme2/home-alterado-03-06-2023/imgs/ 825 B
1 KB 453ms
449ms Image
image/png 2606:4700:20::ac43:4897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rifa321.me/theme2/home-alterado-03-06-2023/imgs/iconTikTok.png
Requested by: Host: rifa321.me
URL: https://rifa321.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aee943a664ebf101f6ff3b5d82ea8594ab303c7ad94d971149c9a5be5ca4af3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rifa321.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:28:17 GMT
cf-cache-status: MISS
last-modified: Sat, 03 Jun 2023 03:13:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "cffeb654c995d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2fvaKtqAtjg4Y4qQDoqHx4KkEefTY42i3LqV4Rd%2FmYPOjUVPjU0Kxg0badvT%2BHgUJXfNnvIibUMrO%2BPuB%2BVa0VTdDVmSYtYrINTtENYc2zWts8sSpjnYq1DA2vO%2FjmHGSNjQHk1FqEo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83e544a20e5b1c3e-FRA
content-length: 825

GET
H2 200 iconFacebook.png
rifa321.me/theme2/home-alterado-03-06-2023/imgs/ 672 B
984 B 445ms
442ms Image
image/png 2606:4700:20::ac43:4897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rifa321.me/theme2/home-alterado-03-06-2023/imgs/iconFacebook.png
Requested by: Host: rifa321.me
URL: https://rifa321.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83678c585f9297979b829d7db6ffe9837b14a4a1f90193af23ea822aee8b6c8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rifa321.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:28:17 GMT
cf-cache-status: MISS
last-modified: Sat, 03 Jun 2023 03:13:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "d5b09d53c995d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=elGooVqD3Ia1xNcQ8I3Ns1nl%2FO3rE6GqSf5Ky%2BwfxTlj%2FoEm9J8LmiHgmIDU9A9hplh1d8rsA8iVi3KtqnNSKmaw4WpA56EDDuODcmm5smGEPX3PXTq65gr2xlKMveLgu07KFwS4Nqg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83e544a20e621c3e-FRA
content-length: 672

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 204 KB
68 KB 154ms
58ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W5SKMK2

Requested by

Host: rifa321.me
URL: https://rifa321.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f68edb8b8f95ff01eb6bbb54983b52b423ddb743c25833e4ed7ab32e900a23b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rifa321.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:28:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69381
x-xss-protection: 0
last-modified: Sun, 31 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 31 Dec 2023 20:28:17 GMT

GET
H2 200 1ywiv-gSWzE Show response
www.youtube.com/embed/ Frame 5FF2 92 KB
41 KB 246ms
137ms Document
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/1ywiv-gSWzE

Requested by

Host: rifa321.me
URL: https://rifa321.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e599312a27e9d1e00d809087e15422888e0455800b0fd05d7919a96135fc978a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rifa321.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 20:28:17 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 133ms
39ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rifa321.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 08:53:58 GMT
x-content-type-options: nosniff
age: 473659
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 08:53:58 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 278 KB
92 KB 62ms
62ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DQ6FPQM027&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5SKMK2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dbd2f12d0cd6a286b22d437e1ee55ce8647a3f65e1aa026b67e5822bc02256bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rifa321.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:28:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94310
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 31 Dec 2023 20:28:17 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 149ms
40ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5SKMK2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rifa321.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 31 Dec 2023 20:28:17 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: Ov2AI+G/xe2v6I3Afb0hvd/YzRGuHWuxrEYSg60anLmF9JHYEBY7AKTZ3g3ySbUZeBd7svv9ROeSzVnR3WX5jA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/da154528/ Frame 5FF2 358 KB
47 KB 40ms
39ms Stylesheet
text/css 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1ywiv-gSWzE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af17d4cff542b33c97ee3a95f82a21d8993c87fd3472dff534fa855828a3b615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1ywiv-gSWzE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:03:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1485
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47436
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 30 Dec 2024 20:03:32 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5FF2 15 KB
15 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1ywiv-gSWzE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 05:31:50 GMT
x-content-type-options: nosniff
age: 572187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Dec 2024 05:31:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5FF2 15 KB
15 KB 47ms
47ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1ywiv-gSWzE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 09:09:14 GMT
x-content-type-options: nosniff
age: 472743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 09:09:14 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/ Frame 5FF2 52 KB
16 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1ywiv-gSWzE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abbda51c88a9a22c60f30b677f8925355382798bfcabb143d3938400c484d0f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1ywiv-gSWzE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 11:42:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117941
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16336
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 29 Dec 2024 11:42:36 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/da154528/www-embed-player.vflset/ Frame 5FF2 322 KB
97 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1ywiv-gSWzE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d854531f9c3833536d6971b4fd7617dafe1a2c6fd0bbed9469122e73ff3b13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1ywiv-gSWzE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:19:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 549
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98735
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 30 Dec 2024 20:19:08 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/ Frame 5FF2 2 MB
768 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1ywiv-gSWzE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e43938512568a6819be40d8c79292dc4b5d9ac9888f23a9f5ba931f98ce81aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1ywiv-gSWzE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 08:24:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 561843
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 786305
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 24 Dec 2024 08:24:14 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
250 B 135ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-DQ6FPQM027&gtm=45je3bt0v9131091898z89134445933&_p=1704054497540&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=960712842.1704054498&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704054497&sct=1&seg=0&dl=https%3A%2F%2Frifa321.me%2F&dt=Rifa%20321%20-%20Sua%20campanha%20em%20minutos&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1415
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DQ6FPQM027&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rifa321.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 20:28:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rifa321.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
241 B 142ms
47ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DQ6FPQM027&cid=960712842.1704054498&gtm=45je3bt0v9131091898z89134445933&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DQ6FPQM027&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rifa321.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 20:28:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rifa321.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 178ms
49ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DQ6FPQM027&cid=960712842.1704054498&gtm=45je3bt0v9131091898z89134445933&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=618120696

