urlscan.io logo urlscan.io
SecurityTrails logo

www.fifacm.com Open in urlscan Pro
2606:4700::6812:1a44  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.fifacm.com/
Effective URL: https://www.fifacm.com/
Submission: On April 30 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 3 countries across 17 domains to perform 54 HTTP transactions. The main IP is 2606:4700::6812:1a44, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.fifacm.com. The Cisco Umbrella rank of the primary domain is 862006.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 20th 2023. Valid for: a year.
This is the only time www.fifacm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 2606:4700::68... 13335 (CLOUDFLAR...)
1 3 13.32.121.72 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 142.250.185.194 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 151.101.131.42 54113 (FASTLY)
2 104.20.94.138 13335 (CLOUDFLAR...)
2 2001:4860:480... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 151.101.193.194 54113 (FASTLY)
2 216.58.206.66 15169 (GOOGLE)
1 18.245.31.66 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.32.99.35 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.170 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.78 15169 (GOOGLE)
1 151.101.3.42 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
54 24
15    2606:4700::6812:1a44 (United States)

ASN13335 (CLOUDFLARENET, US)
www.fifacm.com
cdn.fifacm.com
3    13.32.121.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-72.fra60.r.cloudfront.net
sb.scorecardresearch.com
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
pagead2.googlesyndication.com
3    2606:4700::6812:1b44 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.fifacm.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    151.101.131.42 (San Francisco, United States)

ASN54113 (FASTLY, US)
hb.vntsm.com
2    104.20.94.138 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2606:4700:10::6816:2e8e (United States)

ASN13335 (CLOUDFLARENET, US)
hb.vntsm.io
1    151.101.193.194 (San Francisco, United States)

ASN54113 (FASTLY, US)
hb-vntsm-com.global.ssl.fastly.net
2    216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f2.1e100.net
pagead2.googlesyndication.com
1    18.245.31.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-66.fra56.r.cloudfront.net
ats.rlcdn.com
1    2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
2    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    13.32.99.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-35.fra60.r.cloudfront.net
geo.privacymanager.io
2    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    142.250.185.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net
fonts.googleapis.com
1    2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
5    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net
fundingchoicesmessages.google.com
1    151.101.3.42 (San Francisco, United States)

ASN54113 (FASTLY, US)
hb.vntsm.com
2    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
18 fifacm.com
www.fifacm.com — Cisco Umbrella Rank: 862006
cdn.fifacm.com
1 MB
7 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
209 KB
5 gstatic.com
fonts.gstatic.com
216 KB
4 vntsm.com
hb.vntsm.com — Cisco Umbrella Rank: 31054
366 KB
3 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 660
154 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 183
3 KB
2 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 207
170 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2404
307 B
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 18729
c.statcounter.com — Cisco Umbrella Rank: 11493
14 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
7 KB
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 45
6 KB
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1821
627 B
1 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 924
921 B
1 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 5249
35 KB
1 fastly.net
hb-vntsm-com.global.ssl.fastly.net — Cisco Umbrella Rank: 661817
1 vntsm.io
hb.vntsm.io — Cisco Umbrella Rank: 38230
646 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
92 KB
54 17
Domain Requested by
11 cdn.fifacm.com www.fifacm.com
cdn.fifacm.com
7 www.fifacm.com 1 redirects www.fifacm.com
5 fonts.gstatic.com www.fifacm.com
fonts.googleapis.com
5 pagead2.googlesyndication.com www.fifacm.com
pagead2.googlesyndication.com
hb.vntsm.com
4 hb.vntsm.com www.fifacm.com
hb.vntsm.com
3 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
hb.vntsm.com
3 sb.scorecardresearch.com 1 redirects www.fifacm.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 securepubads.g.doubleclick.net hb.vntsm.com
securepubads.g.doubleclick.net
2 region1.google-analytics.com www.googletagmanager.com
2 fonts.googleapis.com www.fifacm.com
1 lh3.googleusercontent.com www.fifacm.com
1 geo.privacymanager.io ats.rlcdn.com
1 ad-delivery.net hb.vntsm.com
1 ats.rlcdn.com hb.vntsm.com
1 hb-vntsm-com.global.ssl.fastly.net hb.vntsm.com
1 hb.vntsm.io hb.vntsm.com
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com www.fifacm.com
1 www.googletagmanager.com www.fifacm.com
54 20

This site contains links to these domains. Also see Links.

Domain
play.google.com
apps.apple.com
twitter.com
www.instagram.com
www.youtube.com
www.tiktok.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-06-20 -
2024-06-18		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
*.vntsm.com
R3		 2024-03-22 -
2024-06-20		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-05 -
2025-01-03		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2023 Q4		 2023-11-09 -
2024-12-10		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-06 -
2025-03-05		 a year crt.sh
ad-delivery.net
GTS CA 1P5		 2024-03-19 -
2024-06-17		 3 months crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://www.fifacm.com/
Frame ID: 88868CCF55A7BA588DB345B819C581BE
Requests: 48 HTTP requests in this frame

Frame: https://www.fifacm.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
Frame ID: 50FE48DC6C5E47304AFE246E9D051FA0
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240425/r20110914/zrt_lookup_fy2021.html
Frame ID: EB27FF4B68A1E3259A2C2ED70D7769A0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1184080919266052&output=html&adk=1812271804&adf=3025194257&lmt=1714465795&plat=3%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x675_r&format=0x0&url=https%3A%2F%2Fwww.fifacm.com%2F&pra=5&wgl=1&easpi=0&aihb=1&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714465794966&bpp=4&bdt=416&idt=286&shv=r20240425&mjsv=m202404290101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=1404930663355&frm=20&pv=2&ga_vid=1323349500.1714465795&ga_sid=1714465795&ga_hid=1653843987&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31083069%2C31083215%2C95331042%2C95331555%2C95331690%2C95331695&oid=2&pvsid=7306679467852&tmod=1654726880&uas=0&nvt=1&fsapi=1&fc=1920&brdim=640%2C640%2C640%2C640%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=306
Frame ID: 214BC1B361E62686351DF9C4AAACFA99
Requests: 1 HTTP requests in this frame

