www.footem.site Open in urlscan Pro
2a00:1450:4001:813::2013 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.footem.site/
Effective URL:
https://www.footem.site/
Submission: On December 06 via api (December 6th 2023, 8:20:41 pm UTC) from US — Scanned from DE

Summary HTTP 98 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 30 IPs in 4 countries across 21 domains to perform 98 HTTP transactions. The main IP is 2a00:1450:4001:813::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.footem.site.
TLS certificate: Issued by GTS CA 1D4 on October 13th 2023. Valid for: 3 months.

This is the only time www.footem.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	2a00:1450:400... 2a00:1450:4001:813::2013	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
4	2606:4700:e6:... 2606:4700:e6::ac40:c723	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3038::6815:eae7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	13.32.27.56 13.32.27.56	16509 (AMAZON-02) (AMAZON-02)
1	192.243.59.20 192.243.59.20	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2009	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	37.157.2.230 37.157.2.230	198622 (ADFORM) (ADFORM)
2	2602:803:c003... 2602:803:c003:200::51	26667 (RUBICONPR...) (RUBICONPROJECT)
1 7	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
5	23.38.80.182 23.38.80.182	16625 (AKAMAI-AS) (AKAMAI-AS)
3 8	2a02:26f0:350... 2a02:26f0:3500:1b::1724:a39f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	88.221.125.233 88.221.125.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
98	30

3 2a00:1450:4001:813::2013 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.footem.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e6::ac40:c723 (United States)

ASN13335 (CLOUDFLARENET, US)

ads.holid.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
helloworld.holid.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3038::6815:eae7 (United States)

ASN13335 (CLOUDFLARENET, US)

rawcdn.githack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
raw.githack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 13.32.27.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-56.fra56.r.cloudfront.net

images.fotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

hzr0dm28m17c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.230 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.89.210.46 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e072cf693e7e6711f3535b47d8ecb864.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.252.171.85 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

fra1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.38.80.182 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-38-80-182.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:3500:1b::1724:a39f (Frankfurt am Main, Germany) 3 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.221.125.233 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-125-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 229 fra1-ib.adnxs.com — Cisco Umbrella Rank: 8028 cdn.adnxs.com — Cisco Umbrella Rank: 1605 acdn.adnxs.com — Cisco Umbrella Rank: 610	115 KB
12	fotmob.com images.fotmob.com — Cisco Umbrella Rank: 30796	149 KB
9	googlesyndication.com e072cf693e7e6711f3535b47d8ecb864.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	42 KB
8	bing.com 3 redirects www.bing.com — Cisco Umbrella Rank: 60	79 KB
8	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196	189 KB
6	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	214 KB
5	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 537 eus.rubiconproject.com — Cisco Umbrella Rank: 588 token.rubiconproject.com — Cisco Umbrella Rank: 461	16 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	22 KB
4	holid.io ads.holid.io — Cisco Umbrella Rank: 312653 helloworld.holid.io — Cisco Umbrella Rank: 409896	130 KB
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189 www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
3	githack.com rawcdn.githack.com — Cisco Umbrella Rank: 77463 raw.githack.com — Cisco Umbrella Rank: 71356	25 KB
3	footem.site 1 redirects www.footem.site	46 KB
2	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 4453	75 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	128 KB
2	adform.net adx.adform.net — Cisco Umbrella Rank: 4544	1 KB
2	gstatic.com fonts.gstatic.com www.gstatic.com	239 KB
2	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 12342	10 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	148 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	2 KB
1	blogger.com www.blogger.com — Cisco Umbrella Rank: 11518	58 KB
1	hzr0dm28m17c.com hzr0dm28m17c.com — Cisco Umbrella Rank: 933045
98	21

	Domain	Requested by
12	images.fotmob.com	www.footem.site
8	www.bing.com	3 redirects www.footem.site
8	securepubads.g.doubleclick.net	ads.holid.io securepubads.g.doubleclick.net www.footem.site www.googletagservices.com
7	fra1-ib.adnxs.com	ads.holid.io www.footem.site cdn.adnxs.com
7	ib.adnxs.com	1 redirects ads.holid.io acdn.adnxs.com
6	cdnjs.cloudflare.com	www.footem.site
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
4	cdn.jsdelivr.net	ads.holid.io securepubads.g.doubleclick.net
3	acdn.adnxs.com	www.footem.site ads.holid.io
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	www.footem.site	1 redirects www.footem.site
2	eus.rubiconproject.com	ads.holid.io eus.rubiconproject.com
2	cdn.adnxs.com	ads.holid.io
2	adsdk.microsoft.com	ads.holid.io
2	www.googletagservices.com	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	helloworld.holid.io	ads.holid.io
2	fastlane.rubiconproject.com	ads.holid.io
2	adx.adform.net	ads.holid.io
2	raw.githack.com	www.footem.site
2	blogger.googleusercontent.com	www.footem.site
2	www.googletagmanager.com	www.footem.site www.googletagmanager.com
2	ads.holid.io	www.footem.site ads.holid.io
2	www.google.com	www.footem.site tpc.googlesyndication.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	e072cf693e7e6711f3535b47d8ecb864.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	www.blogger.com	www.footem.site
1	fonts.gstatic.com	www.footem.site
1	hzr0dm28m17c.com	www.footem.site
1	rawcdn.githack.com	www.footem.site
98	32

This site contains links to these domains. Also see Links.

Domain
lnk.bio
www.whatsapp.com
footem-wt.blogspot.com
www.footem.in
us.footem.in
news.google.com
facebook.com
www.twitter.com
www.instagram.com
footemxtra.com
www.blogger.com

Subject Issuer	Validity	Valid
www.footem.site GTS CA 1D4	`2023-10-13` - `2024-01-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
holid.io GTS CA 1P5	`2023-12-03` - `2024-03-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
githack.com GTS CA 1P5	`2023-11-04` - `2024-02-02`	3 months	crt.sh
*.fotmob.com Amazon RSA 2048 M02	`2023-02-21` - `2024-02-08`	a year	crt.sh
hzr0dm28m17c.com R3	`2023-10-13` - `2024-01-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 02	`2023-10-11` - `2024-04-08`	6 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
r.bing.com Microsoft Azure ECC TLS Issuing CA 05	`2023-10-18` - `2024-06-27`	8 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.footem.site/
Frame ID: E337BA423F53230EDA43E017BB425204
Requests: 54 HTTP requests in this frame

Frame: https://e072cf693e7e6711f3535b47d8ecb864.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C5DFAE18FCE998E0A5BFB06045F0D590
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstHEVATmMFZ9-uoA9f-K3WCWX_I81P6K36LPDMX0-_Di_ePiH0cwYM-I-jmdj5qx1u3bFItIucNKJjfUiky9QeZOwNCLxV7SnmkgrYOE7NeVn1wKqB2TOv-g6MkfV035Q7qkTxfCd-MX1MtmAMvXmOVoN-US-6fzesNHmrK70LDuTxVwFbWNRzqIrXQigotc9OvpuOhuXYSM9aQzcH1tmvcaTEsSwcXuHrx65axxYDmfQspX54X0zvKW8uPkWA3mjhNCg7H0EBHlhSxt3hUZnZ7fDKHKnoXW4sx9hVaH44eppq2bYNIhLgd0HzH2H4jDzroGi1Pk-OiFrzKiJuw2SiKfYEpZSpid8zy6ZfJ1Q&sai=AMfl-YRCmq05qcSfjROPIRieY-mxqRbO4eLacoeSsqMEOMkYgCDhPvlcsCUCCafR9z_NpFhL0riL7Pq2pVzYsJGM-mxxxQkYZXjjqiGnA-C621Iz5KWeI1Odd0xXVslggRKPRq759u2RSiUVLqft7oyPIO6DjIvoSzknLVxjuA&sig=Cg0ArKJSzHJpxqQRWFw1EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 36966ECD979E51132454DA1E8346C301
Requests: 15 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11179&pub_id=2238743
Frame ID: 5EE415F57E501B5DABD215351B015A29
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 50EAE25811F5A3921F9CD79027FB0F27
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F04F8F5BE05958D9962C9ED7CF048974
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8nC7tSl-3ctFRvb3vFTe6qBbRK52hIHu5Tiy0ptmqnxprCAMAduduT4YJMU_0ESvvSCPkkstennbwjFFbFJyYgyRyrxf-F1EwRLRLl4LdBow-QlyWQo2dF-m76vp4raXTE8lKunDJ861CwTVkBAgysLqgVRtsRQ9FejETEcgWBQ6w80Tg0ggyLpi1utMgVZaIE3BIlLWy5c9in2zIS-RJP6tZh860ZwUIWViAvcZFPgd1MBGhfQn6oN2CBWxBMuigSBI-Vi0bxQPPxxrT_TZ1Vr3xmKKbfeCO5THTq_jDRRPZbHZ2-tei0xJ-KkKbolrj-V6vPm4cqTE3t49k20i2TkbBZGw9CR0p-xExmA&sai=AMfl-YRVgPrbJjwPkYQs6kil4XTmH_CHJ_FauWz03IZYG1J0Jsbpd11TfNNGwGdm4MK0rABZ6NPtoY0TkIsXATFsbrTsnZ3N4fwaWr7DYgTxe-aGXILvKAdb7L1q2fI0RDzlz20ES6VpjHsF&sig=Cg0ArKJSzLRIL3dNOGKnEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 6F78C3F9532B43AD042D2B8F271E9F45
Requests: 15 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11179&pub_id=2238743
Frame ID: A56082168AA8784F902C99B22AD0B49F
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F8090F10093D83352449D799D939E206
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A621A8577BCD42E5DF7BDECB127697A1
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FootEM | Football In Every MinuteFootEM | Football In Every Minute

Page URL History Show full URLs

http://www.footem.site/ HTTP 301
https://www.footem.site/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

98
Requests

93 %
HTTPS

72 %
IPv6

21
Domains

32
Subdomains

30
IPs

4
Countries

1709 kB
Transfer

4153 kB
Size

12
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://lnk.bio/footem
Title: Join Us