Requested by

Host: rifa321.me
URL: https://rifa321.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rifa321.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 20:28:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 954592318504175 Show response
connect.facebook.net/signals/config/ 140 KB
37 KB 41ms
40ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/954592318504175?v=2.9.138&r=stable&domain=rifa321.me

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9fb58c325beeb8518c134ef4f64e6ca2d8bd2439a9ab852f723f9c21638087b8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rifa321.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 31 Dec 2023 20:28:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 37076
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: qM0Mi6JSlV/cd+EMy1XUzl3MBM7hswZH/4TSVspBcVD1gcTXytWPZEZ5qxo0ughq46+lNQe1opOZQfXgiNjsIg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 5FF2
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

48ms
47ms

XHR
application/json

2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1ywiv-gSWzE

Protocol

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a06581dc795054d2b4a6f6830fda23ceb2d1c634570cbd6ddadae869873170f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:28:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 31 Dec 2023 20:28:18 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 5FF2 29 B
495 B 126ms
40ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:21:11 GMT
x-content-type-options: nosniff
age: 427
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 31 Dec 2023 20:36:11 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 148ms
46ms Preflight
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 31 Dec 2023 20:28:18 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 5FF2 87 KB
40 KB 58ms
56ms XHR
application/json+protobuf 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a021c5fa509a934da035e665267b8ed55e8773dbc02b472ee036b53d7af9c49e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 31 Dec 2023 20:28:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41034
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/ Frame 5FF2 116 KB
33 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e50b3437118e3987bcf15bbe18094b785119f764d2af29be181b531de3b1bb08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1ywiv-gSWzE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 08:24:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 561843
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33735
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 24 Dec 2024 08:24:15 GMT

GET
H2 200 q3ybFvLVurjIRsyeRT4FtV2O7nz4ZH1nHhTn1-npVcU.js Show response
www.google.com/js/th/ Frame 5FF2 51 KB
20 KB 126ms
39ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/q3ybFvLVurjIRsyeRT4FtV2O7nz4ZH1nHhTn1-npVcU.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab7c9b16f2d5bab8c846cc9e453e05b55d8eee7cf8647d671e14e7d7e9e955c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 13:10:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19841
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 30 Dec 2024 13:10:10 GMT

GET
H2 200 maxres2.jpg
i.ytimg.com/vi/1ywiv-gSWzE/ Frame 5FF2 46 KB
47 KB 236ms
149ms Image
image/jpeg 2a00:1450:4001:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/1ywiv-gSWzE/maxres2.jpg?sqp=-oaymwEoCIAKENAF8quKqQMcGADwAQH4AbYIgAKAD4oCDAgAEAEYfyAkKBUwDw==&rs=AOn4CLChLmuJFZEDr9DaJP3RGzJZW4sIEA

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1ywiv-gSWzE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de479678a25c1aff04b851cbf47c8b8f47a03f5b755ad7ee4e5a67108e66dfb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:28:18 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47489
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 31 Dec 2023 22:28:18 GMT

GET
DATA 200
OK truncated
/ Frame 5FF2 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 1FhkjpeAvVQnYg4nhoIHJR3gwuuubnLsME9FNXst1nlPU91K19uogQtE6k5JgHjAjRBSeEc0xA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 5FF2 2 KB
3 KB 132ms
39ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/1FhkjpeAvVQnYg4nhoIHJR3gwuuubnLsME9FNXst1nlPU91K19uogQtE6k5JgHjAjRBSeEc0xA=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1ywiv-gSWzE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