Frame: https://hb.vntsm.com/ab/live/3pcookie/cookieTest.html
Frame ID: C44757958D68C434DDC47FC1738A9BE6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9E8E9A28DEBE4EDE56A50B363B819F5F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

EA FC 24 Career Mode Potential and Ratings - Career Mode | FIFACM

Page URL History Show full URLs

  1. http://www.fifacm.com/ HTTP 307
    https://www.fifacm.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter

Page Statistics

54
Requests

94 %
HTTPS

52 %
IPv6

17
Domains

20
Subdomains

24
IPs

3
Countries

2365 kB
Transfer

7017 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.fifacm.com/ HTTP 307
    https://www.fifacm.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://sb.scorecardresearch.com/cs/7161055/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 23
  • https://www.fifacm.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.fifacm.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.fifacm.com/
Redirect Chain
  • http://www.fifacm.com/
  • https://www.fifacm.com/
40 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.fifacm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7882c479ac50ddcf089f8e955cbc5543774d8c571da8b03f6cee4cfedd066030

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
87c62aaf5b5a1979-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 30 Apr 2024 08:29:54 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Location
https://www.fifacm.com/
Non-Authoritative-Reason
HttpsUpgrades
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/7161055/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol
H2
Server
13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.fifacm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Apr 2024 06:46:10 GMT
content-encoding
gzip
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:02:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
12346
x-amz-server-side-encryption
AES256
etag
W/"77ff4ede4693897337a38594321529a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
aFGriOAalkWaRVmMiyEhFZqPqZEab2B5dCq3MrhzR9GVSj26lob54w==

Redirect headers

date
Tue, 30 Apr 2024 08:29:54 GMT
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
location
/internal-cs/default/beacon.js
content-length
0
x-amz-cf-id
a_qnBfW-gvxZ81PzREUyIk-1boGMVHA2aDuAgNegkDGRKRm3GcIUhA==
js
www.googletagmanager.com/gtag/ 		264 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PYJED2YZLP
Requested by
Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
62b0b5668d8644d946e0787a7c0149b700c887571f52e507d72e186c734ccd63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 08:29:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93803
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 30 Apr 2024 08:29:54 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e02447538253243c9fe920a12f740c6fa7531ac173ed14e30fe991eb0c6569b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 08:29:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51226
x-xss-protection
0
server
cafe
etag
10058382401852111023
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 30 Apr 2024 08:29:54 GMT
fa-duotone-900.woff2
cdn.fifacm.com/static/site/fontawesome-pro-5.14.0-web/webfonts/ 		183 KB
183 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.fifacm.com/static/site/fontawesome-pro-5.14.0-web/webfonts/fa-duotone-900.woff2
Requested by
Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20ec55e764f09d132a679b2aa4ef98a9256b58b7a1a79f70dfec5e901160de75

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Origin
https://www.fifacm.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 08:29:54 GMT
cf-cache-status
HIT
last-modified
Sun, 20 Sep 2020 19:16:04 GMT
server
cloudflare
age
4121665
etag
"5f67aa74-2da54"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
87c62ab0bf369750-FRA
content-length
186964
expires
Thu, 13 Mar 2025 15:37:27 GMT
fa-solid-900.woff2
cdn.fifacm.com/static/site/fontawesome-pro-5.14.0-web/webfonts/ 		137 KB
138 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.fifacm.com/static/site/fontawesome-pro-5.14.0-web/webfonts/fa-solid-900.woff2
Requested by
Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a2399d510fe0bb91bf136a84c8f186c5bd3a57a2aac94a39bf167850588717f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Origin
https://www.fifacm.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 08:29:54 GMT
cf-cache-status
HIT
last-modified
Sun, 20 Sep 2020 19:16:04 GMT
server
cloudflare
age
4112743
etag
"5f67aa74-225a0"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
87c62ab0bf389750-FRA
content-length
140704
expires
Thu, 13 Mar 2025 18:06:09 GMT
all.min.css
cdn.fifacm.com/static/site/fontawesome-pro-5.14.0-web/css/ 		170 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.fifacm.com/static/site/fontawesome-pro-5.14.0-web/css/all.min.css
Requested by
Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7de3b4b49089f8cdd8267eda652f35806cb2b70f7c5cec0351f6d129263e52b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 08:29:54 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 20 Sep 2020 19:16:04 GMT
server
cloudflare
age
4117584
etag
W/"5f67aa74-2a712"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
87c62ab06ccd1979-FRA
expires
Thu, 13 Mar 2025 16:43:26 GMT
css
fonts.googleapis.com/ 		9 KB
1 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Requested by
Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Origin
https://www.fifacm.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 30 Apr 2024 08:29:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 30 Apr 2024 06:59:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 Apr 2024 08:29:54 GMT
mdb.min.css
cdn.fifacm.com/static/site/css/ 		310 KB
58 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.fifacm.com/static/site/css/mdb.min.css?v=181220154231
Requested by
Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc4197a5237e119910c737169b941a97cbeadc4c0e84ff85ae2ca85929860bac

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 08:29:54 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 18 Dec 2020 15:42:31 GMT
server
cloudflare
age
4117584
etag
W/"5fdccde7-4d661"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
87c62ab06cce1979-FRA
expires
Thu, 13 Mar 2025 16:43:26 GMT
site.min.css
cdn.fifacm.com/static/dist/css/ 		184 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.fifacm.com/static/dist/css/site.min.css?v=250622190319
Requested by
Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1769ecd8421a1aedbacaa73602e8a5ed87f45de0430bfd80c487cb7441e4bf61

