www.vivafoot.xyz Open in urlscan Pro
142.250.184.211 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://vivafoot.xyz/p/free1.html
Effective URL:
https://www.vivafoot.xyz/p/free1.html
Submission: On August 31 via manual (August 31st 2024, 7:41:11 pm UTC) from PT — Scanned from PT

Summary HTTP 53 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 20 domains to perform 53 HTTP transactions. The main IP is 142.250.184.211, located in United States and belongs to GOOGLE, US. The main domain is www.vivafoot.xyz.
TLS certificate: Issued by WR3 on August 24th 2024. Valid for: 3 months.

This is the only time www.vivafoot.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	216.239.34.21 216.239.34.21	15169 (GOOGLE) (GOOGLE)
2	142.250.184.211 142.250.184.211	15169 (GOOGLE) (GOOGLE)
6	142.250.186.73 142.250.186.73	15169 (GOOGLE) (GOOGLE)
2	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
3	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.185.225 142.250.185.225	15169 (GOOGLE) (GOOGLE)
2	172.240.127.234 172.240.127.234	7979 (SERVERS-COM) (SERVERS-COM)
4	172.64.152.106 172.64.152.106	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.185.238 142.250.185.238	15169 (GOOGLE) (GOOGLE)
9	3.160.150.40 3.160.150.40	16509 (AMAZON-02) (AMAZON-02)
2	142.250.184.195 142.250.184.195	15169 (GOOGLE) (GOOGLE)
2	104.21.91.188 104.21.91.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.16.200 172.217.16.200	15169 (GOOGLE) (GOOGLE)
1	104.21.8.108 104.21.8.108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.152.191 172.64.152.191	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.239.36.181 216.239.36.181	15169 (GOOGLE) (GOOGLE)
1	64.233.184.157 64.233.184.157	15169 (GOOGLE) (GOOGLE)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
3	104.18.35.150 104.18.35.150	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.153.183 172.64.153.183	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.124.222.217 3.124.222.217	16509 (AMAZON-02) (AMAZON-02)
53	24

1 216.239.34.21 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: any-in-2215.1e100.net

vivafoot.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.211 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f19.1e100.net

www.vivafoot.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.73 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f9.1e100.net

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

acscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f1.1e100.net

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
themes.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.240.127.234 (United States)

ASN7979 (SERVERS-COM, US)

ghostsinstance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.152.106 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

jsc.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.160.150.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-40.fra60.r.cloudfront.net

cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.91.188 (None, )

ASN13335 (CLOUDFLARENET, US)

youradexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.8.108 (None, )

ASN13335 (CLOUDFLARENET, US)

pubtrky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.191 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

cdn.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.36.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.184.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

www.google.co.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.35.150 (None, )

ASN13335 (CLOUDFLARENET, US)

s-img.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.153.183 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

cl.imghosts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.222.217 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-222-217.eu-central-1.compute.amazonaws.com

api.cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	inmobi.com cmp.inmobi.com — Cisco Umbrella Rank: 5576 api.cmp.inmobi.com — Cisco Umbrella Rank: 20183	243 KB
7	adskeeper.com jsc.adskeeper.com — Cisco Umbrella Rank: 29671 c.adskeeper.com — Cisco Umbrella Rank: 21004 servicer.adskeeper.com — Cisco Umbrella Rank: 28213 s-img.adskeeper.com — Cisco Umbrella Rank: 19154 cm.adskeeper.com — Cisco Umbrella Rank: 30456	161 KB
6	blogger.com www.blogger.com — Cisco Umbrella Rank: 9911	66 KB
3	acscdn.com acscdn.com — Cisco Umbrella Rank: 35241	86 KB
3	vivafoot.xyz 1 redirects vivafoot.xyz www.vivafoot.xyz	33 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 252 td.doubleclick.net — Cisco Umbrella Rank: 481	247 B
2	youradexchange.com youradexchange.com — Cisco Umbrella Rank: 20689
2	gstatic.com fonts.gstatic.com	43 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
2	ghostsinstance.com ghostsinstance.com — Cisco Umbrella Rank: 743853
2	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 7953 themes.googleusercontent.com — Cisco Umbrella Rank: 21202	58 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157	194 KB
1	imghosts.com cl.imghosts.com — Cisco Umbrella Rank: 10088	396 KB
1	google.co.in www.google.co.in — Cisco Umbrella Rank: 12557	63 B
1	google.com analytics.google.com — Cisco Umbrella Rank: 238
1	adskeeper.co.uk cdn.adskeeper.co.uk — Cisco Umbrella Rank: 29561	1 KB
1	pubtrky.com pubtrky.com — Cisco Umbrella Rank: 22393	425 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	93 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1832	11 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	27 KB
53	20

	Domain	Requested by
9	cmp.inmobi.com	www.vivafoot.xyz cmp.inmobi.com
6	www.blogger.com	www.vivafoot.xyz www.blogger.com
3	s-img.adskeeper.com	www.vivafoot.xyz
3	acscdn.com	www.vivafoot.xyz acscdn.com
2	youradexchange.com	acscdn.com
2	fonts.gstatic.com	www.vivafoot.xyz
2	www.google-analytics.com	www.vivafoot.xyz www.google-analytics.com
2	ghostsinstance.com	www.vivafoot.xyz
2	pagead2.googlesyndication.com	www.vivafoot.xyz pagead2.googlesyndication.com
2	www.vivafoot.xyz
1	api.cmp.inmobi.com	cmp.inmobi.com
1	cm.adskeeper.com	jsc.adskeeper.com
1	cl.imghosts.com	www.vivafoot.xyz
1	www.google.co.in	www.vivafoot.xyz
1	td.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	servicer.adskeeper.com	jsc.adskeeper.com
1	cdn.adskeeper.co.uk	www.vivafoot.xyz
1	c.adskeeper.com	www.vivafoot.xyz
1	pubtrky.com	acscdn.com
1	www.googletagmanager.com	www.google-analytics.com
1	themes.googleusercontent.com	www.vivafoot.xyz
1	jsc.adskeeper.com	www.vivafoot.xyz
1	blogger.googleusercontent.com	www.vivafoot.xyz
1	maxcdn.bootstrapcdn.com	www.vivafoot.xyz
1	cdnjs.cloudflare.com	www.vivafoot.xyz
1	vivafoot.xyz	1 redirects
53	28

This site contains links to these domains. Also see Links.