332d5a502608ae7991afbc288c70911f59c1a8f44c292c6f586d005856e20e78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 18:09:59 GMT
x-content-type-options: nosniff
age: 8299
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2491
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 01 Jan 2024 18:09:59 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 130ms
40ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=954592318504175&ev=PageView&dl=https%3A%2F%2Frifa321.me%2F&rl=&if=false&ts=1704054498261&sw=1600&sh=1200&ud[cn]=885036a0da3dff3c3e05bc79bf49382b12bc5098514ed57ce0875aba1aa2c40d&v=2.9.138&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1704054498258.1911570916&cs_est=true&ler=empty&it=1704054498085&coo=false&eid=1704054683257_17040550718171&tm=1&rqm=GET

Requested by

Host: rifa321.me
URL: https://rifa321.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rifa321.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 31 Dec 2023 20:28:18 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 5FF2 4 KB
2 KB 137ms
50ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:28:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 31 Dec 2023 20:28:18 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 5FF2 0
10 B 40ms
40ms Image
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?XnHcQg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/1ywiv-gSWzE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1ywiv-gSWzE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:28:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 47ms
47ms Preflight
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 31 Dec 2023 20:28:18 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 5FF2 90 B
134 B 50ms
50ms XHR
application/json+protobuf 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

db26427e623e5730624b9902954a667fda8de921fb7510ba40967b8184439bad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 31 Dec 2023 20:28:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 collect Show response
server.rifa321.me/g/ 65 B
592 B 987ms
436ms XHR
text/plain 35.198.36.195
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://server.rifa321.me/g/collect?v=2&tid=G-DQ6FPQM027&gtm=45je3bt0v9131091898z89134445933&_p=1704054497540&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=960712842.1704054498&ul=en-us&sr=1600x1200&_fplc=0&ur=DE-HB&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=DE&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=11l1l1l1l1&sst.tft=1704054497540&_s=2&sid=1704054497&sct=1&seg=1&dl=https%3A%2F%2Frifa321.me%2F&dt=Rifa%20321%20-%20Sua%20campanha%20em%20minutos&en=page_view&ep.event_id=1704054683257_17040550718171&_et=3&ep.user_data.address.country=br&tfd=1986&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DQ6FPQM027&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.198.36.195 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

195.36.198.35.bc.googleusercontent.com

Software

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rifa321.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:28:19 GMT
x-content-type-options: nosniff
content-type: text/plain
access-control-allow-origin: https://rifa321.me
cache-control: no-cache
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-accel-buffering: no

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame 5FF2 50 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 12:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 01 Jan 2024 12:40:19 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 5FF2 28 B
54 B 57ms
54ms XHR
application/json 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
X-Goog-Request-Time: 1704054500605
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/1ywiv-gSWzE
X-YouTube-Client-Version: 1.20231217.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtmY2x0b1hGbTduYyjhncesBjIKCgJERRIEEgAgGQ%3D%3D
X-YouTube-Ad-Signals: dt=1704054497980&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C650%2C540&vis=1&wgl=true&ca_type=image