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 08:29:54 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 25 Jun 2022 18:03:19 GMT
server
cloudflare
age
4117584
etag
W/"62b74de7-2e1f3"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
87c62ab06ccf1979-FRA
expires
Thu, 13 Mar 2025 16:45:28 GMT
ad-manager.min.js
hb.vntsm.com/v3/live/ 		141 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v3/live/ad-manager.min.js
Requested by
Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b8af2f805bd812bf13e6566c877adce0d0ced31b3d288b11765cd5fb0f7c90a3
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 08:29:54 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
venatus-cdn-hb-rule-version
1.1
strict-transport-security
max-age=300
age
949
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-ip
217.114.218.24
geo-sub
NI
x-amz-id-2
0Da8wc6R7aUhEIc7xDpeh8orOfafmiaUpdP8TTxJ3g7PWPFbj4f/426W6L372J/bmlj4DUR71nolWk+lrMzVVRoQ9sToORD2
x-served-by
cache-dub4336-DUB, cache-fra-etou8220025-FRA
content-length
40467
last-modified
Wed, 24 Apr 2024 12:03:38 GMT
x-timer
S1714465795.827454,VS0,VE0
etag
"39d5e558d928996a69149710bb6377ac"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
accept-ranges
bytes
access-control-allow-headers
X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-geo
DE
x-cache-hits
13, 17
fcm-logo-short.png
www.fifacm.com/static/img/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fifacm.com/static/img/fcm-logo-short.png
Requested by
Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
820868a72698a1f360003a8ae37a0155431839d57f68b1d064611aea0ea74c15

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 08:29:54 GMT
cf-cache-status
HIT
age
4112743
cf-polished
origSize=13917
content-length
13042
cf-bgj
imgq:100,h2pri
last-modified
Sun, 20 Sep 2020 19:16:04 GMT
server
cloudflare
etag
"5f67aa74-365d"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
87c62ab02c4b1979-FRA
expires
Thu, 13 Mar 2025 18:06:09 GMT
fifacm-logo-700-w.webp
www.fifacm.com/static/img/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fifacm.com/static/img/fifacm-logo-700-w.webp?v=2
Requested by
Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f896dae27179e8a749c5fbe696085236d5237e8adf87cf205914fa4711c6123

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 08:29:54 GMT
cf-cache-status
HIT
last-modified
Mon, 11 Mar 2024 08:08:29 GMT
server
cloudflare
age
4274
etag
"65eebbfd-2e42"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
accept-ranges
bytes
cf-ray
87c62ab02c501979-FRA
content-length
11842
site-p.min.js
cdn.fifacm.com/static/site/js/ 		767 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fifacm.com/static/site/js/site-p.min.js?v=240923121503
Requested by
Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6ff9dbdd68bab5e0490dfacbc533d5959d85788525cacb7054b3dc226b2d356

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 08:29:54 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 24 Sep 2023 11:15:03 GMT
server
cloudflare
age
2869398
etag
W/"65101a37-bfd6d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
87c62ab06cd11979-FRA
expires
Fri, 28 Mar 2025 03:28:32 GMT
mdb.min.js
cdn.fifacm.com/static/site/js/ 		1 MB
261 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fifacm.com/static/site/js/mdb.min.js?v=2250920004713
Requested by
Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd366675108a3fbad3f0b6a030675da79a09f8f49bebb5b36017302075dde3c0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 08:29:54 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 24 Sep 2020 23:47:13 GMT
server
cloudflare
age
4112743
etag
W/"5f6d3001-1017e2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
87c62ab0bd481979-FRA
expires
Thu, 13 Mar 2025 18:04:07 GMT
home.min.js
cdn.fifacm.com/static/site/js/pages/ 		1 KB
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fifacm.com/static/site/js/pages/home.min.js?v=170121120100
Requested by
Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47445201ce2aaaa33279bdac8547cf68e163f0b6cbc779d4f2fda48410869495

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 08:29:54 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 17 Jan 2021 12:01:00 GMT
server
cloudflare
age
4117584
etag
W/"600426fc-599"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
87c62ab0ed941979-FRA
expires
Thu, 13 Mar 2025 16:43:26 GMT
counter.js
www.statcounter.com/counter/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.94.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
163f56b3b6e604ea7f6aae49c6f6069fc9626233680d09d8a1034440d93d4ac4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 08:29:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 14:50:52 GMT
server
cloudflare
age
18612
etag
W/"6626794c-8c64"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
87c62ab148fb5d78-FRA
expires
Tue, 30 Apr 2024 15:19:42 GMT
b
sb.scorecardresearch.com/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=7161055&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1714465794688&ns_c=UTF-8&c7=https%3A%2F%2Fwww.fifacm.com%2F&c8=EA%20FC%2024%20Career%20Mode%20Potential%20and%20Ratings%20-%20Career%20Mode%20%7C%20FIFACM&c9=
Requested by
Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 08:29:54 GMT
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
FhQrYg0ezva14NNJpZhe4a-gJiXTDsgUDFPckjF4Pe793O3iAcAMFg==
x-cache
Miss from cloudfront
collect
region1.google-analytics.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-PYJED2YZLP&gtm=45je44t0v879232614za200&_p=1714465794577&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1323349500.1714465795&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1714465794&sct=1&seg=0&dl=https%3A%2F%2Fwww.fifacm.com%2F&dt=EA%20FC%2024%20Career%20Mode%20Potential%20and%20Ratings%20-%20Career%20Mode%20%7C%20FIFACM&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=414
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PYJED2YZLP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 30 Apr 2024 08:29:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.fifacm.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fifa21_bg.webp
cdn.fifacm.com/static/img/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.fifacm.com/static/img/fifa21_bg.webp
Requested by
Host: cdn.fifacm.com
URL: https://cdn.fifacm.com/static/dist/css/site.min.css?v=250622190319
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ba0c9c5ff3857ca6e5751ec4d85530dda482586380f6a3a6527233b07b5b017