Search URL Search Domain Scan URL

URL: https://www.whatsapp.com/channel/0029Va5CwglCRs1jRlhkhF3x
Title: Join WhatsApp Channel

Search URL Search Domain Scan URL

URL: https://footem-wt.blogspot.com/
Title: Join WhatsApp Group

Search URL Search Domain Scan URL

URL: https://www.footem.in/p/indian-football.html
Title: Odisha8:00 PMLIVE NOW MBSGRound 8FOOTEMISL

Search URL Search Domain Scan URL

URL: https://www.footem.in/2023/12/sheffield-vs-liverpool.html
Title: Liverpool1:00 AM00:00:00SheffieldRound 15FOOTEM Premier League

Search URL Search Domain Scan URL

URL: https://us.footem.in/p/more-matches.html
Title: Brentford1:00 AM00:00:00BrightonRound 15FOOTEM Premier League

Search URL Search Domain Scan URL

URL: https://www.footem.in/2023/12/man-united-vs-chelsea.html
Title: Chelsea1:45 AM00:00:00Man UnitedRound 15FOOTEM Premier League

Search URL Search Domain Scan URL

URL: https://www.footem.in/2023/12/aston-villa-vs-man-city.html
Title: Man City1:45 AM00:00:00Aston VillaRound 15FOOTEM Premier League

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMIKyzQswss3kAw

Search URL Search Domain Scan URL

URL: https://facebook.com/footemofficial/

Search URL Search Domain Scan URL

URL: https://www.twitter.com/footemoff

Search URL Search Domain Scan URL

URL: https://www.instagram.com/footemxtra

Search URL Search Domain Scan URL

URL: https://footemxtra.com/
Title: Powered by Footem Media Network

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.footem.site/ HTTP 301
https://www.footem.site/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=79895868-b1e4-4df1-8d75-c823fa6c2a65&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=eef552c1-0ed3-4e2f-b9e1-3e8e25dbb5cd&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Daf09e6b5732e40fca3bf4aa3ceecb3a4%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=28216118&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_syvtugrq_a2q&aid=4221606316745117774 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=af09e6b5732e40fca3bf4aa3ceecb3a4&SNR=1&GV=2&med=10

Request Chain 65

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11179&pub_id=2238743&gdpr=0 HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels%26seller_id%3D11179%26pub_id%3D2238743%26gdpr%3D0

Request Chain 82

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=79895868-b1e4-4df1-8d75-c823fa6c2a65&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=eef552c1-0ed3-4e2f-b9e1-3e8e25dbb5cd&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Daf09e6b5732e40fca3bf4aa3ceecb3a4%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=28216118&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_syvtugrq_a2q&aid=4221606316745117774 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=af09e6b5732e40fca3bf4aa3ceecb3a4&SNR=1&GV=2&med=10

Request Chain 95

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=79895868-b1e4-4df1-8d75-c823fa6c2a65&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=eef552c1-0ed3-4e2f-b9e1-3e8e25dbb5cd&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3Daf09e6b5732e40fca3bf4aa3ceecb3a4%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=28216118&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_syvtugrq_a2q&aid=4221606316745117774 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=af09e6b5732e40fca3bf4aa3ceecb3a4&tids=15000&med=10

98 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.footem.site/
Redirect Chain

http://www.footem.site/
https://www.footem.site/

199 KB
43 KB

419ms
255ms

Document
text/html

2a00:1450:4001:813::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.footem.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f06d4453396f60e0be643140640f8a0e47ad7ff473e9a8a95038abbdfef16d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 43937
content-type: text/html; charset=UTF-8
date: Wed, 06 Dec 2023 20:20:35 GMT
etag: W/"e898cd978f162ec42f80a82f4002a7ecf2f5c9289eb2f6a9901f7bfb6d221855"
expires: Wed, 06 Dec 2023 20:20:35 GMT
last-modified: Wed, 06 Dec 2023 09:15:05 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: private, max-age=0
Content-Encoding: gzip
Content-Length: 172
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html; charset=UTF-8
Date: Wed, 06 Dec 2023 20:20:35 GMT
Expires: Wed, 06 Dec 2023 20:20:35 GMT
Location: https://www.footem.site/
Server: GSE
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 245ms
88ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.footem.site
URL: https://www.footem.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

78d7bb0b5371e973a752330ab8b3e10e1b79375a4cf0e4053ebb201cd6d3dd17

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:20:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 06 Dec 2023 20:20:36 GMT

GET
H2 200 holid.js Show response
ads.holid.io/auto/footem.site/ 35 KB
5 KB 131ms
43ms Script
application/javascript 2606:4700:e6::ac40:c723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.holid.io/auto/footem.site/holid.js
Requested by: Host: www.footem.site
URL: https://www.footem.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c723 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bf2581a1797321eb95ae5dc00473465fa58e94704ba44b5c64d2ad368c801a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:20:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 472348
cf-polished: origSize=78392
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 16 Oct 2023 12:01:03 GMT
server: cloudflare
etag: W/"652d25ff-13238"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DsmxFxZKJq69jXWJEXPFvKJlNR22Pd546ZUSAg7SLLZM1%2FbLUpvERrqfQ7DOqUwqiCS8UFe01QG4FQX86I6dv67%2BFFHUdt0eLzbepP3I2ELPRM7bv6%2Fp1YkHXhAM3Ns3yy4itooBavzf6AA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=691200, s-maxage=691200
cf-ray: 83173afd7f720e35-AMS

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 107ms
40ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.footem.site
URL: https://www.footem.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:20:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 483799
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BGbtZnuXez3ngc1Mc1jeTiLvjtMOgSsxhSCVuliDmAid6zJELZuVzFWxz3n4VxAm%2FS5z%2Bo7MXXKB42jUvI1xcMnmz9xezk3zQqqwHN1sZUMyiyjk9P2Ll48ySphfgndilAghKojZwDjf0jlh7WWRRt7Y"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83173afd5b1b3bbf-WAW
expires: Mon, 25 Nov 2024 20:20:36 GMT

GET
H2 200 fontawesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/ 57 KB
10 KB 92ms
42ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/fontawesome.min.css

Requested by

Host: www.footem.site
URL: https://www.footem.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8d00356859998784bda26e1d14f2d981515921b96ded50d5d6f6f0e75bac15c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:20:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1313143
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10256
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-e238"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hcckXI470sbJIqLdeNTWWUc28G5k80E0JqrDUsri7oQ5ZPKyO51vkPGmrjZnMnfrkiIVaGaa0nWIBbkCuFDTUHG0Z0pluW66O6gZoSO2a8%2B80NQ2cobtFk9kQ%2F8d8i%2BpMJw2eqgIo8G56lPe1u9EJnyS"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83173afd5b203bbf-WAW
expires: Mon, 25 Nov 2024 20:20:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
85 KB 285ms
96ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5CJ36TGWSE

Requested by

Host: www.footem.site
URL: https://www.footem.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d2a2c75062cf6b49b32001aa572899e204b466a6517dee7b41a9e11e90a03b37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:20:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86524
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 06 Dec 2023 20:20:36 GMT

GET
H2 200 AVvXsEjFnchNph1LwH922yXiuXv8LEqyL_LTdUoE5sHnFlxsDFJU-fYuypV3RPEVfvV6uJNruRG1_639moP3LWjg43iUnFy5-fTCr-xrXpugYpNv3IsNUpEZ5ZnfgGyaL2Cw91IcXpSHFOpmPI0czETe2D-ARHW9uYhrwuwd8HMjjDSWtvce5R9_P2lot-jzXw=s176
blogger.googleusercontent.com/img/a/ 4 KB
4 KB 565ms
350ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEjFnchNph1LwH922yXiuXv8LEqyL_LTdUoE5sHnFlxsDFJU-fYuypV3RPEVfvV6uJNruRG1_639moP3LWjg43iUnFy5-fTCr-xrXpugYpNv3IsNUpEZ5ZnfgGyaL2Cw91IcXpSHFOpmPI0czETe2D-ARHW9uYhrwuwd8HMjjDSWtvce5R9_P2lot-jzXw=s176

Requested by

Host: www.footem.site
URL: https://www.footem.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

64687be0ebc03d225dc33d8fd78be938f3b511f4c9dc3bb5a615caa407d5bc2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:20:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v838"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Footem-2.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4374
x-xss-protection: 0
expires: Thu, 07 Dec 2023 20:20:36 GMT

GET
H2 404 ins-devtool.js
rawcdn.githack.com/insnesia/INSSA/e779e059a072e368d201c5f602c9f0543549ac13/ 0
0 263ms
63ms Script
text/plain 2606:4700:3038::6815:eae7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawcdn.githack.com/insnesia/INSSA/e779e059a072e368d201c5f602c9f0543549ac13/ins-devtool.js

Requested by

Host: www.footem.site
URL: https://www.footem.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eae7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-fastly-request-id: 688170e58b569b32ba9520f6b12da7b1b4d9c662
date: Wed, 06 Dec 2023 20:20:36 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 30
x-cache: MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14
x-served-by: cache-hel1410033-HEL
server: cloudflare
x-github-request-id: AA10:123CE:5023BE:52AFAB:6570D6AC
x-timer: S1701893806.702114,VS0,VE146
source-age: 0
vary: Authorization,Accept-Encoding,Origin
x-githack-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aE8mgexPIq%2FGsAD%2F6z%2FXRFk2QAwCOu0aEVN8NpquD8Co%2BadWZ3snuqA5EjMeRulK%2BTqa%2Fsgex9wYw25p%2FpJTvT992cbxZp%2BcRNvvkXUVSJbnnDi%2BNsb6Saw1n67R22vJA%2B%2BZyz1TMoVtpWIrbnWAXG4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=300, public
cf-ray: 83173afedca9670f-AMS
x-cache-hits: 0