Domain
x.com
www.blogger.com
youradexchange.com

Subject Issuer	Validity	Valid
www.vivafoot.xyz WR3	`2024-08-24` - `2024-11-22`	3 months	crt.sh
*.blogger.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
acscdn.com WE1	`2024-08-23` - `2024-11-21`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
bootstrapcdn.com WE1	`2024-07-23` - `2024-10-21`	3 months	crt.sh
*.googleusercontent.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
ghostsinstance.com R11	`2024-08-08` - `2024-11-06`	3 months	crt.sh
adskeeper.com WE1	`2024-07-22` - `2024-10-20`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
cmp.inmobi.com Sectigo ECC Organization Validation Secure Server CA	`2024-07-31` - `2025-07-31`	a year	crt.sh
*.gstatic.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
youradexchange.com WE1	`2024-08-10` - `2024-11-08`	3 months	crt.sh
pubtrky.com WE1	`2024-07-14` - `2024-10-12`	3 months	crt.sh
adskeeper.co.uk WE1	`2024-07-22` - `2024-10-20`	3 months	crt.sh
*.google.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
*.doubleclick.net WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
*.google.co.in WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
cl.imghosts.com Cloudflare Inc ECC CA-3	`2023-10-03` - `2024-10-02`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.vivafoot.xyz/p/free1.html
Frame ID: B781076427C239498700009903EAAA94
Requests: 49 HTTP requests in this frame

Frame: https://www.blogger.com/comment/frame/1685533013709030970?pa=5410533048738283850&hl=fr&blogspotRpcToken=1587744
Frame ID: 9C192EF2EDC104AEDC90CAE4EF280E5F
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-D59HPQQ9LN&gacid=1772937766.1725133267&gtm=45je48s0v9175034224za200&dma=0&gcd=13l3l3l3l2l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=705428148
Frame ID: 5822619B727B46187E95C647A9267CBB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

VIVA FOOT: FREE

Page URL History Show full URLs

http://vivafoot.xyz/p/free1.html HTTP 307
https://vivafoot.xyz/p/free1.html HTTP 301
https://www.vivafoot.xyz/p/free1.html Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

53
Requests

94 %
HTTPS

0 %
IPv6

20
Domains

28
Subdomains

24
IPs

4
Countries

1433 kB
Transfer

3922 kB
Size

7
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://x.com/lienmatch_1

Search URL Search Domain Scan URL

URL: https://www.blogger.com/comment/frame/1685533013709030970?pa=5410533048738283850&hl=fr&blogspotRpcToken=1587744

Search URL Search Domain Scan URL

URL: https://youradexchange.com/ad/visit.php?al=1

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://vivafoot.xyz/p/free1.html HTTP 307
https://vivafoot.xyz/p/free1.html HTTP 301
https://www.vivafoot.xyz/p/free1.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request free1.html Show response
www.vivafoot.xyz/p/
Redirect Chain

http://vivafoot.xyz/p/free1.html
https://vivafoot.xyz/p/free1.html
https://www.vivafoot.xyz/p/free1.html

179 KB
31 KB

415ms
206ms

Document
text/html

142.250.184.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vivafoot.xyz/p/free1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.211 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f19.1e100.net

Software

GSE /

Resource Hash

31b80827b0425e1be19c726c9fdb78d0e1c5fa29a81f93625284935f4ba0653a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 31435
content-security-policy: upgrade-insecure-requests
content-security-policy-report-only: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-to blogspot; report-uri https://www.blogger.com/cspreport
content-type: text/html; charset=UTF-8
date: Sat, 31 Aug 2024 19:41:06 GMT
etag: W/"d03d2141cabeaf0645d08ecfbf94b3731d3db6cfe015da6f83df23e133e254f7"
expires: Sat, 31 Aug 2024 19:41:06 GMT
last-modified: Sat, 31 Aug 2024 19:34:41 GMT
report-to: {"group":"blogspot","max_age":2592000,"endpoints":[{"url":"https://www.blogger.com/cspreport"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

content-length: 234
content-type: text/html; charset=UTF-8
date: Sat, 31 Aug 2024 19:41:06 GMT
location: https://www.vivafoot.xyz/p/free1.html
server: ghs
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 3566091532-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 35 KB
8 KB 265ms
80ms Stylesheet
text/css 142.250.186.73
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css

Requested by

Host: www.vivafoot.xyz
URL: https://www.vivafoot.xyz/p/free1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.73 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f9.1e100.net

Software

sffe /

Resource Hash

a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 16:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10229
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7756
x-xss-protection: 0
last-modified: Sat, 31 Aug 2024 08:55:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sun, 31 Aug 2025 16:50:37 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
51 KB 265ms
99ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5446498181945957&host=ca-host-pub-1556223355139109

Requested by

Host: www.vivafoot.xyz
URL: https://www.vivafoot.xyz/p/free1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e09bb27a60e23accb25c1e1a0ac408bc79c5132af7ed82533c62f4feac3a051d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vivafoot.xyz/
Origin: https://www.vivafoot.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 19:41:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52221
x-xss-protection: 0
server: cafe
etag: 8371103614032718734
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 31 Aug 2024 19:41:06 GMT

GET
H3 200 aclib.js Show response
acscdn.com/script/ 124 KB
40 KB 134ms
67ms Script
text/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acscdn.com/script/aclib.js
Requested by: Host: www.vivafoot.xyz
URL: https://www.vivafoot.xyz/p/free1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 085f727ed707e4cf3177cdd33747bf8ae71584d8cfd35cc92db0e4b16a4e34ff

Request headers

Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 19:41:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2253
x-guploader-uploadid: AHxI1nOvwO1UsQe5p34iu3PAGrAy5leAM-j_RLeBO0NtdLAvLYtN-uKlQsPl86OMAOq3sf9gxmg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 28 Aug 2024 07:07:32 GMT
server: cloudflare
etag: W/"91182a3b4a3ee55049db24b492ec23fc"
vary: Accept-Encoding
x-goog-hash: crc32c=llEqmQ==, md5=kRgqO0o+5VBJ2yS0kuwj/A==
x-goog-generation: 1724828852048111
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KMiarl4wNC92ZJujwfaZRBN9WRadLZwa8fIYyKHgQxahmDmJWq%2BGh99bTqTTnwHXY47BublvEcOQVZ%2BDi3LYjBYXma8rrvvZ8R93gwpggrYECO9xuxEJHiJwxWuk"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 126653
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cf-ray: 8bbf7f04aec2c902-MAD
expires: Sat, 31 Aug 2024 19:35:19 GMT

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ 82 KB
27 KB 115ms
57ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: www.vivafoot.xyz
URL: https://www.vivafoot.xyz/p/free1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 19:41:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 408745
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 26660
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-14983"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kbaagv%2BZtRBitq%2BHjmvSAbcJp1dQimsCnyHresP6420grrH2aqQD374G9K1PraSqGnQ6toIhTSb0cT%2BbyDwLnJS18cHknc3HtZASl9VCTIbMAf9c5Mj3WyLXNovgps6yynvYEHkH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8bbf7f049e9803e6-LIS
expires: Thu, 21 Aug 2025 19:41:06 GMT

GET
H3 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.2/js/ 35 KB
11 KB 131ms
72ms Script
application/javascript 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/js/bootstrap.min.js

Requested by

Host: www.vivafoot.xyz
URL: https://www.vivafoot.xyz/p/free1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 19:41:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1187
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 10527412
cdn-cachedat: 11/26/2023 18:54:50
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:58 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"046ba2b5f4cff7d2eaaa1af55caa9fd8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 82fddf8936afb82f5ca3f3cc3de8bd1d
timing-allow-origin: *
cdn-requestcountrycode: FR
cdn-status: 200
cf-ray: 8bbf7f049ece7859-LIS
cdn-requestpullsuccess: True