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cdn.fifacm.com/static/dist/css/site.min.css?v=250622190319
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 08:29:54 GMT
cf-cache-status
HIT
last-modified
Sun, 06 Dec 2020 09:50:59 GMT
server
cloudflare
age
2755
etag
"5fcca983-8bd2"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
accept-ranges
bytes
cf-ray
87c62ab1bee31979-FRA
content-length
35794
flags.png
cdn.fifacm.com/static/img/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.fifacm.com/static/img/flags.png
Requested by
Host: cdn.fifacm.com
URL: https://cdn.fifacm.com/static/site/css/mdb.min.css?v=181220154231
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
006af77d5c7dd0c094d2106813437d970d3396e5d98d52b6bedec949d12e2f06

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cdn.fifacm.com/static/site/css/mdb.min.css?v=181220154231
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 08:29:54 GMT
cf-cache-status
HIT
age
4108071
cf-polished
origSize=28123
content-length
27955
cf-bgj
imgq:100,h2pri
last-modified
Sun, 20 Sep 2020 19:16:04 GMT
server
cloudflare
etag
"5f67aa74-6ddb"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
87c62ab1bee41979-FRA
expires
Thu, 13 Mar 2025 19:24:01 GMT
fa-brands-400.woff2
cdn.fifacm.com/static/site/fontawesome-pro-5.14.0-web/webfonts/ 		76 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.fifacm.com/static/site/fontawesome-pro-5.14.0-web/webfonts/fa-brands-400.woff2
Requested by
Host: cdn.fifacm.com
URL: https://cdn.fifacm.com/static/site/fontawesome-pro-5.14.0-web/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
485ef94c52a4c62277533950ca70e9c4b13f97eed65cc868b22bd8c37e3ada11

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cdn.fifacm.com/static/site/fontawesome-pro-5.14.0-web/css/all.min.css
Origin
https://www.fifacm.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 08:29:54 GMT
cf-cache-status
HIT
last-modified
Sun, 20 Sep 2020 19:16:04 GMT
server
cloudflare
age
4112743
etag
"5f67aa74-12e40"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
87c62ab2394c9750-FRA
content-length
77376
expires
Thu, 13 Mar 2025 18:04:07 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404290101/ 		411 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1184080919266052&plah=www.fifacm.com&aplac=true&bust=31083215
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
97c9cbdb97e34e63d87f9193070c8418c343d781d45782d58550592100320430
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 08:29:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142624
x-xss-protection
0
server
cafe
etag
4628072620729832265
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 30 Apr 2024 08:29:54 GMT
5fae867aa82c70232bb5be5b.enc
hb.vntsm.com/v2/live/ 		70 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v2/live/5fae867aa82c70232bb5be5b.enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3027ed474bdea9dae46b327d102617a7b7c9237d2b1e74e3cf0b552367966b8
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 08:29:55 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
venatus-cdn-hb-rule-version
1.1
strict-transport-security
max-age=300
age
4041
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-ip
217.114.218.24
geo-sub
NI
x-amz-id-2
oAdkIdAAcJmavj0jsh9krbFawxP0S/7MX1VXnH09oKVa0MCddPkytt9Nls11zYUBJMZYNZxjSls=
x-served-by
cache-dub4342-DUB, cache-fra-etou8220064-FRA
content-length
8492
last-modified
Fri, 19 Apr 2024 10:45:35 GMT
x-timer
S1714465795.082469,VS0,VE1
etag
"bc12de7bcab3da431856b9e882d6d058"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/plain
access-control-allow-origin
*
access-control-expose-headers
X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
accept-ranges
bytes
access-control-allow-headers
X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-geo
DE
x-cache-hits
20, 1
main.js
www.fifacm.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/ Frame 50FE
Redirect Chain
  • https://www.fifacm.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.fifacm.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fifacm.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
Requested by
Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol
H2
Server
2606:4700::6812:1a44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba964e41ad7e608e5b4b8398238093b45c3c76391354a7c9b450eb065d9b4ca4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Apr 2024 08:29:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
87c62ab338e31979-FRA