GET
H2 200 578653.png
images.fotmob.com/image_resources/logo/teamlogo/ 10 KB
10 KB 250ms
63ms Image
image/png 13.32.27.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fotmob.com/image_resources/logo/teamlogo/578653.png
Requested by: Host: www.footem.site
URL: https://www.footem.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-56.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 11e4b55a73394ccdfc27b933cf3a25570c689a214ee08953ef27932426759c35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 15:30:40 GMT
x-amz-meta-cache-control: max-age=2592000
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
last-modified: Tue, 29 Oct 2019 10:02:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 1399797
etag: "66b8cc4ba34015afbc0ce6d865c25e82"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 10059
x-amz-cf-id: l5Q8eP6AhSp4tPjyvmqzB_ZzM4IGphZ8o05DrHaprjbKCIkNVCeNnA==

GET
H2 200 578651.png
images.fotmob.com/image_resources/logo/teamlogo/ 10 KB
11 KB 253ms
66ms Image
image/png 13.32.27.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fotmob.com/image_resources/logo/teamlogo/578651.png
Requested by: Host: www.footem.site
URL: https://www.footem.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-56.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84f026f169adc5bf989d9c57e5c5701cc54eee22bc6f3ea86e0a48dff9c48616

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 08:25:08 GMT
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
last-modified: Sun, 16 Jul 2023 13:25:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 1079729
etag: "84923bedc5cc80ce3206e1bed4cbbe25"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: must-revalidate, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 10708
x-amz-cf-id: T2Hoepk1F8YQJahuRZ1ykaMSTMNBKVQWBum4jiceQrCnLWG8899o2g==

GET
H2 200 8650.png
images.fotmob.com/image_resources/logo/teamlogo/ 13 KB
13 KB 226ms
38ms Image
image/png 13.32.27.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fotmob.com/image_resources/logo/teamlogo/8650.png
Requested by: Host: www.footem.site
URL: https://www.footem.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-56.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 602226218e1378b2c21234dc86949e30b0883ede3e811149a09e71e833e2ce63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 23:42:18 GMT
x-amz-meta-cache-control: max-age=2592000
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
last-modified: Mon, 09 Sep 2019 07:14:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 938299
etag: "68f243b68d72435378988018c59c864c"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 13350
x-amz-cf-id: LHNR4XPHv9IkE5cvokmLKUnM_p3xcFC9ltzRYb2E3P1n17y4b1oZQw==

GET
H2 200 8657.png
images.fotmob.com/image_resources/logo/teamlogo/ 11 KB
11 KB 229ms
42ms Image
image/png 13.32.27.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fotmob.com/image_resources/logo/teamlogo/8657.png
Requested by: Host: www.footem.site
URL: https://www.footem.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-56.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6553b434beef8faafed3e14142ba5a1c7b63c85b5c06e4f3ad61951a72380d7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 20:03:28 GMT
x-amz-meta-cache-control: max-age=2592000
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
last-modified: Fri, 09 Aug 2019 07:14:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 1124229
etag: "49c8f652cf326683b00b2f10c8269440"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 11179
x-amz-cf-id: gt90mXft8szoozJzkG9wSlvX7GzsyOyRHJBqXgKVgCJ9cMGM_Fca0Q==

GET
H2 200 9937.png
images.fotmob.com/image_resources/logo/teamlogo/ 14 KB
15 KB 111ms
59ms Image
image/png 13.32.27.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fotmob.com/image_resources/logo/teamlogo/9937.png
Requested by: Host: www.footem.site
URL: https://www.footem.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-56.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 40ea0f1ce6a865641c11d2b18aea950a437f62d74ad8edf80411288ae0225753

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 01:57:31 GMT
x-amz-meta-cache-control: max-age=2592000
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 10:30:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 2312586
etag: "a1fc1cec337dc52e6ec144d61310f11b"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 14576
x-amz-cf-id: EJ__ye-in62GSlNzwWtrdTLAUqzDR6kr4zt609ev4K8fnXOumz5hMw==

GET
H2 200 10204.png
images.fotmob.com/image_resources/logo/teamlogo/ 11 KB
12 KB 34ms
34ms Image
image/png 13.32.27.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fotmob.com/image_resources/logo/teamlogo/10204.png
Requested by: Host: www.footem.site
URL: https://www.footem.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-56.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2d326e9197c15cee2342aa84195132add35fc836b3750442039a331e110f2c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 15:57:26 GMT
x-amz-meta-cache-control: max-age=2592000
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 10:31:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 1916591
etag: "b3890571378e2cc210e928d9bf409f02"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 11611
x-amz-cf-id: qr08wsHvLiYjvTjh9Tyf8tRrtGdgzGM_3BIeBRYysEr8h64wB-npcQ==

GET
H2 200 9789.png
images.fotmob.com/image_resources/logo/teamlogo/ 10 KB
10 KB 37ms
37ms Image
image/png 13.32.27.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fotmob.com/image_resources/logo/teamlogo/9789.png
Requested by: Host: www.footem.site
URL: https://www.footem.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-56.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6c930671e4ab37e34399dc4be981158bb8d3957e8c82ecefaf8f71a6197db142

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-meta-cache-control: max-age=2592000
date: Sun, 26 Nov 2023 16:01:54 GMT
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 10:28:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 879523
etag: "116622ee77a362fed42b6b077eafc334"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 9731
x-amz-cf-id: dsrWJMLm8q9-3nOAP4eeImyngzarWewyTpzmrDVEayNlChWSVkwbIw==

GET
H2 200 10269.png
images.fotmob.com/image_resources/logo/teamlogo/ 12 KB
13 KB 41ms
41ms Image
image/png 13.32.27.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fotmob.com/image_resources/logo/teamlogo/10269.png
Requested by: Host: www.footem.site
URL: https://www.footem.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-56.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7aeb5df6c1ba0e44674657f1399139bb0ab0737376d10c7b4b60b4fa2a0dd109

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 20:20:17 GMT
x-amz-meta-cache-control: max-age=2592000
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 13:26:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 1382420
etag: "eaa721bd88c8e73998794de9eccd42a2"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 12415
x-amz-cf-id: OWcMa_qmdu8VpIdR0Gt-F_U7hPQ-skLEhzn_yEH6_buzu7_PgLxpVw==

GET
H2 200 8455.png
images.fotmob.com/image_resources/logo/teamlogo/ 13 KB
14 KB 47ms
47ms Image
image/png 13.32.27.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fotmob.com/image_resources/logo/teamlogo/8455.png
Requested by: Host: www.footem.site
URL: https://www.footem.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-56.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be5014997cfd0c5933ce9cba77979fc3fc9fd941fd14de7759def6ccadcedf24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 06:49:16 GMT
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
last-modified: Sun, 30 Jul 2023 17:35:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 1603881
etag: "c7a4f01e8f07bdca51a67f6426d273cc"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: must-revalidate, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 13750
x-amz-cf-id: nJOQUyJMYorJsz5eYC1bzh4GcxqCEc6iI6HreOAzQMn791sNgt0_Mg==

GET
H2 200 10260.png
images.fotmob.com/image_resources/logo/teamlogo/ 15 KB
16 KB 51ms
51ms Image
image/png 13.32.27.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fotmob.com/image_resources/logo/teamlogo/10260.png
Requested by: Host: www.footem.site
URL: https://www.footem.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-56.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8fb036da25b891ee8717d39d7be59e460dccda4d2ba1a486a4ad3022049fd075

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-meta-cache-control: max-age=2592000
date: Tue, 28 Nov 2023 01:29:44 GMT
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
last-modified: Tue, 10 Sep 2019 11:37:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 759053
etag: "195b175cab7cbe3bc1bf6f23a3566d3c"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 15616
x-amz-cf-id: 20p54r4DTxT-kaxNmWlom0NyJiYpkukgJvfX_qDQBO1B4gvzTxNkHA==

GET
H2 200 8456.png
images.fotmob.com/image_resources/logo/teamlogo/ 14 KB
15 KB 55ms
55ms Image
image/png 13.32.27.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fotmob.com/image_resources/logo/teamlogo/8456.png
Requested by: Host: www.footem.site
URL: https://www.footem.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-56.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7bbb9988b5f64e410f01c03fda12858dd273ba0166da2dbb098b0ca4deb8e30a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 17:51:09 GMT
x-amz-meta-cache-control: max-age=2592000
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
last-modified: Tue, 14 May 2019 06:41:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 1909768
etag: "3fa72e8cc7685a2c2e435d253d4b04b7"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 14739
x-amz-cf-id: a_3hAj9C7v1FWTyyMSWa_q3mXaKVMB2uLi8M3OqsO-HeKOo5BpchCw==

GET
H2 200 10252.png
images.fotmob.com/image_resources/logo/teamlogo/ 10 KB
10 KB 60ms
60ms Image
image/png 13.32.27.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fotmob.com/image_resources/logo/teamlogo/10252.png
Requested by: Host: www.footem.site
URL: https://www.footem.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-56.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 10b3cf36771fc6dab4d3f9f3841220c6330c5791ca7ad69ac099ab59e08ca251

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 01:36:39 GMT
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
last-modified: Sun, 09 Jul 2023 22:02:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 2313838
etag: "e19add3484d56ef2732cf1b071bfe706"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: must-revalidate, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 10220
x-amz-cf-id: tpl9xdI91hObLNAS_DwCNmqX7taIIjTpjiXA0CZc7KXtUpX0-zQ8_g==

GET
H/1.1 403
Forbidden invoke.js
hzr0dm28m17c.com/1be28071cb8484a1053cd220bc9652dd/ 0
0 573ms
117ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hzr0dm28m17c.com/1be28071cb8484a1053cd220bc9652dd/invoke.js
Requested by: Host: www.footem.site
URL: https://www.footem.site/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 06 Dec 2023 20:20:36 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 download%20(2).png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhusedq1TM61VbTwKWxb3-gTCkRmY1N11fzs7mhgL_pGG6d5c-nW8KEghlDxUvbhaTHK-GtcUD8S_J7Cb1UNgkMyifaxxThekvG0GNCsucC0Rhgz_lh43_2fHKmc8LAMQQyxPr5361-2P_Dknnc... 5 KB
5 KB 487ms
297ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhusedq1TM61VbTwKWxb3-gTCkRmY1N11fzs7mhgL_pGG6d5c-nW8KEghlDxUvbhaTHK-GtcUD8S_J7Cb1UNgkMyifaxxThekvG0GNCsucC0Rhgz_lh43_2fHKmc8LAMQQyxPr5361-2P_Dknnc5FBVoZAW14xN8lhOUCKFwLjOkPuX-3gmjvQmPMNfTkf7/s320/download%20(2).png