GET
H2 200 Twitter_and_X_logos.svg.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi5tHaifRZwxeJNHsmjeGdKveXPiK-n66CnDrmed94jOi_Q2_ls4it_pZmdXDt9ERIowMEGY5JOljsZZdSR6Yx6lrey5ZNPmtNRJbsOMn1LpcYmsX8JouqLW2JroDOU51qXxeIvLsbmQ10ADAUp... 5 KB
5 KB 441ms
265ms Image
image/png 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi5tHaifRZwxeJNHsmjeGdKveXPiK-n66CnDrmed94jOi_Q2_ls4it_pZmdXDt9ERIowMEGY5JOljsZZdSR6Yx6lrey5ZNPmtNRJbsOMn1LpcYmsX8JouqLW2JroDOU51qXxeIvLsbmQ10ADAUppQcZ7ebpZf-Up-fQAwOHvfl8DVk59_-jXGnT3k-3H0I/w190-h200/Twitter_and_X_logos.svg.png

Requested by

Host: www.vivafoot.xyz
URL: https://www.vivafoot.xyz/p/free1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

fife /

Resource Hash

275ca48aa1a018242b49a4d059a7bca1dc604395e74d8a3725e4c80a41d3f2aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 19:41:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v3b"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Twitter_and_X_logos.svg.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4801
x-xss-protection: 0
expires: Sun, 01 Sep 2024 19:41:07 GMT

GET
H2 200 1466990918-comment_from_post_iframe.js Show response
www.blogger.com/static/v1/jsbin/ 17 KB
7 KB 228ms
88ms Script
text/javascript 142.250.186.73
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/jsbin/1466990918-comment_from_post_iframe.js

Requested by

Host: www.vivafoot.xyz
URL: https://www.vivafoot.xyz/p/free1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.73 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f9.1e100.net

Software

sffe /

Resource Hash

6a0af73d8aca10ba21b96c1a708c2effd53397bcb7797092280089818d640cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 21:42:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79140
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6748
x-xss-protection: 0
last-modified: Fri, 30 Aug 2024 19:57:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 30 Aug 2025 21:42:06 GMT

GET
H/1.1 403
Forbidden invoke.js
ghostsinstance.com/9a1ef647c987b4132e3bd002b86291f2/ 0
0 464ms
150ms Script
application/javascript 172.240.127.234
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ghostsinstance.com/9a1ef647c987b4132e3bd002b86291f2/invoke.js
Requested by: Host: www.vivafoot.xyz
URL: https://www.vivafoot.xyz/p/free1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.127.234 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sat, 31 Aug 2024 19:41:06 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: ghostsinstance.com
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 403
Forbidden invoke.js
ghostsinstance.com/2fb3017ee5eb60e9bed80038884f021c/ 0
0 387ms
148ms Script
application/javascript 172.240.127.234
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ghostsinstance.com/2fb3017ee5eb60e9bed80038884f021c/invoke.js
Requested by: Host: www.vivafoot.xyz
URL: https://www.vivafoot.xyz/p/free1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.127.234 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sat, 31 Aug 2024 19:41:07 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: ghostsinstance.com
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H3 200 875284.js Show response
jsc.adskeeper.com/site/ 426 KB
115 KB 122ms
64ms Script
text/javascript 172.64.152.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/site/875284.js
Requested by: Host: www.vivafoot.xyz
URL: https://www.vivafoot.xyz/p/free1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.152.106 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 555d023c6abea42f2aced51403cc0b18177a42ec02c2983cb09721afbe71d95c

Request headers

Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 19:41:06 GMT
content-encoding: gzip
x-amz-version-id: NtH1eGONIhUNvsPDQfyIQB4jL1BfXeOr
cf-cache-status: HIT
x-amz-request-id: MWFQEC4GVX74BKPZ
age: 2101
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 117638
x-amz-id-2: 4Kv2EkXGLf0C+hvVmC9PI4wsmBBbngUDflXPa4Mtwz+xgVccxDJCR2inY2s8pz1Gjtmofrl8lIk=
last-modified: Thu, 29 Aug 2024 10:41:29 GMT
x-cntry: PT
server: cloudflare
etag: "cf44b958e29f223e1f5bac8699f3986c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8bbf7f060e996935-LIS
expires: Sat, 31 Aug 2024 23:41:06 GMT

GET
H2 200 2430006334-widgets.js Show response
www.blogger.com/static/v1/widgets/ 142 KB
50 KB 81ms
78ms Script
text/javascript 142.250.186.73
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2430006334-widgets.js

Requested by

Host: www.vivafoot.xyz
URL: https://www.vivafoot.xyz/p/free1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.73 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f9.1e100.net

Software

sffe /

Resource Hash

19ac01ff785059f6e4cd94f3caa0193f48e19086f8a3d0484cb573f2d08b5b23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 06:03:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49073
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51391
x-xss-protection: 0
last-modified: Thu, 29 Aug 2024 18:59:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sun, 31 Aug 2025 06:03:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 261ms
81ms Script
text/javascript 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.vivafoot.xyz
URL: https://www.vivafoot.xyz/p/free1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 31 Aug 2024 19:20:02 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1265
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 31 Aug 2024 21:20:02 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
684 B 184ms
183ms Stylesheet
text/css 142.250.186.73
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1685533013709030970&zx=d5ac9351-1c9c-44ce-991d-dbd21d79597a

Requested by

Host: www.vivafoot.xyz
URL: https://www.vivafoot.xyz/p/free1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.73 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f9.1e100.net

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Sat, 31 Aug 2024 19:41:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 31 Aug 2024 19:41:06 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 choice.js Show response
cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/ 4 KB
2 KB 295ms
85ms Script
application/javascript 3.160.150.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js?tag_version=V3
Requested by: Host: www.vivafoot.xyz
URL: https://www.vivafoot.xyz/p/free1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-40.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: abc4c24f7cdeabcfa58f96fb120ba7fd52263fe7e3394d24db1ec7ecaee8cc45

Request headers

Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 19:41:00 GMT
content-encoding: br
via: 1.1 f2a51982e289d888963f4f93b48c5f22.cloudfront.net (CloudFront)
last-modified: Mon, 01 Jul 2024 09:12:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 27
x-amz-server-side-encryption: AES256
etag: W/"2f952b6e5c723f68a451eda821ff0ce5"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-id: cHdl2xhIRo3rmO9MRT8g6Mvyp7OFPh3z-KgsznLlEvldDPKa7dtv6Q==

GET
H2 200 image
themes.googleusercontent.com/ 52 KB
53 KB 295ms
114ms Image
image/png 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themes.googleusercontent.com/image?id=0BwVBOzw_-hbMNzE5NTg3YzUtMGU0Mi00OWQ3LTg2NjUtODk1OGVlMjg1YjZj