Redirect headers

date
Tue, 30 Apr 2024 08:29:55 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
cache-control
max-age=300, public
cf-ray
87c62ab308a91979-FRA
content-length
0
t.php
c.statcounter.com/ 		192 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12435742&u1=071D8398D9564F7DB4299FDE2D92F2F8&java=1&security=16a1dcac&sc_snum=1&sess=21e3ea&p=0&pv=10&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.fifacm.com/&t=EA%20FC%2024%20Career%20Mode%20Potential%20and%20Ratings%20-%20Career%20Mode%20%7C%20FIFACM&invisible=1&sc_rum_e_s=563&sc_rum_e_e=647&sc_rum_f_s=0&sc_rum_f_e=407&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.94.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 08:29:55 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.fifacm.com
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
87c62ab31adb5d78-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
87c62aaf5b5a1979
www.fifacm.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 50FE 		0
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.fifacm.com/cdn-cgi/challenge-platform/h/g/jsd/r/87c62aaf5b5a1979
Requested by
Host: www.fifacm.com
URL: https://www.fifacm.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 30 Apr 2024 08:29:55 GMT
server
cloudflare
cf-ray
87c62ab45a0f1979-FRA
content-length
0
content-type
text/plain; charset=UTF-8
content.html
hb.vntsm.io/ 		32 B
646 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.io/content.html
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2e8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 08:29:55 GMT
cf-cache-status
HIT
x-amz-request-id
CVG56D7502K357SJ
age
948
content-length
32
x-amz-id-2
8LdTvqvPjxdV0TUOkQGe2q1ZOypQw3tMBAhhHHcp91miTjIc0fifprPvTU1XsDSyFdET2t91M4Y=
geo
DE
last-modified
Thu, 14 Oct 2021 10:47:47 GMT
server
cloudflare
etag
"2f58b9ff601fd509249a9e7628a21c33"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
87c62ab4c89a8ed4-FRA
g.txt
hb-vntsm-com.global.ssl.fastly.net/v4/srv/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-vntsm-com.global.ssl.fastly.net/v4/srv/g.txt
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 08:29:55 GMT
Via
1.1 varnish, 1.1 varnish
Venatus-CDN-HB-Rule-Version
1.1
Strict-Transport-Security
max-age=300
Age
950
x-amz-server-side-encryption
AES256
X-Cache
HIT, HIT
Connection
keep-alive
X-IP
217.114.218.24
Content-Length
0
x-amz-id-2
bEWNU6JD1L+VOocPcCd14fvNfX1GlHQiL/sCdrJ9kszF1vw71JWJWAMJdEilQtYuE8NrePam08A9jfMOSDEdwA==
X-Served-By
cache-dub4346-DUB, cache-fra-etou8220128-FRA
Geo-Sub
NI
Last-Modified
Tue, 02 Apr 2024 15:20:36 GMT
X-Timer
S1714465795.302183,VS0,VE0
ETag
"d41d8cd98f00b204e9800998ecf8427e"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
X-Geo
DE
X-Cache-Hits
3, 12
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240425/r20110914/ Frame EB27 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240425/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1184080919266052&plah=www.fifacm.com&aplac=true&bust=31083215
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.fifacm.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
28427
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Apr 2024 00:36:08 GMT
etag
5035419970550746386
expires
Tue, 14 May 2024 00:36:08 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 214B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1184080919266052&output=html&adk=1812271804&adf=3025194257&lmt=1714465795&plat=3%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x675_r&format=0x0&url=https%3A%2F%2Fwww.fifacm.com%2F&pra=5&wgl=1&easpi=0&aihb=1&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714465794966&bpp=4&bdt=416&idt=286&shv=r20240425&mjsv=m202404290101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=1404930663355&frm=20&pv=2&ga_vid=1323349500.1714465795&ga_sid=1714465795&ga_hid=1653843987&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31083069%2C31083215%2C95331042%2C95331555%2C95331690%2C95331695&oid=2&pvsid=7306679467852&tmod=1654726880&uas=0&nvt=1&fsapi=1&fc=1920&brdim=640%2C640%2C640%2C640%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=306
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1184080919266052&plah=www.fifacm.com&aplac=true&bust=31083215
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.fifacm.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Apr 2024 08:29:55 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad-manager-bundle.min.js
hb.vntsm.com/v3/live/ 		1 MB
317 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v3/live/ad-manager-bundle.min.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2fa6a1d9f0b959c43b0c3b33c0216af40b83668fabf928e2fed3ed0f1cdd98f
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 08:29:55 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
venatus-cdn-hb-rule-version
1.1
strict-transport-security
max-age=300
age
936
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-ip
217.114.218.24
geo-sub
NI
x-amz-id-2
+yEV9gL61Zbtxd62ZwS2VmM3GRlQr6m5UEU6gSR/XXJH+7Sf3SGClDzS6HvkWReT0g4GjitGm7g=
x-served-by
cache-dub4340-DUB, cache-fra-etou8220025-FRA
content-length
323971
last-modified
Wed, 24 Apr 2024 12:03:38 GMT
x-timer
S1714465795.344100,VS0,VE0
etag
"39f2ce9fddcbf36ad04756f23c77e138"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
accept-ranges
bytes
access-control-allow-headers
X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-geo
DE
x-cache-hits
8, 12
ats.js
ats.rlcdn.com/ 		110 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-66.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
F5G4x7igSyEInzmeTLVI9fM7V7EmySpG
content-encoding
br
via
1.1 a96420fb093cd21d1dea3700ef4d43ca.cloudfront.net (CloudFront)
date
Mon, 29 Apr 2024 13:54:35 GMT
last-modified
Wed, 13 Mar 2024 08:09:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
66921
x-amz-server-side-encryption
AES256
etag
W/"b248cc9d0fdeb36bdeb7efabad1132ee"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
49zGdLug-j6bj7CttHLRRHn69FeCngLN96xZEeyBLDBSpvM-9eGlCw==
px.gif