Requested by

Host: www.footem.site
URL: https://www.footem.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

56cc5c753fac681d45b9ef305197694b57e3690d5257f2576274fdbd45f96cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:20:36 GMT
x-content-type-options: nosniff
server: fife
etag: "vaad"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="download (2).png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5100
x-xss-protection: 0
expires: Thu, 07 Dec 2023 20:20:36 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 87 KB
28 KB 40ms
39ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.footem.site
URL: https://www.footem.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:20:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 746658
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27958
last-modified: Mon, 04 May 2020 23:01:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb09ed3-15d84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2aXD0VZCb3OePmcujyiZSHAi%2FQSQl%2F413Ffb2ck9jQJWiNxC5CUl6326z9fwAgnOkOSkIWe2%2FnxpqdG0xh31%2FV8tIHrk210KfQ%2F61J2UpFlgvlZGjOScj5LLxkBRN%2BG2BCnrSy%2B57FOgAKhs89lHmAHg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83173afd9ba23bbf-WAW
expires: Mon, 25 Nov 2024 20:20:36 GMT

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 13 KB
14 KB 72ms
39ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-regular-400.woff2

Requested by

Host: www.footem.site
URL: https://www.footem.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6df2ce1dd3eb2bb0e0e5418aa6cdf26ff6cd382363f5d72b56d1befbec4131e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.footem.site/
Origin: https://www.footem.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:20:36 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 654595
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13548
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-34ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F2MtHo3%2Flgcfnt98Rcn7Oh5aItIXR2mp%2BmQHfZrKbWjRrT7tzX9U4xM9%2FeBVPDKdvfQcMFTYkHBM8IAb%2BywdMhrjCK034XnZ56rsNCvsuFTu%2BdqI91fuXo%2FVJCeRQE8nT8lTRs7M6Fvv7E2n4Wykokxp"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83173afddd41bff5-WAW
expires: Mon, 25 Nov 2024 20:20:36 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v2/ 36 KB
36 KB 260ms
76ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v2/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: www.footem.site
URL: https://www.footem.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f2ff871cd7f284064ca188d22dd0b8f2abb173b4f3cb03a7487d23717273021

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.footem.site/
Origin: https://www.footem.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:53:24 GMT
x-content-type-options: nosniff
age: 127632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36740
x-xss-protection: 0
last-modified: Fri, 26 Jun 2020 02:37:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 08:53:24 GMT

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 77 KB
77 KB 103ms
70ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-brands-400.woff2

Requested by

Host: www.footem.site
URL: https://www.footem.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7e82d9e917c569248435f4fc04d5d05b755a84ab795adcf89efe9783091b5f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.footem.site/
Origin: https://www.footem.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:20:36 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 561138
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 78460
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-1327c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=clbXZ6W4OH9vsSoo06QT4hwK3%2FUwCYa6f3ps1X9DYovyETUUY0dzZI%2B2BI1zBG3jnN9ZKqO6s5%2FEwu0bu57SU%2B1hD3aKscnrIEomYbp4Qc8LeGRGNwAZzINbV223k1a6WaJals2AD8KDVQ5tE9BmE3r3"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83173afddd43bff5-WAW
expires: Mon, 25 Nov 2024 20:20:36 GMT

GET
H2 200 mm1ten.js Show response
raw.githack.com/rzn076/asd/codes/ 50 KB
18 KB 219ms
44ms Script
application/javascript 2606:4700:3038::6815:eae7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://raw.githack.com/rzn076/asd/codes/mm1ten.js

Requested by

Host: www.footem.site
URL: https://www.footem.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eae7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d851ea913ba751ce5ca5bd6b03f24e84bb33a9568dbe869d602209416c5dd34

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-fastly-request-id: 13996c532e379d401f1f380a818a4efd189f4ba8
date: Wed, 06 Dec 2023 20:20:36 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24
content-encoding: br
x-cache: HIT
x-cache-hits: 1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-hel1410023-HEL
server: cloudflare
x-github-request-id: CCC0:3CC3:C4E988:CCF50C:656F4F36
x-timer: S1701796803.618398,VS0,VE204
etag: W/"6864cca62aaa0422c3d35a8f1c9ed3c740070f1e47581341f4ba4a6e976dfea6"
source-age: 0
vary: Authorization,Accept-Encoding,Origin
x-githack-cache-status: MISS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F9%2BOu3YPSKRXymljYIfHhrtuUNa0EyOyRiRmmJvjzv13kr0ftqdkMb6oZOhJxx2%2BmI3Q7VWTiEdVZtZovXU4UNk46LfUdDKQBj6CB8eZVQ5%2FZOJP1gpauTgduI8iZYJ9F4ykahZdE0GfcmxUf4Y%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=300, max-age=300, public
x-robots-tag: none
cf-ray: 83173afed82706c0-AMS
expires: Wed, 06 Dec 2023 20:21:06 GMT

GET
H2 200 Footem12Timer.js Show response
raw.githack.com/rzn076/asd/codes/ 36 KB
7 KB 221ms
47ms Script
application/javascript 2606:4700:3038::6815:eae7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://raw.githack.com/rzn076/asd/codes/Footem12Timer.js

Requested by

Host: www.footem.site
URL: https://www.footem.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eae7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a12e9d389d759c1c5da338104b603b194a42dde9d8ac75276e72562c8308c19a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-fastly-request-id: 7d2388e9947dbd554550c5a86dfbf6b043e967c8
date: Wed, 06 Dec 2023 20:20:36 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24
content-encoding: br
x-cache: HIT
x-cache-hits: 1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-hel1410020-HEL
server: cloudflare
x-github-request-id: 9A50:E1B6:4496DE4:47CD1C9:656F2CD3
x-timer: S1701796803.630384,VS0,VE210
etag: W/"1ab5f1a622928b29d508e4f9c0b7b23120ebf4236d77c84333771805e4cd3d5d"
source-age: 0
vary: Authorization,Accept-Encoding,Origin
x-githack-cache-status: MISS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4HjeQnWWMOIFaGlr2aVoRdSi6NngucSobO%2BmXGNLo77a%2FZ8VM4rgeq8DZ2qRB%2BEmOtLMM0mrhdLYHnVGlRdat2J2AIT4FmYjHZOrv3zu%2ByBl6Fo%2BCBzl4PXYc90K7bN7mzWfTObj81g5lwdinzQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=300, max-age=300, public
x-robots-tag: none
cf-ray: 83173afed82b06c0-AMS
expires: Wed, 06 Dec 2023 20:21:06 GMT

GET
H2 200 cookienotice.js Show response
www.footem.site/js/ 6 KB
2 KB 83ms
83ms Script
text/javascript 2a00:1450:4001:813::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.footem.site/js/cookienotice.js

Requested by

Host: www.footem.site
URL: https://www.footem.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:20:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 06 Dec 2023 17:57:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 13 Dec 2023 20:20:36 GMT

GET
H2 200 3754116945-widgets.js Show response
www.blogger.com/static/v1/widgets/ 161 KB
58 KB 273ms
75ms Script
text/javascript 2a00:1450:4001:80f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3754116945-widgets.js

Requested by

Host: www.footem.site
URL: https://www.footem.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38d944d88c98612f76ed693afb143f1c032ca27ba56ec46a6714ab3dc511f974

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:03:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166648
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59286
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 23:28:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 03 Dec 2024 22:03:08 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/ 504 KB
202 KB 235ms
76ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43760313e4a6cfb7be2b72e5b0daa391e8880a24e3274e00bfc2c7b8bba09936

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.footem.site/
Origin: https://www.footem.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 01:29:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154265
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206640
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 17:08:31 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 01:29:31 GMT

GET
DATA 200
OK truncated
/ 500 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 78 KB
79 KB 45ms
45ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-solid-900.woff2

Requested by

Host: www.footem.site
URL: https://www.footem.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de18f83fe5e106b0ff08097632c801d3b2a5744cb2040302314b3ed08d5c0c8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.footem.site/
Origin: https://www.footem.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:20:36 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2397222
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 80300
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-139ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zy%2Byn94WuDddKFvFjuCUjfHGTyBjZbrIQpM6A12n5WUFj%2FQ8GzBArYEEgytx6H%2FaiYN71Ue%2FxHKLncQ5fRVmuvKJre%2Ff1xw5sYCdDq09npA8jUVGIJDmhYvhqV9AKZyhh0CJCHqxIPThiy7pIgP8%2FFDe"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83173aff4f77bff5-WAW
expires: Mon, 25 Nov 2024 20:20:36 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 91 KB
30 KB 317ms
158ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ads.holid.io
URL: https://ads.holid.io/auto/footem.site/holid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07d6b66be54519cbc6486ba1311a95c9d497862fdc6c32077672cc9e00476b71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:20:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30011
x-xss-protection: 0
server: cafe
etag: 285 / 19697 / 31079946 / config-hash: 16835354973066905572
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 20:20:36 GMT

GET
H2 200 prebid8.5.0.1.js Show response
ads.holid.io/ 383 KB
119 KB 59ms
58ms Script
application/javascript 2606:4700:e6::ac40:c723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.holid.io/prebid8.5.0.1.js
Requested by: Host: ads.holid.io
URL: https://ads.holid.io/auto/footem.site/holid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c723 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1e79529cab34e8a3c245f8bbd1b767c5ba3e54dd8a342e6b255c1c2df79b6ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:20:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 541918
cf-polished: origSize=392864
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 27 Sep 2023 12:53:12 GMT
server: cloudflare
etag: W/"651425b8-5fea0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hzQgfWOE8iEb3iHgyRcdokRG%2BapyHBBko8D3ezlaGiwsSqzdhtfopLBm4nTiWnlWeSnkNmuFQMJ%2FVAb6zbKGTNaDUdY3ixjHFMGKfnQZ7l%2FEvk0%2FxpabvYEDfN3aGa9bdPquWz%2FirJLc8AU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 83173b005c010e35-AMS