Requested by

Host: www.vivafoot.xyz
URL: https://www.vivafoot.xyz/p/free1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

fife /

Resource Hash

60cf0e05cd8787a97f0a7243d3c745f79fe6d4f5ecfa3f53fb701c2f0926aade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 19:41:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53665
x-xss-protection: 0
expires: Sun, 01 Sep 2024 19:41:07 GMT

GET
H3 200 ut.js Show response
acscdn.com/script/ 62 KB
23 KB 64ms
64ms Script
text/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acscdn.com/script/ut.js?cb=1725133266831
Requested by: Host: acscdn.com
URL: https://acscdn.com/script/aclib.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0deb5082ddbcd905a8d9fff21cf5dfd1afdac4744f149a4db2801af971850390

Request headers

Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 19:41:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2281
x-guploader-uploadid: AHxI1nNxOIKASkQhiEVwuhUqemuvraDE8W3OkTZMZvubWVveWij7aS9_AaYnXoX93mgcx9d313U
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 24 Jul 2024 11:41:54 GMT
server: cloudflare
etag: W/"e7bb8a3e002fb7cbc1b3ca32b73e6ac5"
vary: Accept-Encoding
x-goog-hash: crc32c=IaaDjg==, md5=57uKPgAvt8vBs8oytz5qxQ==
x-goog-generation: 1721821314858390
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pMNXEE3ENbnMAzAZ%2FbzgHbT%2BA5Vecw4ODGkElSWQ%2BVQLGXHsZqk28kU%2FKRnd2Z5O2IkVcNh8qgbVeGaein5LKRwyYn1QjU2Kur%2BALCfFbDwyNDuY6S9LflQA3tiX"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 63280
cf-ray: 8bbf7f05d880c902-MAD
expires: Sat, 31 Aug 2024 19:46:38 GMT

GET
H3 200 banner.js Show response
acscdn.com/script/ 64 KB
23 KB 105ms
105ms Script
text/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acscdn.com/script/banner.js
Requested by: Host: acscdn.com
URL: https://acscdn.com/script/aclib.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f2ee4a81bc6cd16817dce77969c0da376217ddf34549b59d453fa1af7184f0c

Request headers

Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 19:41:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2057
x-guploader-uploadid: AHxI1nMlYgvbzWJzrSUTIpMLTgMHjoJyB66Em8A71X2qPvhPIzOM4aIw9hCVSrkC61y8X9D47uc
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 28 Aug 2024 07:08:50 GMT
server: cloudflare
etag: W/"251c144a65148f8cd31bac54494e7540"
vary: Accept-Encoding
x-goog-hash: crc32c=6YiBPA==, md5=JRwUSmUUj4zTG6xUSU51QA==
x-goog-generation: 1724828930841527
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9dnlDYW9dqSb0jPeo689sQDpdzOA7d4hR0QYBfgqjippajqM6wpY0qiapgBFVxEdJxMfFSKGoFDfIeLAzWYPhMQSFIAUkSgR52S9sZwzgcYrxWqgvW3uzic2xByx"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 65738
cf-ray: 8bbf7f05e890c902-MAD
expires: Sat, 31 Aug 2024 19:06:52 GMT

GET
H2 200 va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
fonts.gstatic.com/s/firasans/v10/ 22 KB
22 KB 246ms
78ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2

Requested by

Host: www.vivafoot.xyz
URL: https://www.vivafoot.xyz/p/free1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

92bf2667e3434750097f9212feca904c5e7ac36d9155463d25d79f1415018219

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vivafoot.xyz/
Origin: https://www.vivafoot.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 00:48:04 GMT
x-content-type-options: nosniff
age: 67983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22336
x-xss-protection: 0
last-modified: Mon, 22 Jul 2019 19:22:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Aug 2025 00:48:04 GMT

GET
H2 200 va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v10/ 21 KB
21 KB 294ms
126ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v10/va9E4kDNxMZdWfMOD5Vvl4jL.woff2

Requested by

Host: www.vivafoot.xyz
URL: https://www.vivafoot.xyz/p/free1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

ca0b35aa0f48d8359e7fce9feec83f90ed60c0b857cdf29784f0803b70de4e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vivafoot.xyz/
Origin: https://www.vivafoot.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 17:15:21 GMT
x-content-type-options: nosniff
age: 181546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21244
x-xss-protection: 0
last-modified: Mon, 22 Jul 2019 19:21:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Aug 2025 17:15:21 GMT

GET
H2 200 1685533013709030970
www.blogger.com/comment/frame/ Frame 9C19 0
0 320ms
157ms Document
text/html 142.250.186.73
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/comment/frame/1685533013709030970?pa=5410533048738283850&hl=fr&blogspotRpcToken=1587744

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/jsbin/1466990918-comment_from_post_iframe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.73 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f9.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8kAcZY8F3YEg-7uxA9DD0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/BloggerCommentUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vivafoot.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-8kAcZY8F3YEg-7uxA9DD0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/BloggerCommentUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Sat, 31 Aug 2024 19:41:07 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
reporting-endpoints: default="/_/BloggerCommentUi/web-reports?context=eJzjamDU4pJicNGQYqh138lUemUn0x2NXUyvgDiydBdTOhA7vbrJJNN7i-nxlFtMz9ufMX0DYomvL5nUgNgpfQZrABD71M9gjQLi1pvnWCcDse2t86xJ_86zFgDxD4-LrGyeF1mXRFxkPZB4kdVQ4RKrPRCr9lxiNQZiIW6Oy4_PbmMTWPH7sKuSUlJ-YXxSTn56empRaWZxalFZalG8kYGRiYGFkYWegVF8gQEAIO9I1w"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/ 428 KB
143 KB 266ms
111ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5446498181945957&host=ca-host-pub-1556223355139109

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

a19431136adf4e750808c9f85d00fa05a93ca4908a3669fbdda4400ab0ac762c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 19:41:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146411
x-xss-protection: 0
server: cafe
etag: 5095886899283281146
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 31 Aug 2024 19:41:07 GMT

GET
H3 204 banner.php
youradexchange.com/script/ 0
0 249ms
184ms Fetch 104.21.91.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/script/banner.php?r=8280830&cbpage=https%3A%2F%2Fwww.vivafoot.xyz%2Fp%2Ffree1.html&cbref=&cbdescription=&cbkeywords=&cbtitle=VIVA%20FOOT%3A%20FREE&srs=c0bbe930ea529541eb4ae1a211537b1b&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2FGoogle%20Inc.1600x12000pt-PT8824%20bits&atv=52.8
Requested by: Host: acscdn.com
URL: https://acscdn.com/script/banner.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.91.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 19:41:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CL2QbdKZmWnPelBmQjs7hZwLfGozcUN%2BTBI%2FSARZvSxDt3IfJkuWsmO7YRkS2x1L1N%2FUnjyM2GdT%2Bcmfb5GlEWPPENKtY0mBEh9cAt4VkZ03vrcDTvP6WeDSDUxqvEDkFibgoOU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 8bbf7f0709fbcbc6-MAD
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 183ms
183ms Stylesheet
text/css 142.250.186.73
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1685533013709030970&zx=d5ac9351-1c9c-44ce-991d-dbd21d79597a