ad-delivery.net/ 		43 B
921 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 08:29:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
378235
x-guploader-uploadid
ABPtcPrux6dlODB5e_tasWROPm5jTBdL450Xz1Wts3KrxFSKJRkUiuPhL3oKK-QLBZQzrtIKB6QwkkAwAQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wi1ntglbEPmFrRZgKd25TrboKZ7mTug0trjBIM8q9L%2FzTSq75KjMRG5qGQu%2FDNeRtUgbBLfVDpOj%2FFTHc5SvGg54QjyJoKYmhgZYgrG1j68HSX1d428KjNl%2B9FMwgldivQynlWLXAPLYGpwYlA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
87c62ab76c483665-FRA
expires
Thu, 25 Apr 2024 23:51:23 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		94 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
82ebd92a6963fd01a2ed044395156a4548fbaa6ab4023fbdbc71fa6676a4d17b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 08:29:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30082
x-xss-protection
0
server
cafe
etag
54 / 19843 / m202404250101 / config-hash: 4255553072851817045
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 30 Apr 2024 08:29:55 GMT
/
geo.privacymanager.io/ 		28 B
627 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-35.fra60.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 02:32:27 GMT
via
1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront), 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, FRA60-P3
age
21448
x-amzn-requestid
5ad40839-892f-4d50-9446-79b42157575f
x-amzn-trace-id
Root=1-6630583b-20f3949d68b236b657bac839;Parent=3cfebf9e2db7692d;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
XBK5UGP5DoEETyA=
content-length
28
x-amz-cf-id
-UT7rcH37eqepwrB0evXEpPqEJbC5UOowmxbVAEaWHcNOFy7hkSBeQ==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404250101/ 		450 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404250101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e84579046013ee288fc4ea3698f886f1c6d2e83df294eb851283c12e63b5ef33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 10:19:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
79824
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
143517
x-xss-protection
0
server
cafe
etag
15418045017249816870
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 29 Apr 2025 10:19:31 GMT
21726375739
fundingchoicesmessages.google.com/i/ 		181 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/21726375739?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1cb5bbb33d578490c802e02bed579ce8a9c4c2a95c58c2aa472cf5654576b1ab
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HnxZt_U1n3aEI4FT04M8Gw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 08:29:56 GMT
content-security-policy
script-src 'report-sample' 'nonce-HnxZt_U1n3aEI4FT04M8Gw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmLw15BiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkxYQxzyfzpoCxE7pM1hDgNinfgZrHBC33jzHOh2ITy44z3oRiJP-nWctAWIhbo6WG4c2sgn86LooDgDUVyqw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXRqKSLPlOxdaMvOVCLVZqhNoDVa10DP0HckAxocBrMCEBPA87l6686dVtl0L3tf7Im5OHA2n-RQ7rQ44eNoEnm_pGfW9e9ZMRtrYmsKvFeXuTz1nGA6jbw8KYeGBo_aQgeEw_QYQ==
fundingchoicesmessages.google.com/f/ 		650 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXRqKSLPlOxdaMvOVCLVZqhNoDVa10DP0HckAxocBrMCEBPA87l6686dVtl0L3tf7Im5OHA2n-RQ7rQ44eNoEnm_pGfW9e9ZMRtrYmsKvFeXuTz1nGA6jbw8KYeGBo_aQgeEw_QYQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE0NDY1Nzk2LDEzMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuZmlmYWNtLmNvbS8iLG51bGwsW1s4LCJTUnR4T0NZZ0FIOCJdLFs5LCJkZSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODIyNTRdLG51bGwsM10iXSxbMTksIjEiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.SRtxOCYgAH8.es5.O/am=gAE/d=1/rs=AJlcJMxZoL0hnKvSkjwB6yzwK6ZQ9409HQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4aad2ec91ec580eb0a7da997adc380b49f702f5502e476bdd6ce728744c0556a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aN5fBxXLetLcm2rNRm6q5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 08:29:56 GMT
content-security-policy
script-src 'report-sample' 'nonce-aN5fBxXLetLcm2rNRm6q5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmJw15BiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkxYQxzyfzpoCxE7pM1hDgNinfgZrHBC33jzHOh2ITy44z3oRiJP_nWctBWIhbo6WG4c2sgk8-P87BwDTHSuG"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		109 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.SRtxOCYgAH8.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzy6Z1W9CyutUwmLY2QD5VBI_wPDQ/m=web_iab_tcf_v2_wall_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
ESF /
Resource Hash
7a9b40fbe1723d7089078913d08d26e103179016baf2647059f29cf2cdc144e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 30 Apr 2024 08:29:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 30 Apr 2024 08:29:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 Apr 2024 08:29:56 GMT
ZR--2R-iP2YMKRbhJzawIsdN7L8-J0oRt_aF5tdzP6l9WeVrmBk4kKWpgm5-MreQbvaBZ9iRYluKjHtKNp7jgnXPFvJVJsFo_B_1AUPkFj76usXFvx3E=h60
lh3.googleusercontent.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/ZR--2R-iP2YMKRbhJzawIsdN7L8-J0oRt_aF5tdzP6l9WeVrmBk4kKWpgm5-MreQbvaBZ9iRYluKjHtKNp7jgnXPFvJVJsFo_B_1AUPkFj76usXFvx3E=h60
Requested by
Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1f4a429310ff371af8b0a9045a949a6605f28e951bd42c41a8ca2e699815c160
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 07:11:38 GMT
x-content-type-options
nosniff
age
4698
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6022
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 01 May 2024 07:11:38 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Origin
https://www.fifacm.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 22:45:56 GMT
x-content-type-options
nosniff
age
294240
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Apr 2025 22:45:56 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Origin
https://www.fifacm.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 19:45:43 GMT
x-content-type-options
nosniff
age
45853
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Apr 2025 19:45:43 GMT