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 174 KB
63 KB 89ms
88ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-188931075-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5CJ36TGWSE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

94db59ade1e62ecba474c27e19e433ea369a8c24d5c009927c99b8d93c3c3026

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:20:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64862
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Dec 2023 20:20:36 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
245 B 166ms
58ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5CJ36TGWSE&gtm=45je3bt0v874592862&_p=1701894036084&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1029087753.1701894037&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701894036&sct=1&seg=0&dl=https%3A%2F%2Fwww.footem.site%2F&dt=FootEM%20%7C%20Football%20In%20Every%20Minute&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1356
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5CJ36TGWSE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 20:20:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.footem.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 105ms
39ms XHR
application/json 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json

Requested by

Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21afa7199d559d4dfd75da10d23a37752ed1c2636718c556a133dc13ba88fdbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.footem.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 06 Dec 2023 20:20:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 15582
x-jsd-version: 1.0.1896
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230065-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"636-7T+n14p651UDqUUrsjlaf56A4j0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vqGqg33zULDYt2m7br21uXQjludK6tK0eUlRouaxV%2Fl3Gk6PbRNWdQO%2Fs%2Bn9L75VJsywiDScsUNd9mHBIS%2Fdy6QmbPnSFWU%2FsH4g0KQazLaix9gsC1CfxnlZOKAKCGDbpP7d8Ec0ESl7Ksw1Ros%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 83173b01aa1e70b5-WAW

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
532 B 180ms
72ms XHR
text/plain 37.157.2.230
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.230 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.footem.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 20:20:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.footem.site
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 408 B
923 B 217ms
37ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19172&site_id=455578&zone_id=2672282&size_id=2&alt_size_ids=31%2C55%2C57%2C78%2C79%2C145&rp_schain=1.0,1!holid.io,6313,1,,,&eid_pubcid.org=39d58308-6b0d-490e-931c-7b68805f5958%5E1&rf=https%3A%2F%2Fwww.footem.site%2F&kw=Footem7%2Clivekoora%2Cfootemfootball%2Cfootballnews%2Cfootballlive%2Cepicsports%2Csportstrack%2Cyalla-live%2Cfootemsite%2Cfootball%2Csoccer%2Csportstracklive%2Cfootem%2Clivestreaming&tg_i.domain=footem.site&tg_i.page=https%3A%2F%2Fwww.footem.site%2F&tg_i.pbadslot=div-gpt-ad-3962781-2&tk_flint=pbjs_lite_v8.5.0&x_source.tid=3b88bcf5-4593-4286-a3df-ff7d620a2910&l_pb_bid_id=5d24051f46bb88&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=e83a39b6-b61b-4db0-89af-b967331f9283&rp_maxbids=1&slots=1&rand=0.9142320568028832
Requested by: Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b969a50f6ad6748da873ca5e57d773cfb7b8b305d3019000f9283f689c7ae4bd

Request headers

Referer: https://www.footem.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 20:20:36 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.footem.site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 408
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 409 B
748 B 218ms
38ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19172&site_id=455578&zone_id=2672300&size_id=2&alt_size_ids=31%2C55%2C57%2C78%2C79%2C145&rp_schain=1.0,1!holid.io,6313,1,,,&eid_pubcid.org=39d58308-6b0d-490e-931c-7b68805f5958%5E1&rf=https%3A%2F%2Fwww.footem.site%2F&kw=Footem7%2Clivekoora%2Cfootemfootball%2Cfootballnews%2Cfootballlive%2Cepicsports%2Csportstrack%2Cyalla-live%2Cfootemsite%2Cfootball%2Csoccer%2Csportstracklive%2Cfootem%2Clivestreaming&tg_i.domain=footem.site&tg_i.page=https%3A%2F%2Fwww.footem.site%2F&tg_i.pbadslot=div-gpt-ad-3962781-11&tk_flint=pbjs_lite_v8.5.0&x_source.tid=3b88bcf5-4593-4286-a3df-ff7d620a2910&l_pb_bid_id=64bb330f23f847&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=191f55a9-75a0-4572-90d6-7b0c71e94ca3&rp_maxbids=1&slots=1&rand=0.4305066592901745
Requested by: Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9f9f2c00132b24e86fdec5c58bb34b5e48cbe7c01ddc17a52ebea09cf6e8b339

Request headers

Referer: https://www.footem.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 20:20:36 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.footem.site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 409
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
531 B 183ms
78ms XHR
text/plain 37.157.2.230
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.230 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.footem.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 20:20:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.footem.site
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 249 B
813 B 106ms
34ms XHR
application/json 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

8df31a9361cb7369eeb0cb75fc04718cc6050501fcaa3c7d7a6c9d26630d20e5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.footem.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 20:20:36 GMT
an-x-request-uuid: fd8d9a9e-cf9c-48ee-a9b7-b9c612fa38df
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.footem.site
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 193.32.248.212; 193.32.248.212; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 249
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
helloworld.holid.io/openrtb2/ 13 KB
5 KB 303ms
292ms XHR
application/json 2606:4700:e6::ac40:c723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helloworld.holid.io/openrtb2/auction
Requested by: Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c723 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00ba1abfe8d84fa5d0a7e86aaf9bbaa3b8c10fdbc4c86cfe9ff83b3cae2e779d

Request headers

Referer: https://www.footem.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 06 Dec 2023 20:20:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-prebid: pbs-go/0.275.0
alt-svc: h3=":443"; ma=86400
pragma: no-cache
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UW%2FTbEQ9mgUgtANCslSpQxJmu1PIS7vvxfi8uRshFxuq%2B1qW0N4DAgsHo3Rx2sAiWyHOi2H2YtGo1F82Ep3BnR5sRg9Dw9XIVCofpKx8FMf%2Fq5kAJu8nUMyLarto%2BkZ7K6S%2BKdc52AK9dQ0r8tNn8t4i"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.footem.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 83173b016da70e35-AMS
expires: 0

POST
H2 200 auction Show response
helloworld.holid.io/openrtb2/ 271 B
626 B 229ms
219ms XHR
application/json 2606:4700:e6::ac40:c723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helloworld.holid.io/openrtb2/auction
Requested by: Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c723 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7708bde88a4a5c13edd6d3e7c28dcee7a381afc0af223ffb1636e163c353dfe9

Request headers

Referer: https://www.footem.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 06 Dec 2023 20:20:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-prebid: pbs-go/0.275.0
alt-svc: h3=":443"; ma=86400
pragma: no-cache
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2gP9S%2FQ3%2FZHZo7L2rhpOvzelyqt%2F3h3TLn1reC1wnACnnreAG2y3fIcAZy5tAj4Su1%2F9ipsRWino1%2Fn7jvMbUe94XpoX2AZ4fSCnwIpaAHdxVgKHCgtyjrtGvdJC%2FMVkmHJZcJ8G%2Bcg3cxutWdNWqJ8F"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.footem.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 83173b016da90e35-AMS
expires: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 224ms
72ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-188931075-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 19:41:49 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2327
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 06 Dec 2023 21:41:49 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/ 431 KB
135 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c44b1665bde2b3f0a1b356fec4559832ae270f7180b48265da8832815698a55e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 11:36:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31457
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138089
x-xss-protection: 0
server: cafe
etag: 6648938400208870771
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 05 Dec 2024 11:36:19 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
206 B 80ms
79ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2090017999&t=pageview&_s=1&dl=https%3A%2F%2Fwww.footem.site%2F&ul=en-us&de=UTF-8&dt=FootEM%20%7C%20Football%20In%20Every%20Minute&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=712868804&gjid=95287206&cid=1029087753.1701894037&tid=UA-188931075-1&_gid=955293613.1701894037&_r=1&gtm=457e3bt0z8874592862&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1083618484

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.footem.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 20:20:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.footem.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 75ms
39ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:20:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4080
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-ams21047-AMS
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sK3UBAOZ%2BwtC2f6FDAxaIlmz6i4Ax9s1aB7MmZaVoCbmsoYWss10YfoULD6oorz%2FkvXB%2FGXz9l8mdpuC0QMcRU%2BkokWSCBBh6sbOLZpssun3bQ4Z9QO1VluW2oiOgxcjzuPv1UBxFmz9BBvymFo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 83173b049cff357b-WAW

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
12 KB 570ms
570ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1142390636813213&correlator=183703454878386&eid=31078987%2C31079234%2C31079946%2C31079525%2C31079575&output=ldjh&gdfp_req=1&vrg=202311300101&ptt=17&impl=fifs&iu_parts=21756427176%2CDefault2%2CDefault11&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%7C980x300%7C970x250%7C980x120%7C970x90%7C980x250%7C980x150%7C980x240%7C970x120%2C728x90%7C980x300%7C970x250%7C980x120%7C970x90%7C980x250%7C980x150%7C980x240%7C970x120&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701894037177&lmt=1701854105&adxs=315%2C315&adys=98%2C1361&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.footem.site%2F&vis=1&psz=970x0%7C970x0&msz=970x0%7C970x0&fws=4%2C4&ohw=1600%2C1600&ga_vid=1029087753.1701894037&ga_sid=1701894037&ga_hid=2090017999&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcYsr2ohsQxSABSAghk&dlt=1701894035971&idt=1173&prev_scp=hb_format_holid%3Dbanner%26hb_size_holid%3D970x250%26hb_pb_holid%3D4.20%26hb_adid_holid%3D161f38a8605b9b4%26hb_bidder_holid%3Dholid%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D4.20%26hb_adid%3D161f38a8605b9b4%26hb_bidder%3Dholid%7C&adks=3152758767%2C3448955163&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf503d1736fc5a303e19bf9e5e2585aec8056cf8ca9a7d3604ef78fa2ae408aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:20:37 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12667
x-xss-protection: 0
google-lineitem-id: 6196654275,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138419879227,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.footem.site
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e072cf693e7e6711f3535b47d8ecb864.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C5DF 6 KB
3 KB 308ms
111ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e072cf693e7e6711f3535b47d8ecb864.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.footem.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 20:20:37 GMT
expires: Thu, 05 Dec 2024 20:20:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 291ms
133ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311300101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b86e7252b46cb9383680ff576426c8e41f4fb3eb4b2851da8f3706af6ee9291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:20:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12432
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3696 0
0 114ms
114ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstHEVATmMFZ9-uoA9f-K3WCWX_I81P6K36LPDMX0-_Di_ePiH0cwYM-I-jmdj5qx1u3bFItIucNKJjfUiky9QeZOwNCLxV7SnmkgrYOE7NeVn1wKqB2TOv-g6MkfV035Q7qkTxfCd-MX1MtmAMvXmOVoN-US-6fzesNHmrK70LDuTxVwFbWNRzqIrXQigotc9OvpuOhuXYSM9aQzcH1tmvcaTEsSwcXuHrx65axxYDmfQspX54X0zvKW8uPkWA3mjhNCg7H0EBHlhSxt3hUZnZ7fDKHKnoXW4sx9hVaH44eppq2bYNIhLgd0HzH2H4jDzroGi1Pk-OiFrzKiJuw2SiKfYEpZSpid8zy6ZfJ1Q&sai=AMfl-YRCmq05qcSfjROPIRieY-mxqRbO4eLacoeSsqMEOMkYgCDhPvlcsCUCCafR9z_NpFhL0riL7Pq2pVzYsJGM-mxxxQkYZXjjqiGnA-C621Iz5KWeI1Odd0xXVslggRKPRq759u2RSiUVLqft7oyPIO6DjIvoSzknLVxjuA&sig=Cg0ArKJSzHJpxqQRWFw1EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.footem.site
URL: https://www.footem.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:20:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 06 Dec 2023 20:20:37 GMT