Requested by

Host: www.vivafoot.xyz
URL: https://www.vivafoot.xyz/p/free1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.73 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f9.1e100.net

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Sat, 31 Aug 2024 19:41:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 31 Aug 2024 19:41:07 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 banner.php
youradexchange.com/script/ 0
0 216ms
216ms Fetch 104.21.91.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/script/banner.php?r=6890442&cbpage=https%3A%2F%2Fwww.vivafoot.xyz%2Fp%2Ffree1.html&cbref=&cbdescription=&cbkeywords=&cbtitle=VIVA%20FOOT%3A%20FREE&srs=c0bbe930ea529541eb4ae1a211537b1b&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2FGoogle%20Inc.1600x12000pt-PT8824%20bits&atv=52.8
Requested by: Host: acscdn.com
URL: https://acscdn.com/script/banner.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.91.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 19:41:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Aj5a3UBke0aTmCxMA6zifn9h7YNk1tmv54m0m6h1VvIzkyQ5iUpvjI4h4nYewBnSDiRyQI9aqgSZ5YIn2ZgZLCl%2B0vSAZerR%2FnYevdmeUYC3uLYxGReAeLbRRNRSXspQVxhHgO0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 8bbf7f072a26cbc6-MAD
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400

GET
H2 200 cmp2.js Show response
cmp.inmobi.com/tcfv2/53/ 167 KB
47 KB 99ms
98ms Script
text/javascript 3.160.150.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=www.themoneytizer.com
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js?tag_version=V3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-40.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7a0c447b915ba02cdfa198f1fee92f0a4a784dc895b61be659a9386c6ed3112

Request headers

Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:48:34 GMT
content-encoding: gzip
via: 1.1 f2a51982e289d888963f4f93b48c5f22.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 133608
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Mon, 03 Jun 2024 09:45:41 GMT
server: AmazonS3
etag: W/"db6c513b7a9d1bf38b36047c185655a2"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
x-amz-meta-qc-ineu: True
vary: Accept-Encoding
x-amz-cf-id: B7_mL7je0Zq8W9AJhpNLTC82HxsMb_-s0x-wf452WYb4ADQCUozxuw==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
223 B 88ms
87ms XHR
text/plain 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1552978817&t=pageview&_s=1&dl=https%3A%2F%2Fwww.vivafoot.xyz%2Fp%2Ffree1.html&ul=pt-pt&de=UTF-8&dt=VIVA%20FOOT%3A%20FREE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1741507732&gjid=1594124488&cid=1772937766.1725133267&tid=UA-197225295-1&_gid=1977685849.1725133267&_r=1&_slc=1&z=521511917

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

ce29e97bc10c23fb20ec4878ba95c73e6edac3ded3469d697d9271e8017062ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 31 Aug 2024 19:41:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.vivafoot.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET 74c74808-0d48-4586-8e4c-c64f244435db
https://www.vivafoot.xyz/ Frame 0
0

GET 46868706-c5f6-4401-a0f4-174f81cb9390
https://www.vivafoot.xyz/ Frame 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 264 KB
93 KB 283ms
99ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D59HPQQ9LN&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

36501b2e19acc1d7c46553dc2f7990313ebd0b83f199addff357428c5be57c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 19:41:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95028
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 31 Aug 2024 19:41:07 GMT

GET
BLOB 206
Partial Content f28e3e87-756f-4dfd-9662-cc08a1245649
https://www.vivafoot.xyz/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.vivafoot.xyz/f28e3e87-756f-4dfd-9662-cc08a1245649
Requested by: Host: www.vivafoot.xyz
URL: https://www.vivafoot.xyz/p/free1.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

POST
H3 204 hb.php
pubtrky.com/ut/ 0
425 B 246ms
183ms Ping
text/plain 104.21.8.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pubtrky.com/ut/hb.php?cb=0.3014758588052371&v=1
Requested by: Host: acscdn.com
URL: https://acscdn.com/script/ut.js?cb=1725133266831
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.8.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

date: Sat, 31 Aug 2024 19:41:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zGNYjVD17zyUNXclVxioqDT9P%2Bqe9SX0pQ5LC0zx3wic5SGxkniVuiM9LLJXZ8MlH8waWQ0bC4wdH%2F8Y6mc%2Bz3a0fAKFf1%2FAvc5MPBRePs6eHHJkOmrg%2BEUOy1Pj%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 8bbf7f08ee1d6617-MAD
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
c.adskeeper.com/pv/ 43 B
189 B 108ms
97ms Image
image/gif 172.64.152.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.adskeeper.com/pv/?lu=https%3A%2F%2Fwww.vivafoot.xyz%2Fp%2Ffree1.html&cbuster=1725133267250834016130&pvid=191a9f4a1318d1c195a&implVersion=17&cxurl=https%3A%2F%2Fwww.vivafoot.xyz%2Fp%2Ffree1.html&site=875284&i=1&scum=%3F0&scuw=%3F0

Requested by

Host: www.vivafoot.xyz
URL: https://www.vivafoot.xyz/p/free1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.152.106 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 19:41:07 GMT
strict-transport-security: max-age=15768000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 8bbf7f088b2d6935-LIS
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H2 200 geoip Show response
cmp.inmobi.com/ 47 B
330 B 245ms
83ms XHR
application/json 3.160.150.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/geoip
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-40.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: 57b59ca705037e9fa948ecbc290feb04fbbb2d3e99bbd46def0a5cd4e720e599

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 19:41:07 GMT
via: 1.1 f59e52adbf3a58a76dec03547cb4b34c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P7
x-cache: FunctionGeneratedResponse from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
content-length: 47
x-amz-cf-id: usj2nsY7v6eJfKGmBKLQd95KHuI2plMtZEVQ2_-ESgCwCotrEfaocg==

GET
H3 200 adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ 4 KB
1 KB 140ms
79ms Image
image/svg+xml 172.64.152.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by: Host: www.vivafoot.xyz
URL: https://www.vivafoot.xyz/p/free1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.152.191 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 19:41:07 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: XSXAZQ1BC46WBN6Z
age: 3734
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Ds1DRHye4OGsEeU7/YicteARxbJcZgqg3EsNg4XwzCZVYA+6ssqy9XMH40XcxOcXDElNeaKQkzGr4CfGPX/H2Uj5VHlux9xChH47akWuqPA=
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 8bbf7f0a2ff594fe-LIS
expires: Sat, 31 Aug 2024 23:41:07 GMT

GET
H2 200 cmp-list.json Show response
cmp.inmobi.com/GVL-v2/ 20 KB
4 KB 83ms
83ms XHR
application/json 3.160.150.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/GVL-v2/cmp-list.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-40.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 454d974a43898b47566c0ba55390ed4399ec35702643c9d89b4e598a31bb2b0f