AGSKWxUNLiDgcg-58DLTAwSmg7VZE0mTH0Dsc2LXHNxA1_o7ncEIDJsI7mVHEUiseNyWjyKWCV0oBU24uigpbAtVk7_8PQ44hI3Ay3tmLAr_cLK9VAGJDg1TmRFEmxsBPLtWGz0UFPY_Hg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUNLiDgcg-58DLTAwSmg7VZE0mTH0Dsc2LXHNxA1_o7ncEIDJsI7mVHEUiseNyWjyKWCV0oBU24uigpbAtVk7_8PQ44hI3Ay3tmLAr_cLK9VAGJDg1TmRFEmxsBPLtWGz0UFPY_Hg==
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager-bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-qnVuENnaMeeXbbUrQMNksQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.fifacm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 30 Apr 2024 08:29:56 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-qnVuENnaMeeXbbUrQMNksQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII1JBiqGV4xtQKxE7pM1hDgFiIh6PlxqGNbAI_pu66xAgAyAMMmQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.fifacm.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.fifacm.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 03:50:46 GMT
x-content-type-options
nosniff
age
275950
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Apr 2025 03:50:46 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.fifacm.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:30:08 GMT
x-content-type-options
nosniff
age
50388
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Apr 2025 18:30:08 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.fifacm.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 03:29:55 GMT
x-content-type-options
nosniff
age
18001
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11872
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Apr 2025 03:29:55 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240425&st=env
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager-bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
c298c106e1429a0a6e03cddbd948deba1a276586743b829a9ec55ecb31c23f38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 08:29:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12779
x-xss-protection
0
cookieTest.html
hb.vntsm.com/ab/live/3pcookie/ Frame C447 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/ab/live/3pcookie/cookieTest.html
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.42 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.fifacm.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-headers
X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
age
938
content-encoding
gzip
content-length
420
content-type
text/html
date
Tue, 30 Apr 2024 08:29:56 GMT
etag
"d80b9831e6e7896aa97e84d70f49e545"
geo-sub
NI
last-modified
Sun, 10 Sep 2023 14:04:21 GMT
strict-transport-security
max-age=300
vary
Accept-Encoding
venatus-cdn-hb-rule-version
1.1
via
1.1 varnish, 1.1 varnish
x-amz-id-2
eIjFMFAlSBOri93L19pUoDORlI/xp/NWk5DSkunC5O2AVodW6Tt0YplDVbBqHlLimCLuD84eq/I=
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-cache-hits
21, 7
x-geo
DE
x-ip
217.114.218.24
x-served-by
cache-dub4346-DUB, cache-fra-etou8220059-FRA
x-timer
S1714465797.569122,VS0,VE0
favicon-32x32.png
www.fifacm.com/static/img/favicon/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.fifacm.com/static/img/favicon/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2699a4e9cdd052adb92f8b3003bce83eb92447eb1fda3d55199380a632263dc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 08:29:56 GMT
cf-cache-status
HIT
age
3292637
cf-polished
origSize=1659
content-length
1227
cf-bgj
imgq:100,h2pri
last-modified
Mon, 28 Sep 2020 01:00:16 GMT
server
cloudflare
etag
"5f7135a0-67b"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
87c62abcccdb1979-FRA
expires
Sun, 23 Mar 2025 05:52:34 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1184080919266052&plah=www.fifacm.com&aplac=true&bust=31083215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 08:29:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 30 Apr 2024 08:29:56 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9E8E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.fifacm.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
340
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Apr 2024 08:24:16 GMT
expires
Wed, 30 Apr 2025 08:24:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-PYJED2YZLP&gtm=45je44t0v879232614za200&_p=1714465794577&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1323349500.1714465795&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1714465794&sct=1&seg=0&dl=https%3A%2F%2Fwww.fifacm.com%2F&dt=EA%20FC%2024%20Career%20Mode%20Potential%20and%20Ratings%20-%20Career%20Mode%20%7C%20FIFACM&en=scroll&epn.percent_scrolled=90&_et=90&tfd=5506
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PYJED2YZLP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.fifacm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 30 Apr 2024 08:29:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.fifacm.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240425&jk=7306679467852&bg=!_P-l_7DNAAZvnppNT547ADQBe5WfOKywjwmdFtRj5m96FyTiarIlrPKS9Ryu6Zx6VNHrQ-c3i3vFaq7iSnwCX2ZEmYuOAgAAADdSAAAAA2gBB34ANTXL3R4p-MSSJKM_HyDkVg-1W85xQqD50mwFUMSzXnQPufONqYfTHOAtv1epw8lcMN8-XNWwmQKsgSJLXmPZ7m4aK5p8TEZXEmeOo3k8oVdNU3i0whE6O91K2hkTITI_7cCzrUp4E2uZkTOgOM70NfLKWlMJ8XhmZIq6U935u4n4nVBunv1LJslBq1v1jGt38l40l5oekcvmmnm9_X8z4QG6a7SLse-uasKOGHNLh_dWKHR_nK8_ZPxnx-azt_IsccWCV2YNi4hdgyE8MMY8xGgvQ9gbfjiJFVrkSSKGNFll5urgdwZczGjvnK3QTjtQzfetU3MHuswvD5AuZv10C9JnOYb8Oc_oyHf78MK2gvk-ehY8UBHIcI9N3Dt7dcDusn-8xY_YV7fEqyjwm7EVEActVVUnZPk6LjQjRHNIYomhWM-zavpZPqrKiJu-lTE0bLhO0ynIaUN3HLuDHC4ROn5xUfKHGioiUP-Wer6kcuUVByc202eEUJOWOJSFwXr1_KG6Xq9aLGIfcUVpd2qDUu8ukWLrZGHZzZDlAgRQROoT5akJF2vYVKBaXzONJ1kSFTRTMhp5Ck-zUZv0UxjCkWtbEFeOwk7e0SwWXhver94FF5QfvL4zIXsYye65KWUDE97TA4-h_CMnFxLpUzA2QdTFjKF8W28DDbCDwBWODVzbGYj4StHIcAmqZ8ik0inSakW03HZylOzYgC4ZUoh4EWUlEWRNfCYG32Me8hBZeeGm8Zm1z0S1UvqMQv49beav-foOr1ITOLA6-8dOEa55N3z1TB1jg8ZLBvBNX4GGqDvYa7hyc_0EuQ-ltwmlM2SwD4gU0xCkY0heMTijx-OyyZhqnBxxDl7Fo8x2UH4QQKRearNwgHsiFVjN3JVwqJvWzppBpfu7ke5sYEhMbHSbnHU3uRmDoslUwriVWbc702Rm7p-vUx0Xog2of8Z1gE6NK3nagP63z7iMOiYM2GUWGaXlz17d