Response headers

date: Sun, 31 Dec 2023 20:28:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sun, 31 Dec 2023 20:28:20 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rifa321.me/	1970-01-20 17:21:01	Name: sess_rifas Value: pfogt71mkp0jjjlddltumrqk5502m1tn
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 65nXG7wvEi0
.youtube.com/	1970-01-20 21:40:06	Name: VISITOR_INFO1_LIVE Value: fcltoXFm7nc
.rifa321.me/	1970-01-21 02:56:54	Name: _ga Value: GA1.1.960712842.1704054498
.rifa321.me/	1970-01-21 02:56:54	Name: _ga_DQ6FPQM027 Value: GS1.1.1704054497.1.1.1704054497.60.0.0
.rifa321.me/	1970-01-20 19:30:30	Name: _fbp Value: fb.1.1704054498258.1911570916
.rifa321.me/	1970-01-21 02:56:54	Name: FPID Value: FPID2.2.9Mx8nV8kARLblv1YtPKxaqeoV0OoSDasc%2F0m%2BvYx3fg%3D.1704054498
.rifa321.me/	1970-01-20 17:22:06	Name: FPLC Value: ohIpZbycdKCXufQqi4vqfgvPH78Xnw7YPy6S589RVwmJ3xMBRB%2BY38Re8vT%2FgjplW5%2Fh9m%2BEhKFjkRDvHEnYkKDrBiTGNpVEZsLw4%2FoLI1%2FXtWh3fYYhYLZE%2FIJYdQ%3D%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://rifa321.me/(Line 75) Message: Unrecognized feature: 'web-share'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
region1.analytics.google.com
rifa321.me
server.rifa321.me
static.doubleclick.net
stats.g.doubleclick.net
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
2001:4860:4802:32::36
2606:4700:20::ac43:4897
2a00:1450:4001:803::200e
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2016
2a00:1450:4001:812::200a
2a00:1450:4001:813::200a
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:828::2006
2a00:1450:4001:828::2008
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2003
2a00:1450:400c:c00::9b
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
35.198.36.195
011caf5488904a29b6091721fb51e33df5b61e9d13438d76402682f2a5d13947
2454118e90bd1b663ac8e9ae87fed3fa0a59f22579c7946da6a70018b478bea0
2e43938512568a6819be40d8c79292dc4b5d9ac9888f23a9f5ba931f98ce81aa
332d5a502608ae7991afbc288c70911f59c1a8f44c292c6f586d005856e20e78
3d5fc049875bf2d15920cf074b0cf9b86f93d64083f67988b2df29b847030ce0
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
466c1aa5932826a68d7cec842f3e8263bfb4a16eaf15b95c65c0232d12d6558c
4cf179f4c924782d20118bc10acaf314cc1dfc4cc9d4a6654c6ff93ab1b04951
5528382f2c69bdb69e3774d43f958830a96a4e566baae2d149f2dedf0b3c2278
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5bc82e24956e136980a176446f184cd1f9a207a0b3cf5d206d976c9a64823559
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6f8619450311ac1b74f23933aeb6c7d46e4420cc852755e66c6606c83dcc69df
7317f6b95876fc3647f1ff17fb969fa66656963ff27cc7bca009d3bca549500e
82c33cd09826d2990b1741a21692595b7d9ad324ea7e10080b90aef229d37c15
83678c585f9297979b829d7db6ffe9837b14a4a1f90193af23ea822aee8b6c8b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
94eb9ffaf69873a4bfbc51c0fee2cd93888987ed8008538ef02a947cc3256966
9fb58c325beeb8518c134ef4f64e6ca2d8bd2439a9ab852f723f9c21638087b8
a021c5fa509a934da035e665267b8ed55e8773dbc02b472ee036b53d7af9c49e
a06581dc795054d2b4a6f6830fda23ceb2d1c634570cbd6ddadae869873170f5
ab7c9b16f2d5bab8c846cc9e453e05b55d8eee7cf8647d671e14e7d7e9e955c5
abbda51c88a9a22c60f30b677f8925355382798bfcabb143d3938400c484d0f4
aee943a664ebf101f6ff3b5d82ea8594ab303c7ad94d971149c9a5be5ca4af3c
af17d4cff542b33c97ee3a95f82a21d8993c87fd3472dff534fa855828a3b615
c74bb77c5151a9bd468f98c8f833082a9afda3ded764570a5f2c535c384af0c6
c7635154185bc559b1235352f963fb67b1725241575eae252a8168907a782c25
d565622a0b589357f8774b61318e684669e18877f5e10afd8aca9c625673936d
d58daf523501f1fccc9f64074e0376efe715660ace44669ab909d59b39406455
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d854531f9c3833536d6971b4fd7617dafe1a2c6fd0bbed9469122e73ff3b13a1
db26427e623e5730624b9902954a667fda8de921fb7510ba40967b8184439bad
dbd2f12d0cd6a286b22d437e1ee55ce8647a3f65e1aa026b67e5822bc02256bc
de479678a25c1aff04b851cbf47c8b8f47a03f5b755ad7ee4e5a67108e66dfb4
df1557b4778eaa3469791fd84066eff1ec3ee82aa8769a58938a8c6ea34a9772
e2b17249ffeb5a403c867aa54591c179b8fb122eaa0faae0148b1557d41e3072
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50b3437118e3987bcf15bbe18094b785119f764d2af29be181b531de3b1bb08
e599312a27e9d1e00d809087e15422888e0455800b0fd05d7919a96135fc978a
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f68edb8b8f95ff01eb6bbb54983b52b423ddb743c25833e4ed7ab32e900a23b7

rifa321.me Open in urlscan Pro 2606:4700:20::ac43:4897 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

98 %HTTPS

94 %IPv6

12 Domains

18 Subdomains

19 IPs

4 Countries

1546 kBTransfer

4605 kBSize

8 Cookies

9 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

rifa321.me Open in urlscan Pro
2606:4700:20::ac43:4897 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

98 %
HTTPS

94 %
IPv6

12
Domains

18
Subdomains

19
IPs

4
Countries

1546 kB
Transfer

4605 kB
Size

8
Cookies

50 HTTP transactions
1 data transactions