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:00:44 GMT
content-encoding: br
via: 1.1 f59e52adbf3a58a76dec03547cb4b34c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 60024
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 31 Aug 2024 03:00:42 GMT
server: AmazonS3
etag: W/"5d356333662d51a926ebb5431b9d3ae6"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: R867uf_mP2qoEKd0IJ1PvVGfKje1J0_EJhncxYU71x665b3cNd0Jbg==

GET
H3 200 1 Show response
servicer.adskeeper.com/1584715/ 5 KB
2 KB 126ms
116ms Script
application/x-javascript 172.64.152.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicer.adskeeper.com/1584715/1?tcfV2=1&scale_metric_1=64.00&scale_metric_2=320.00&scale_metric_3=100.00&w=1205&h=270&sz=287x227&szp=1,2,3,4&szl=1,2,3,4&cols=4&sessionId=66d371d4-024fc&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fwww.vivafoot.xyz%2Fp%2Ffree1.html&cbuster=1725133267574351496770&pvid=191a9f4a1318d1c195a&implVersion=17&cxurl=https%3A%2F%2Fwww.vivafoot.xyz%2Fp%2Ffree1.html&scum=%3F0&scuw=%3F0&mp4=1&ap=1&consentStrLen=0&niet=4g&nisd=false&jsp=body&pv=5&lct=1724928060&jsv=es6&pageView=1&dpr=1&ref=&hashCommit=3970e690&tfre=995

Requested by

Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/site/875284.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.152.106 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39469315a3abc85b58922f2e4456bf91f56c88b762e31a809d46279b97dadf49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 19:41:07 GMT
strict-transport-security: max-age=15768000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 8bbf7f0a8ea06935-LIS
alt-svc: h3=":443"; ma=86400

GET
H2 200 cmp2ui-fr.js Show response
cmp.inmobi.com/tcfv2/53/ 316 KB
80 KB 92ms
92ms Script
text/javascript 3.160.150.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/53/cmp2ui-fr.js
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-40.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 19c2a0dbced65d734b0201c1fe6176aeef55579563e1b140dca2625efdf3211d

Request headers

Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 05:49:40 GMT
content-encoding: gzip
via: 1.1 f2a51982e289d888963f4f93b48c5f22.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 138094
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
cross-origin-resource-policy: cross-origin
last-modified: Mon, 03 Jun 2024 09:45:49 GMT
server: AmazonS3
etag: W/"02e7e5ce265ec7dd395c033664675894"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: napyoqsswJJhE8XZ4PSO4MJcebWkUNogk_pmBPkoiA3bDOQd6PsMfw==

POST
H2 204 collect
analytics.google.com/g/ 0
0 314ms
112ms Fetch
text/plain 216.239.36.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-D59HPQQ9LN&gtm=45je48s0v9175034224za200&_p=1725133267216&_gaz=1&gcd=13l3l3l3l2l1&npa=0&dma=0&tcfd=10000&tag_exp=0&ul=pt-pt&sr=1600x1200&cid=1772937766.1725133267&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.vivafoot.xyz%2Fp%2Ffree1.html&dt=VIVA%20FOOT%3A%20FREE&sid=1725133267&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1830
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D59HPQQ9LN&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Aug 2024 19:41:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.vivafoot.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
247 B 252ms
80ms Ping
text/plain 64.233.184.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-D59HPQQ9LN&cid=1772937766.1725133267&gtm=45je48s0v9175034224za200&aip=1&dma=0&gcd=13l3l3l3l2l1&npa=0&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D59HPQQ9LN&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.184.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wa-in-f157.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Aug 2024 19:41:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.vivafoot.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 5822 0
0 265ms
90ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-D59HPQQ9LN&gacid=1772937766.1725133267&gtm=45je48s0v9175034224za200&dma=0&gcd=13l3l3l3l2l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=705428148

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D59HPQQ9LN&cx=c&_slc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vivafoot.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 31 Aug 2024 19:41:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 vendor-list-trimmed-v1.json Show response
cmp.inmobi.com/GVL-v3/ 602 KB
68 KB 100ms
98ms XHR
application/json 3.160.150.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/GVL-v3/vendor-list-trimmed-v1.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-40.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ca059b9eb3c7cdb78e7b501426a95e08446ad39c0534e222eed097c050471a71

Request headers

Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 23:59:23 GMT
content-encoding: br
via: 1.1 f59e52adbf3a58a76dec03547cb4b34c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 70904
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 29 Aug 2024 23:59:21 GMT
server: AmazonS3
etag: W/"5b2c5136af30114188f728f0a828c1bb"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: J11kARYC25PUGv5jsLdmUPvcmVcxPchWCQpEoZEB_2T6dzVAkDeH-w==

GET
H3 200 ga-audiences
www.google.co.in/ads/ 42 B
63 B 247ms
146ms Image
image/gif 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.in/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-D59HPQQ9LN&cid=1772937766.1725133267&gtm=45je48s0v9175034224za200&aip=1&dma=0&gcd=13l3l3l3l2l1&npa=0&frm=0&tag_exp=0&tag_exp=0&z=756294678

Requested by

Host: www.vivafoot.xyz
URL: https://www.vivafoot.xyz/p/free1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Aug 2024 19:41:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google-atp-list.json Show response
cmp.inmobi.com/tcfv2/ 141 KB
33 KB 174ms
173ms XHR
application/json 3.160.150.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/google-atp-list.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-40.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d6080c9023efcbab1934db51d42069a005147b8739e756aa8ee8f73546d1faff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:00:26 GMT
content-encoding: br
via: 1.1 f59e52adbf3a58a76dec03547cb4b34c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 60042
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 31 Aug 2024 03:00:24 GMT
server: AmazonS3
etag: W/"73d2f10a7d56ba014ad81385e4631616"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: OslPH4WR79-qEU4l2zh_xkamD2_xYjSr77mnCznX_l30ZonL4t1NZg==

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA3LzMxNDcyMi80Mjg5N2EwNzdhZTQzYzFiM...
s-img.adskeeper.com/g/9924791/492x328/-/ 14 KB
15 KB 185ms
81ms Image
image/webp 104.18.35.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/9924791/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA3LzMxNDcyMi80Mjg5N2EwNzdhZTQzYzFiMzM0MDhmYmUxNzY2OWZhOS5qcGc.webp?v=1725133267-PXV-klA3Yaoq_FehmiK6jD1pubiSI1m-cLfJMbeKhRA
Requested by: Host: www.vivafoot.xyz
URL: https://www.vivafoot.xyz/p/free1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.150 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4102fd24455c86513911ef073bf653da50c7f97e432856ec22e9a00da88248d