GET
H3 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 3696 26 KB
10 KB 41ms
40ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:20:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3544
x-jsd-version: 1.16.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220028-FRA, cache-vie6337-VIE
x-jsd-version-type: version
server: cloudflare
etag: W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aanyvA%2F9Ofg2Aaq8mP9wy3tQZFpR1lGrj7S%2BwLckO%2FxLHezEm6VpmIUuEc3MRPdwP9%2BSQckLAAXrx71bEt88z8MYPR4Wq4DfKwfik%2FFiz7MKg4SJporbg5D9ilrjubwWUPEhBLIHKjeYKbJf9gA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 83173b083a86357b-WAW

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3696 202 KB
64 KB 252ms
88ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:20:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Dec 2023 20:20:37 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 243ms
85ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 06 Dec 2023 20:20:38 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 3696 95 KB
38 KB 158ms
58ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c4286b5a1606b8f76c136f69043974148e12d6e80d3a1f1178a54c6ab67b7b07

Request headers

Referer: https://www.footem.site/
Origin: https://www.footem.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 06 Dec 2023 20:20:37 GMT
content-encoding: br
last-modified: Mon, 04 Dec 2023 20:39:18 GMT
vary: Accept-Encoding
x-azure-ref: 20231206T202037Z-2b5pnx82vh1afb7u9pg9yte8nn00000006kg00000000r39s
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 81af1b7f-201e-0021-38f2-26d08f000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H2 200 it
fra1-ib.adnxs.com/ Frame 3696 0
534 B 107ms
29ms Image
text/html 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.footem.site%2F&e=wqT_3QKeCPBMHgQAAAMA1gAFAQiUr8OrBhDOoI3Zv5KKyzoY_unV8fffxrR7KjYJAAAATOOl2z8RAAAAVf5D2j8ZAAAAgOtRCkAhAAAAVf5D2j8pAAAJJPCfMQAAACCF69E_MLaWug04q1dAtV5I4wNQuomKtgFYj6-jAWAAaOKaxwF419kFgAEBigEDVVNEkgEDU0VLmAHKB6AB-gGoAQGwAQC4AQHAAQXIAQLQAQnYAQDgAQDwAQDYAgDgAsTIVeoCGGh0dHBzOi8vd3d3LmZvb3RlbS5zaXRlL4ADAIgDAZADAJgDFKADAaoDrwMKxQJodHRwczovLwEu8IZiaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1lZWY1NTJjMS0wZWQzLTRlMmYtYjllMS0zZThlMjVkYmI1Y2QmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTMJXFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4AZY5xALhydHlwZT1udXJsJnRhZ0lkPTI4MjE2MTE4JnRyYWZmaWNHcm91cD1rbmFxZV8zYxEWCFN1YgkZFHp6ZiUzQREf9EgBX3N5dnR1Z3JxX2EycSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzQyMjE2MDYzMTY3NDUxMTc3NzQiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnpJeU1qUTFNakE1TmpBek56QWpNak15TkRBeU16azROREV3T1RVMk9BPT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQUMmEwMzoxYjIwOmI6ZjAxMTo6MWWoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAPAEuomKtgGIBQGYBQCgBeGamJT5scC3AaoFDzEzMjc3ODJlNDFmZmI0OcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBc6bAfoFBAgAEACQBgCYBgC4BgDBBgAAAAABMSTQBsKNBNoGFgoQDTYVAQGdZOAGAfIGAggAgAcBiAcAoAcByAfX2QXSBw0JEScBJgzaBwYIBQnwcuAHAOoHAggA8AebS4oIRwpDAAABjEDKGiA6liiT-yNQTkpccldUfKTviWbRVom1NvhbhPMOdDfq3BSJMWLCGUR6ADSn4LN6fZNg-FiuaayMd6GhCBABlQgAAIA_mAgBwAgA0ggOCIGChIiQoMCAARAAGAA.&s=29a5e21d0acd3c446217cfa3c939d3d6f78ee4a7&pp=0.4104

Requested by

Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 20:20:37 GMT
an-x-request-uuid: a998fb43-c8c4-4e31-8dde-00834c1d22cb
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 193.32.248.212; 193.32.248.212; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame 3696 80 KB
27 KB 171ms
49ms Script
application/x-javascript 23.38.80.182
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.38.80.182 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-80-182.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 06 Dec 2023 20:20:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27680
Expires: Thu, 05 Dec 2024 20:20:37 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame 3696
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=79895868-b1e4-4df1-8d75-c823fa6c2a65&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=eef552c1-0ed3-4e2f...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=af09e6b5732e40fca3bf4aa3ceecb3a4&SNR=1&GV=2&med=10

0
545 B

451ms
451ms

Image
text/plain

2a02:26f0:3500:1b::1724:a39f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=af09e6b5732e40fca3bf4aa3ceecb3a4&SNR=1&GV=2&med=10
Requested by: Host: www.footem.site
URL: https://www.footem.site/
Protocol: H2
Server: 2a02:26f0:3500:1b::1724:a39f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 20:20:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 167FE28E2A4249D9B2FC6AE1FD5735E8 Ref B: FRAEDGE1409 Ref C: 2023-12-06T20:20:38Z
x-cdn-traceid: 0.9fa12417.1701894038.47162b7
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Wed, 06 Dec 2023 20:20:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B03E846999844E6E95601A19E51CDE10 Ref B: DUS30EDGE0920 Ref C: 2023-12-06T20:20:38Z
x-cdn-traceid: 0.9fa12417.1701894038.471616d
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=af09e6b5732e40fca3bf4aa3ceecb3a4&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H2 200 th
www.bing.com/ Frame 3696 39 KB
39 KB 138ms
35ms Image
image/jpeg 2a02:26f0:3500:1b::1724:a39f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7215963591658_1K9DTJQHCYXPMOZ3CK&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=379&h=198&qlt=90
Requested by: Host: www.footem.site
URL: https://www.footem.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:1b::1724:a39f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3903e30e4e29b5a1bad20db538aa5d27f7e82bf3e374cc398f68ed182bc3a420

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:20:38 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.9fa12417.1701894038.471616c
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 39665
alt-svc: h3=":443"; ma=93600

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5EE4 52 KB
17 KB 140ms
38ms Document
text/html 23.38.80.182
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11179&pub_id=2238743
Requested by: Host: www.footem.site
URL: https://www.footem.site/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.38.80.182 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-80-182.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.footem.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 06 Dec 2023 20:20:38 GMT
ETag: "623de86a-cf34"
Expires: Thu, 07 Dec 2023 20:20:40 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
X-Akamai-EW-Subworker: 8096267

GET
H2 200 rd_log Show response
fra1-ib.adnxs.com/ Frame 3696 0
533 B 35ms
35ms Script
text/html 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.footem.site%2F&e=wqT_3QLmBPBMZgIAAAMA1gAFAQiUr8OrBhDOoI3Zv5KKyzoY_unV8fffxrR7KjYJAAAATOOl2z8RAAAAVf5D2j8ZAAAAgOtRCkAhAAAAVf5D2j8pAAAJJPD1MQAAACCF69E_MLaWug04q1dAtV5I4wNQuomKtgFYj6-jAWAAaOKaxwF419kFgAEBigEDVVNEkgEDU0VLmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQnYAQDgAQDwAQDYAgDgAsTIVeoCGGh0dHBzOi8vd3d3LmZvb3RlbS5zaXRlL4ADAIgDAZADAJgDFKADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBBQyYTAzOjFiMjA6YjpmMDExOjoxZagEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQA8AS6Ad3QiAUBmAUAoAXhmpiU-bHAtwGqBQ8xMzI3NzgyZTQxZmZiNDnABQDJBQAAAAAAAPA_0gUJCQAFDHgAANgFAeAFAfAFzpsB-gUECAAQAJAGAJgGALgGAMEGCSQs8D_QBsKNBNoGFgoQCRIZAQGdYOAGAfIGAggAgAcBiAcAoAcByAfX2QXSBw0VZQEmCNoHBgFe8GwYAOAHAOoHAggA8AebS4oIRwpDAAABjEDKGiA6liiT-yNQTkpccldUfKTviWbRVom1NvhbhPMOdDfq3BSJMWLCGUR6ADSn4LN6fZNg-FiuaayMd6GhCBABlQgAAIA_mAgBwAgA0ggGCAAQABgA&s=438fdfe5613e0e33103eb0ba1531c6d34a04284d&bdref=https%3A%2F%2Fwww.footem.site%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.footem.site%2F,https%3A%2F%2Fwww.footem.site%2F&