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| _comscore function| gtag object| dataLayer object| COMSCORE object| ns_p function| initializeBottomOverlays function| getCookie string| cdn_url string| main_year string| cPageYear function| QuillLocalStorage function| swalMsg function| number_format function| wrToText function| statColor function| statColorBg function| get_level_display function| $ function| jQuery function| moment function| Quill function| QuillMentions function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal object| nations object| clubs object| leagues object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal number| uidEvent function| Color function| Chart object| regeneratorRuntime object| mdb number| sc_project number| sc_invisible string| sc_security number| sc_https function| sC function| gC function| cOS function| iAPC function| _statcounter object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| webpackChunkad_manager number| __VM_PRELOADER_COUNT string| FYEAR function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| __VM_FSGEO_RESPONSE string| __VM_HBC object| __VM_BAIT_RESPONSE object| vmpbjs object| _pbjsGlobals number| __VM_COUNT function| $___render object| __VM object| ADAGIO string| nobidVersion object| nobid object| mnet object| googletag function| clearImmediate function| setImmediate object| ats object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| MTE4YTIxNDI2ZDQwYzhhZWxvYWRlcl9qcw== string| MTE4YTIxNDI2ZDQwYzhhZWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| GoogleGcLKhOms object| google_image_requests

10 Cookies

Domain/Path Name / Value
www.fifacm.com/ Name: PHPSESSID
Value: f6u94n5a9j5sibp0qvi6ifqm3e
www.fifacm.com/ Name: currency
Value: eur
www.fifacm.com/ Name: statsui
Value: cat
.fifacm.com/ Name: _ga
Value: GA1.1.1323349500.1714465795
.fifacm.com/ Name: _ga_PYJED2YZLP
Value: GS1.1.1714465794.1.0.1714465794.0.0.0
.fifacm.com/ Name: sc_is_visitor_unique
Value: rx12435742.1714465795.071D8398D9564F7DB4299FDE2D92F2F8.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc12435742.1714465795.0
.statcounter.com/ Name: is_visitor_unique
Value: 1714465795188476163
.fifacm.com/ Name: cf_clearance
Value: hQPtFrJpQNJ_PKZCtEc.GpJAaUKnh7ihlLoTc3Fhiz0-1714465795-1.0.1.1-GwvVxEvvo8PvUpzjRBOGwfdaQ3yTev9AXKZHifI8tIyyrokpOBc1HR_J4OkQhwB4Dj2WWQgimclwwmqPlaxTEQ
www.fifacm.com/ Name: _lr_geo_location
Value: DE

2 Console Messages

Source Level URL
Text
other warning URL: https://www.fifacm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.fifacm.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
ats.rlcdn.com
c.statcounter.com
cdn.fifacm.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
geo.privacymanager.io
hb-vntsm-com.global.ssl.fastly.net
hb.vntsm.com
hb.vntsm.io
lh3.googleusercontent.com
pagead2.googlesyndication.com
region1.google-analytics.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.fifacm.com
www.googletagmanager.com
www.statcounter.com
pagead2.googlesyndication.com
104.20.94.138
13.32.121.72
13.32.99.35
142.250.185.170
142.250.185.194
142.250.185.78
151.101.131.42
151.101.193.194
151.101.3.42
18.245.31.66
2001:4860:4802:34::36
216.58.206.66
2606:4700:10::6816:2e8e
2606:4700:20::ac43:4513
2606:4700::6812:1a44
2606:4700::6812:1b44
2a00:1450:4001:806::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:812::200e
2a00:1450:4001:813::2001
2a00:1450:4001:81d::2001
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2003
006af77d5c7dd0c094d2106813437d970d3396e5d98d52b6bedec949d12e2f06
163f56b3b6e604ea7f6aae49c6f6069fc9626233680d09d8a1034440d93d4ac4
1769ecd8421a1aedbacaa73602e8a5ed87f45de0430bfd80c487cb7441e4bf61
1cb5bbb33d578490c802e02bed579ce8a9c4c2a95c58c2aa472cf5654576b1ab
1f4a429310ff371af8b0a9045a949a6605f28e951bd42c41a8ca2e699815c160
20ec55e764f09d132a679b2aa4ef98a9256b58b7a1a79f70dfec5e901160de75
2a2399d510fe0bb91bf136a84c8f186c5bd3a57a2aac94a39bf167850588717f
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
47445201ce2aaaa33279bdac8547cf68e163f0b6cbc779d4f2fda48410869495
485ef94c52a4c62277533950ca70e9c4b13f97eed65cc868b22bd8c37e3ada11
4aad2ec91ec580eb0a7da997adc380b49f702f5502e476bdd6ce728744c0556a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62b0b5668d8644d946e0787a7c0149b700c887571f52e507d72e186c734ccd63
7882c479ac50ddcf089f8e955cbc5543774d8c571da8b03f6cee4cfedd066030
7a9b40fbe1723d7089078913d08d26e103179016baf2647059f29cf2cdc144e7
7ba0c9c5ff3857ca6e5751ec4d85530dda482586380f6a3a6527233b07b5b017
820868a72698a1f360003a8ae37a0155431839d57f68b1d064611aea0ea74c15
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82ebd92a6963fd01a2ed044395156a4548fbaa6ab4023fbdbc71fa6676a4d17b
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
8f896dae27179e8a749c5fbe696085236d5237e8adf87cf205914fa4711c6123
97c9cbdb97e34e63d87f9193070c8418c343d781d45782d58550592100320430
a2699a4e9cdd052adb92f8b3003bce83eb92447eb1fda3d55199380a632263dc
a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f
af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b8af2f805bd812bf13e6566c877adce0d0ced31b3d288b11765cd5fb0f7c90a3
ba964e41ad7e608e5b4b8398238093b45c3c76391354a7c9b450eb065d9b4ca4
c298c106e1429a0a6e03cddbd948deba1a276586743b829a9ec55ecb31c23f38
c2fa6a1d9f0b959c43b0c3b33c0216af40b83668fabf928e2fed3ed0f1cdd98f
cc4197a5237e119910c737169b941a97cbeadc4c0e84ff85ae2ca85929860bac
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dd366675108a3fbad3f0b6a030675da79a09f8f49bebb5b36017302075dde3c0
e02447538253243c9fe920a12f740c6fa7531ac173ed14e30fe991eb0c6569b3
e3027ed474bdea9dae46b327d102617a7b7c9237d2b1e74e3cf0b552367966b8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6ff9dbdd68bab5e0490dfacbc533d5959d85788525cacb7054b3dc226b2d356
e7de3b4b49089f8cdd8267eda652f35806cb2b70f7c5cec0351f6d129263e52b
e84579046013ee288fc4ea3698f886f1c6d2e83df294eb851283c12e63b5ef33
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615