Request headers

Referer: https://www.vivafoot.xyz/
Origin: https://www.vivafoot.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 19:41:07 GMT
cf-cache-status: HIT
last-modified: Mon, 20 Nov 2023 21:44:43 GMT
x-mg-request-uuid: ce5b31f9-1a96-4260-b7dd-d2094912e0f7
server: cloudflare
age: 7976882
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8bbf7f0bfb6f94ee-LIS
content-length: 14750
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDI0LTA4LzY3Mjk1NS84NWFiN...
s-img.adskeeper.com/g/20282218/492x328/-/ 17 KB
17 KB 196ms
93ms Image
image/webp 104.18.35.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/20282218/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDI0LTA4LzY3Mjk1NS84NWFiNTk4MDhiMTVhMzdjOTZkNjM5OWM1OTMxYmFhNi5qcGc.webp?v=1725133267-Z2Kdt8Q-iisvy_2vtV0vE7FrtXkdAN8qFPHKd5FY0tw
Requested by: Host: www.vivafoot.xyz
URL: https://www.vivafoot.xyz/p/free1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.150 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7afe678686379877d1a632b28a90a174f3990488468302371a9b900bcd0b4948

Request headers

Referer: https://www.vivafoot.xyz/
Origin: https://www.vivafoot.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 19:41:07 GMT
cf-cache-status: HIT
last-modified: Sat, 03 Aug 2024 21:54:17 GMT
x-mg-request-uuid: 1fa9fdfd-c90b-4d57-9e8e-7b22daca60db
server: cloudflare
age: 802411
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8bbf7f0bfb6a94ee-LIS
content-length: 17138
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDI0LTA3LzY3Mjk1NS83MDlhM...
s-img.adskeeper.com/g/20093637/492x328/-/ 11 KB
12 KB 239ms
136ms Image
image/webp 104.18.35.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/20093637/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDI0LTA3LzY3Mjk1NS83MDlhMjY1Y2IxOGJlNmNlNDM2N2RjZjVkMzk1OGI2Ni5qcGc.webp?v=1725133267-4EvAbbOp2-4OWGDRbDvvV9CjS6j3sdqp_vCXl5sxy2s
Requested by: Host: www.vivafoot.xyz
URL: https://www.vivafoot.xyz/p/free1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.150 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7158b578f267867af4f3c793e218f31cf446abc52afa4e9b00faa00f8bf7bf7c

Request headers

Referer: https://www.vivafoot.xyz/
Origin: https://www.vivafoot.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 19:41:07 GMT
cf-cache-status: HIT
last-modified: Mon, 15 Jul 2024 15:16:39 GMT
x-mg-request-uuid: 558d95e1-bb12-4e0c-a355-a1c2eb4bd9fb
server: cloudflare
age: 802416
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8bbf7f0bfb7194ee-LIS
content-length: 11722
alt-svc: h3=":443"; ma=86400

GET
H3 206 2fe19d6de0a84a2dd3467cd19988b384.mp4
cl.imghosts.com/imgh/video/upload/ar_3:2,c_fill,w_680/videos/t/2024-08/101924/ 395 KB
396 KB 142ms
79ms Media
video/mp4 172.64.153.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.imghosts.com/imgh/video/upload/ar_3:2,c_fill,w_680/videos/t/2024-08/101924/2fe19d6de0a84a2dd3467cd19988b384.mp4?v=1725133267-Oaliii8RIRxh1zO8W-cuBV93BrVnhFsnRbOQXtKM6Qo

Requested by

Host: www.vivafoot.xyz
URL: https://www.vivafoot.xyz/p/free1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.153.183 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

546a54aefce8818d79bf1b26a0bfd20a0a5aea5e1f666270eaee6c73f4a6624f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vivafoot.xyz/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 31 Aug 2024 19:41:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 774348
Content-Range: bytes 0-404474/404475
server-timing: cld-cloudflare;mitm=c;dur=131;start=2024-08-22T20:35:19.014Z;desc=miss,content-info;desc="width=680,height=452,abps=73989,fps=60.0,du=5.467,vc="h264",bytes=404475,owidth=960,oheight=540,oabps=337951,ofps=60.0,odu=5.467,ovc="h264",obytes=1847466,oformat="mp4",ef=(18,61,65);";cloudinary;dur=88;start=2024-08-22T20:35:19.053Z
alt-svc: h3=":443"; ma=86400
Content-Length: 404475
x-request-id: fd735374758b922dcdaa4c2638bdd559
last-modified: Thu, 22 Aug 2024 17:52:17 GMT
server: cloudflare
etag: "2d4e23401eda98cba785f4febfcff9a5"
vary: Accept-Encoding
content-type: video/mp4;codecs=avc1
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, max-age=31536000, no-transform
timing-allow-origin: *
x-robots-tag: noindex
cf-ray: 8bbf7f0bb8a86935-LIS

GET
H3 200 i.js Show response
cm.adskeeper.com/ 0
181 B 187ms
172ms Script
application/javascript 172.64.152.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.adskeeper.com/i.js?cbuster=1725133267718341095295

Requested by

Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/site/875284.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.152.106 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Aug 2024 19:41:07 GMT
strict-transport-security: max-age=15768000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 8bbf7f0b78506935-LIS
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 / Show response
api.cmp.inmobi.com/ 2 B
101 B 292ms
85ms XHR
text/plain 3.124.222.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cmp.inmobi.com/?log=%7B%22accountId%22%3A%226Fv0cGNfc_bw8%22%2C%22domain%22%3A%22www.vivafoot.xyz%22%2C%22publisher%22%3A%22themoneytizer.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.53%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22g23Zx69rwtzD4Hmc12rszw%22%2C%22tagVersion%22%3A%22V3%22%2C%22gvlVersion%22%3A3%2C%22clientTimestamp%22%3A1725133267781%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-erabtthwik8lwgsttqg0%22%7D
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2ui-fr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.124.222.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-222-217.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 31 Aug 2024 19:41:08 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H2 200 geoip Show response
cmp.inmobi.com/ 47 B
330 B 83ms
82ms XHR
application/json 3.160.150.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/geoip
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2ui-fr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-40.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: 57b59ca705037e9fa948ecbc290feb04fbbb2d3e99bbd46def0a5cd4e720e599

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 19:41:07 GMT
via: 1.1 f59e52adbf3a58a76dec03547cb4b34c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P7
x-cache: FunctionGeneratedResponse from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
content-length: 47
x-amz-cf-id: q8FvCFuaD2eUUIlctboUxNRfSVc1rYT_O8xWg4x2LqXE1omzfGDBJA==

GET
H2 200 purposes-fr.json Show response
cmp.inmobi.com/GVL-v3/ 53 KB
9 KB 84ms
84ms XHR
application/json 3.160.150.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/GVL-v3/purposes-fr.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-40.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5a01ad672ecd1770e810e147599af0a96c03110746061dc17ecec39ab4fdc665

Request headers

Referer: https://www.vivafoot.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 23:59:24 GMT
content-encoding: br
via: 1.1 f59e52adbf3a58a76dec03547cb4b34c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 70904
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 29 Aug 2024 23:59:20 GMT
server: AmazonS3
etag: W/"20373c41829183f5a198b05aa4896016"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: _6ofyZnXqu1IUEZPx0JFrQ6DEELbyA6dD9fxJcrZlMcd37VYi10IXw==