Requested by

Host: www.footem.site
URL: https://www.footem.site/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 20:20:38 GMT
an-x-request-uuid: 7f0c2fd1-4262-488d-977e-3ab13fbe8656
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 193.32.248.212; 193.32.248.212; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
fra1-ib.adnxs.com/ Frame 3696 0
549 B 28ms
28ms Ping
text/html 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.footem.site%2F&e=wqT_3QKeCPBMHgQAAAMA1gAFAQiUr8OrBhDOoI3Zv5KKyzoY_unV8fffxrR7KjYJAAAATOOl2z8RAAAAVf5D2j8ZAAAAgOtRCkAhAAAAVf5D2j8pAAAJJPCfMQAAACCF69E_MLaWug04q1dAtV5I4wNQuomKtgFYj6-jAWAAaOKaxwF419kFgAEBigEDVVNEkgEDU0VLmAHKB6AB-gGoAQGwAQC4AQHAAQXIAQLQAQnYAQDgAQDwAQDYAgDgAsTIVeoCGGh0dHBzOi8vd3d3LmZvb3RlbS5zaXRlL4ADAIgDAZADAJgDFKADAaoDrwMKxQJodHRwczovLwEu8IZiaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1lZWY1NTJjMS0wZWQzLTRlMmYtYjllMS0zZThlMjVkYmI1Y2QmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTMJXFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4AZY5xALhydHlwZT1udXJsJnRhZ0lkPTI4MjE2MTE4JnRyYWZmaWNHcm91cD1rbmFxZV8zYxEWCFN1YgkZFHp6ZiUzQREf9EgBX3N5dnR1Z3JxX2EycSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzQyMjE2MDYzMTY3NDUxMTc3NzQiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnpJeU1qUTFNakE1TmpBek56QWpNak15TkRBeU16azROREV3T1RVMk9BPT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQUMmEwMzoxYjIwOmI6ZjAxMTo6MWWoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAPAEuomKtgGIBQGYBQCgBeGamJT5scC3AaoFDzEzMjc3ODJlNDFmZmI0OcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBc6bAfoFBAgAEACQBgCYBgC4BgDBBgAAAAABMSTQBsKNBNoGFgoQDTYVAQGdZOAGAfIGAggAgAcBiAcAoAcByAfX2QXSBw0JEScBJgzaBwYIBQnwcuAHAOoHAggA8AebS4oIRwpDAAABjEDKGiA6liiT-yNQTkpccldUfKTviWbRVom1NvhbhPMOdDfq3BSJMWLCGUR6ADSn4LN6fZNg-FiuaayMd6GhCBABlQgAAIA_mAgBwAgA0ggOCIGChIiQoMCAARAAGAA.&s=29a5e21d0acd3c446217cfa3c939d3d6f78ee4a7&type=nv&nvt=5&jm=1003&px=315&py=98&bw=478&bh=250&sid=5396984631589268736&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=28216118&sw=1600&sh=1200&pw=1600&ph=2442&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 20:20:38 GMT
an-x-request-uuid: 84641646-5109-4a75-9531-c47bddc3ddac
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.footem.site
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 193.32.248.212; 193.32.248.212; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 50EA 13 KB
5 KB 76ms
74ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.footem.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3243
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 19:26:35 GMT
expires: Thu, 05 Dec 2024 19:26:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F04F 829 B
945 B 86ms
86ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b82dcbd69f814c8ef68ea4aae948779ae3bc124ed3a51f3d461b25d7e881edf6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Qr1eTS3zaEzAPPN-NcwlZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.footem.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Qr1eTS3zaEzAPPN-NcwlZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 20:20:38 GMT
expires: Wed, 06 Dec 2023 20:20:38 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

bounce Show response
ib.adnxs.com/ Frame 5EE4
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11179&pub_id=2238743&gdpr=0
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels%26seller_id%3D11179%26pub_id%3D2238743%26gdpr%3D0

0
647 B

32ms
32ms

Script
text/html

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels%26seller_id%3D11179%26pub_id%3D2238743%26gdpr%3D0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11179&pub_id=2238743

Protocol

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 20:20:38 GMT
an-x-request-uuid: ef59ad9e-4ed0-4770-b47c-6b6fe3b71e65
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 193.32.248.212; 193.32.248.212; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Dec 2023 20:20:38 GMT
an-x-request-uuid: d353dd38-94ff-439b-acc4-c42858e7cd29
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels%26seller_id%3D11179%26pub_id%3D2238743%26gdpr%3D0
cache-control: no-store, no-cache, private
x-proxy-origin: 193.32.248.212; 193.32.248.212; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F04F 0
0 272ms
115ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311300101&jk=1142390636813213&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 50EA 39 KB
15 KB 234ms
78ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:36:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Dec 2024 10:36:01 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3696 0
0 264ms
114ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuc9Im4igDDC2URSxx7tS2_U8glJSVAQaSPrxxLmIK4UBEKHcp0O4jcfNKBXGanVgWdkN7-Jd86TLwNWW_U6QDolvnfdfOowm60YC09CE7sF59u7YIPe127o1SKjWWwIGXXXZaE6MIOhfgmyJ9N-vojbk6ENWpS3KtpdIJ5YumrkNhf7KShLBbW--GJpFOHYlBF1Y_FYhu16Yhra_p_DTIamUZLocFamWTiy0U6ZQPNhA9RA-ha293Wv2__D-bGUPy56FLTm14XE9gpKUqszm8XhUjrGKGrEkE81or8NmPV3bGB_nprWth1Blp9qX2VloAheFBL7N04xy8pJK7u9Bqb1T5KGeJipcYfXz9fGimW&sai=AMfl-YTBziMjuI1pbPH_HK29uONKok6jmyW92yGxLMnuJ91zgqVL73reGQyJEMIJh6w9OV-kkug9dw-_8E_WKUjHLbduY9oW9x53Z4Kwszn-UqkNPUdrDjZ8ZPT5bfhGXRiPHyFGbpg4MCr8UbH7SH6p0bEUgF5VDSk0Rb9esg&sig=Cg0ArKJSzIYY7MCegFo9EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:20:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 06 Dec 2023 20:20:38 GMT

GET
DATA 200
OK truncated
/ Frame 3696 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c9beb824465464ef88906b6f8a67d13f8ccca388e30a7c219be65a12dc7cd64

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 50EA 0
10 B 77ms
77ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?9sYErw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:20:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 512ms
512ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1142390636813213&correlator=3797317010675011&eid=31078987%2C31079234%2C31079946%2C31079525%2C31079575&output=ldjh&gdfp_req=1&vrg=202311300101&ptt=17&impl=fifs&iu_parts=21756427176%2CDefault2%2CDefault11&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%7C980x300%7C970x250%7C980x120%7C970x90%7C980x250%7C980x150%7C980x240%7C970x120%2C728x90%7C980x300%7C970x250%7C980x120%7C970x90%7C980x250%7C980x150%7C980x240%7C970x120&ifi=3&sfv=1-0-40&rcs=1%2C1&eri=1&sc=1&cookie=ID%3D6d48829676ccbf32%3AT%3D1701894037%3ART%3D1701894037%3AS%3DALNI_MamEoSP48jcjr7rLRCpzfbRBuBRfQ&gpic=UID%3D00000d0c926dcea1%3AT%3D1701894037%3ART%3D1701894037%3AS%3DALNI_Mb9IJPmzYQs97sEXMHed9IMBTZBMQ&abxe=1&dt=1701894038521&lmt=1701854105&adxs=315%2C315&adys=98%2C1611&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C2&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.footem.site%2F&vis=1&psz=970x250%7C970x0&msz=970x250%7C728x0&fws=4%2C132&ohw=1600%2C1600&ga_vid=1029087753.1701894037&ga_sid=1701894037&ga_hid=2090017999&ga_fc=true&a3p=EjsKCnB1YmNpZC5vcmcSJDM5ZDU4MzA4LTZiMGQtNDkwZS05MzFjLTdiNjg4MDVmNTk1OBiAvqiGxDFIAA..&dlt=1701894035971&idt=1173&prev_scp=hb_format_holid%3Dbanner%26hb_size_holid%3D970x250%26hb_pb_holid%3D4.20%26hb_adid_holid%3D161f38a8605b9b4%26hb_bidder_holid%3Dholid%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D4.20%26hb_adid%3D161f38a8605b9b4%26hb_bidder%3Dholid%7C&adks=3152758767%2C3448955163&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7abe1967de5628b96bc9df106f355be05f00bd96f7efdc910594db25d33fda9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:20:38 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12376
x-xss-protection: 0
google-lineitem-id: 6196654275,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138419879221,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.footem.site
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 117ms
116ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311300101&jk=1142390636813213&bg=!VFelVxjNAAY3kmNgF5I7ADQBe5WfOJlHVxXKDYpO-lT_d3b8zgC0ujP2gFLUrcGeq5R5iSE6AVZr9q2QbxqOcP1SceN-AgAAAD5SAAAAAWgBB5kCzmysLng_03UzznEh9bKxAKbedxB4RU7xUEom6r1f5CRI06bg41pySHaNRN6TYOTeMdi0sHP_leeB64RT3VLcivRIDC3EVpgBWPOODZyKecE4jJE6SkxEr0y9bf5T0pmFXl20kzHrJfCt_0GaU3y54IcUxrg-rcsqQT6EBYkNjeP3690R74_JwvSs5OwU30ReZ0dDCRN9D6h3S_fPDVDjP6IRgVY5VkFDkKRxGXgnxgKbY-FbjVNRCzQtWJ1pZeQt_WOnMOpFxRRs2t_917NUQCoECZM4opqB_Ss7_DV7-XqnInL-qqFrUAfTNjiwB0m0KQDAYw0r3l89FjelYoIeLLcgrH6uhqc4mDcZpb4k2zxzNa05nwvW7N8UYhKJ7hWyQzLYybrbLQGx9EZFfzeU4_4-MA_caAGvqm9xtMTxg7ziBc70XIDaDPP-TlwEagfrHzmirHyFA3vgQIfofKLczmOB9nbF0fbLGt88b61jFieu6qJ2AYpxSe0JFEgKNPdU42Pz68w-u4484b9M5HRhk4HO7h1PsMpnST6jeqgjIdD9fT2YQYbjX7RP4dZQGEWaFqCVkXSLzO5VTvjBYe4ZVOkKJsmzp_b2iUxDAGEbAfiyVN-_srhR42vN66TTJLyzLQNdfElzDXsWJNvphY3CSv7VYPNO6DKDFNSDxH9N8dHcnRs4dbzGiVvUGMTuaDxn6Fw0er24j5NRm8Pak1vMl4qcUcxderAhiyYhcY__lCvO14GxunXyNIM0xvO8N5-RkIeYEO00jBjCgFMZhh4PTQEOwYVzU7K7AWFAQF3EJUg2T_QqNUZUHInKVJ2R4lRCOkXl6ddPsaGkI8lCJ2IOnAfGbGq3lhK2gb2GBWTCMBfLdq_yC7_HrehXZPUClSH6TJowFzUBf9w9qtoScZsx2ygO2INFdCnrTrNsBnmo8y9ILI-5LsY9pMZte3EUyX0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET tracking
www.bing.com/api/v1/mediation/ Frame 3696 0
0