GET
H2 200 favicon.ico
www.vivafoot.xyz/ 9 KB
2 KB 205ms
204ms Other
image/x-icon 142.250.184.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vivafoot.xyz/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.211 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f19.1e100.net

Software

GSE /

Resource Hash

e73a65db527cca38430e8a3dc2a98776b823528ca4bb5df10494395f3fd0611c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.vivafoot.xyz/p/free1.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 19:41:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 31 Aug 2024 19:34:41 GMT
server: GSE
etag: W/"d03d2141cabeaf0645d08ecfbf94b3731d3db6cfe015da6f83df23e133e254f7"
content-type: image/x-icon
cache-control: private, max-age=86400
content-length: 1549
x-xss-protection: 1; mode=block
expires: Sat, 31 Aug 2024 19:41:09 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.vivafoot.xyz
URL: blob:https://www.vivafoot.xyz/74c74808-0d48-4586-8e4c-c64f244435db

Domain: www.vivafoot.xyz
URL: blob:https://www.vivafoot.xyz/46868706-c5f6-4401-a0f4-174f81cb9390

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.vivafoot.xyz/	1970-01-21 08:48:13	Name: _ga Value: GA1.2.1772937766.1725133267
.vivafoot.xyz/	1970-01-20 23:13:39	Name: _gid Value: GA1.2.1977685849.1725133267
.vivafoot.xyz/	1970-01-20 23:12:13	Name: _gat_blogger Value: 1
.www.vivafoot.xyz/	1970-01-21 08:33:49	Name: usprivacy Value: 1N--
.vivafoot.xyz/	1970-01-21 08:48:13	Name: _ga_D59HPQQ9LN Value: GS1.2.1725133267.1.0.1725133267.60.0.0
www.vivafoot.xyz/	1969-12-31 23:59:59	Name: AdskeeperStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1584715%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221725133267706%22%7D%7D
.doubleclick.net/	1970-01-20 23:12:14	Name: test_cookie Value: CheckForPermission

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ghostsinstance.com/9a1ef647c987b4132e3bd002b86291f2/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://ghostsinstance.com/2fb3017ee5eb60e9bed80038884f021c/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acscdn.com
analytics.google.com
api.cmp.inmobi.com
blogger.googleusercontent.com
c.adskeeper.com
cdn.adskeeper.co.uk
cdnjs.cloudflare.com
cl.imghosts.com
cm.adskeeper.com
cmp.inmobi.com
fonts.gstatic.com
ghostsinstance.com
jsc.adskeeper.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
pubtrky.com
s-img.adskeeper.com
servicer.adskeeper.com
stats.g.doubleclick.net
td.doubleclick.net
themes.googleusercontent.com
vivafoot.xyz
www.blogger.com
www.google-analytics.com
www.google.co.in
www.googletagmanager.com
www.vivafoot.xyz
youradexchange.com
www.vivafoot.xyz
104.17.24.14
104.18.10.207
104.18.35.150
104.21.8.108
104.21.91.188
142.250.184.195
142.250.184.211
142.250.185.194
142.250.185.225
142.250.185.227
142.250.185.238
142.250.186.73
172.217.16.200
172.240.127.234
172.64.152.106
172.64.152.191
172.64.153.183
188.114.97.3
216.239.34.21
216.239.36.181
216.58.206.34
3.124.222.217
3.160.150.40
64.233.184.157
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
085f727ed707e4cf3177cdd33747bf8ae71584d8cfd35cc92db0e4b16a4e34ff
0deb5082ddbcd905a8d9fff21cf5dfd1afdac4744f149a4db2801af971850390
19ac01ff785059f6e4cd94f3caa0193f48e19086f8a3d0484cb573f2d08b5b23
19c2a0dbced65d734b0201c1fe6176aeef55579563e1b140dca2625efdf3211d
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
275ca48aa1a018242b49a4d059a7bca1dc604395e74d8a3725e4c80a41d3f2aa
31b80827b0425e1be19c726c9fdb78d0e1c5fa29a81f93625284935f4ba0653a
36501b2e19acc1d7c46553dc2f7990313ebd0b83f199addff357428c5be57c55
39469315a3abc85b58922f2e4456bf91f56c88b762e31a809d46279b97dadf49
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
454d974a43898b47566c0ba55390ed4399ec35702643c9d89b4e598a31bb2b0f
546a54aefce8818d79bf1b26a0bfd20a0a5aea5e1f666270eaee6c73f4a6624f
555d023c6abea42f2aced51403cc0b18177a42ec02c2983cb09721afbe71d95c
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57b59ca705037e9fa948ecbc290feb04fbbb2d3e99bbd46def0a5cd4e720e599
5a01ad672ecd1770e810e147599af0a96c03110746061dc17ecec39ab4fdc665
60cf0e05cd8787a97f0a7243d3c745f79fe6d4f5ecfa3f53fb701c2f0926aade
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6a0af73d8aca10ba21b96c1a708c2effd53397bcb7797092280089818d640cb3
7158b578f267867af4f3c793e218f31cf446abc52afa4e9b00faa00f8bf7bf7c
7afe678686379877d1a632b28a90a174f3990488468302371a9b900bcd0b4948
8f2ee4a81bc6cd16817dce77969c0da376217ddf34549b59d453fa1af7184f0c
92bf2667e3434750097f9212feca904c5e7ac36d9155463d25d79f1415018219
a19431136adf4e750808c9f85d00fa05a93ca4908a3669fbdda4400ab0ac762c
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
abc4c24f7cdeabcfa58f96fb120ba7fd52263fe7e3394d24db1ec7ecaee8cc45
c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892
ca059b9eb3c7cdb78e7b501426a95e08446ad39c0534e222eed097c050471a71
ca0b35aa0f48d8359e7fce9feec83f90ed60c0b857cdf29784f0803b70de4e55
ce29e97bc10c23fb20ec4878ba95c73e6edac3ded3469d697d9271e8017062ff
d4102fd24455c86513911ef073bf653da50c7f97e432856ec22e9a00da88248d
d6080c9023efcbab1934db51d42069a005147b8739e756aa8ee8f73546d1faff
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e09bb27a60e23accb25c1e1a0ac408bc79c5132af7ed82533c62f4feac3a051d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73a65db527cca38430e8a3dc2a98776b823528ca4bb5df10494395f3fd0611c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7a0c447b915ba02cdfa198f1fee92f0a4a784dc895b61be659a9386c6ed3112

www.vivafoot.xyz Open in urlscan Pro 142.250.184.211 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

94 %HTTPS

0 %IPv6

20 Domains

28 Subdomains

24 IPs

4 Countries

1433 kBTransfer

3922 kBSize

7 Cookies

3 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.vivafoot.xyz Open in urlscan Pro
142.250.184.211 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

94 %
HTTPS

0 %
IPv6

20
Domains

28
Subdomains

24
IPs

4
Countries

1433 kB
Transfer

3922 kB
Size

7
Cookies

53 HTTP transactions
0 data transactions