POST vevent
fra1-ib.adnxs.com/ Frame 3696 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 3696 0
0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6F78 0
0 115ms
115ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8nC7tSl-3ctFRvb3vFTe6qBbRK52hIHu5Tiy0ptmqnxprCAMAduduT4YJMU_0ESvvSCPkkstennbwjFFbFJyYgyRyrxf-F1EwRLRLl4LdBow-QlyWQo2dF-m76vp4raXTE8lKunDJ861CwTVkBAgysLqgVRtsRQ9FejETEcgWBQ6w80Tg0ggyLpi1utMgVZaIE3BIlLWy5c9in2zIS-RJP6tZh860ZwUIWViAvcZFPgd1MBGhfQn6oN2CBWxBMuigSBI-Vi0bxQPPxxrT_TZ1Vr3xmKKbfeCO5THTq_jDRRPZbHZ2-tei0xJ-KkKbolrj-V6vPm4cqTE3t49k20i2TkbBZGw9CR0p-xExmA&sai=AMfl-YRVgPrbJjwPkYQs6kil4XTmH_CHJ_FauWz03IZYG1J0Jsbpd11TfNNGwGdm4MK0rABZ6NPtoY0TkIsXATFsbrTsnZ3N4fwaWr7DYgTxe-aGXILvKAdb7L1q2fI0RDzlz20ES6VpjHsF&sig=Cg0ArKJSzLRIL3dNOGKnEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.footem.site
URL: https://www.footem.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:20:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 6F78 26 KB
10 KB 39ms
39ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:20:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3546
x-jsd-version: 1.16.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220028-FRA, cache-vie6337-VIE
x-jsd-version-type: version
server: cloudflare
etag: W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4wuEolqDJHSidM0FwloCDY7dS6dNYMfC9jVokmnVAKva6J%2Be%2F14vWnxJ9%2FQlNtfeGXjap6NJhleM%2FcTlwvSYzEC4GAInD%2Bc2q0iXkyb2HOFHGb6vOiq6%2Fr3Sd0IlTif5JpP%2BsIO44XnXXqc2px8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 83173b103ed9357b-WAW

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6F78 202 KB
64 KB 91ms
91ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:20:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Dec 2023 20:20:39 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 6F78 95 KB
38 KB 58ms
57ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c4286b5a1606b8f76c136f69043974148e12d6e80d3a1f1178a54c6ab67b7b07

Request headers

Referer: https://www.footem.site/
Origin: https://www.footem.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 06 Dec 2023 20:20:39 GMT
content-encoding: br
last-modified: Mon, 04 Dec 2023 20:39:18 GMT
vary: Accept-Encoding
x-azure-ref: 20231206T202039Z-2b5pnx82vh1afb7u9pg9yte8nn00000006kg00000000r3hb
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 81af1b7f-201e-0021-38f2-26d08f000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H2 200 it
fra1-ib.adnxs.com/ Frame 6F78 0
648 B 29ms
28ms Image
text/html 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 20:20:39 GMT
an-x-request-uuid: a709b87c-a9a3-447d-ab4a-16315c89e267
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 193.32.248.212; 193.32.248.212; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame 6F78 80 KB
27 KB 44ms
44ms Script
application/x-javascript 23.38.80.182
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.38.80.182 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-80-182.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 06 Dec 2023 20:20:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27680
Expires: Thu, 05 Dec 2024 20:20:39 GMT

GET
H3

200

c.gif
www.bing.com/aes/ Frame 6F78
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=79895868-b1e4-4df1-8d75-c823fa6c2a65&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=eef552c1-0ed3-4e2f...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=af09e6b5732e40fca3bf4aa3ceecb3a4&SNR=1&GV=2&med=10

0
18 B

73ms
73ms

Image
text/plain

2a02:26f0:3500:1b::1724:a39f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=af09e6b5732e40fca3bf4aa3ceecb3a4&SNR=1&GV=2&med=10
Requested by: Host: www.footem.site
URL: https://www.footem.site/
Protocol: H3
Server: 2a02:26f0:3500:1b::1724:a39f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 20:20:39 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 19F4181BC0044809A4533379ACA70628 Ref B: FRA31EDGE0506 Ref C: 2023-12-06T20:20:39Z
x-cdn-traceid: 0.9fa12417.1701894039.4716e0a
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Wed, 06 Dec 2023 20:20:39 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 25FDEF4FCDFE4D6994BC8CD4D2F3FDD5 Ref B: FRAEDGE1109 Ref C: 2023-12-06T20:20:39Z
x-cdn-traceid: 0.9fa12417.1701894039.4716d3b
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=af09e6b5732e40fca3bf4aa3ceecb3a4&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
quic-version: 0x00000001

GET
H3 200 th
www.bing.com/ Frame 6F78 39 KB
39 KB 39ms
38ms Image
image/jpeg 2a02:26f0:3500:1b::1724:a39f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7215963591658_1K9DTJQHCYXPMOZ3CK&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=379&h=198&qlt=90
Requested by: Host: www.footem.site
URL: https://www.footem.site/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:3500:1b::1724:a39f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3903e30e4e29b5a1bad20db538aa5d27f7e82bf3e374cc398f68ed182bc3a420

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:20:39 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.9fa12417.1701894039.4716d3c
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 39665
alt-svc: h3=":443"; ma=93600
quic-version: 0x00000001

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame A560 52 KB
17 KB 41ms
40ms Document
text/html 23.38.80.182
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11179&pub_id=2238743
Requested by: Host: www.footem.site
URL: https://www.footem.site/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.38.80.182 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-80-182.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.footem.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 06 Dec 2023 20:20:39 GMT
ETag: "623de86a-cf34"
Expires: Thu, 07 Dec 2023 20:20:41 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
X-Akamai-EW-Subworker: 8096267

GET
H2 200 rd_log Show response
fra1-ib.adnxs.com/ Frame 6F78 0
648 B 29ms
28ms Script
text/html 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.footem.site
URL: https://www.footem.site/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 20:20:39 GMT
an-x-request-uuid: 555f86ad-07b1-4a23-ad42-ed1eea440148
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 193.32.248.212; 193.32.248.212; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 6F78 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e141c4510eb15b88c7385ca11033c3894f64af128ce03e19f09fe73048ccbbd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 vevent
fra1-ib.adnxs.com/ Frame 6F78 0
664 B 28ms
28ms Ping
text/html 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 20:20:39 GMT
an-x-request-uuid: dd359788-45f4-4b5e-96fc-44eee3a817e8
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.footem.site
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 193.32.248.212; 193.32.248.212; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame A560 0
596 B 114ms
114ms Script
text/html 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11179&pub_id=2238743&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11179&pub_id=2238743

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 20:20:39 GMT
an-x-request-uuid: 5bc1d4f1-13f8-488b-bec8-2ab1e0c887d0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 193.32.248.212; 193.32.248.212; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6F78 0
0 112ms
111ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDVb90W6AMWx3MnvsYtJBb-m7b4Z7Zx1MiF0aD_2flWWn9OKy1YfFicdfRYtA26-LahB0bQR1UfPoXjrfYWmyvjtVWxGnbbszjyXBPePjrPO-mpXmvvTaAynq3QhzKPOSiMGmElmcDbjZBgdhBNGiT95llOTmHVe4whFqhpmZukP6LqXm1WuYC2-2er403PReeMMge_q77vK4piuVPr-b61PaoKUUOlAnDiCxerylxLDMxoTmSaoCCsAUM89suaglOLnAEVN3QtTMDDzSFBYcukLXDGKytCHtJsbfLZ-U4aQyHcNb1sKDNU5yaBNWbDpxct9V3WdHqP4824b7BmyhhC_zyKhL9jYmfxDzBlvma&sai=AMfl-YTKsux5D46q1pxhxYLAQUW9Nyux8X3pvGMpcAW7pegbDg908RvewVG-Vn2yEsTElBJnHcoQhnxPFvxvmMSR-6Y39YYOfsZCJ9LRVwo0HJU1jKnAtDieZLKXZwsdXxVJE1YfIJ21a64Q&sig=Cg0ArKJSzEoUFUKo-ZCOEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:20:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 06 Dec 2023 20:20:39 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame F809 281 B
555 B 119ms
33ms Document
text/html 88.221.125.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.125.233 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-125-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.footem.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 06 Dec 2023 20:20:40 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame A621 52 KB
17 KB 41ms
41ms Document
text/html 23.38.80.182
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.38.80.182 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-80-182.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.footem.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 06 Dec 2023 20:20:40 GMT
ETag: "623de86a-cf34"
Expires: Thu, 07 Dec 2023 20:20:42 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
X-Akamai-EW-Subworker: 8096267

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame A621 0
596 B 33ms
32ms Script
text/html 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 20:20:40 GMT
an-x-request-uuid: 620bb225-ec1c-471d-8156-47d155f3632f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 193.32.248.212; 193.32.248.212; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F809 46 KB
13 KB 38ms
38ms Script
text/html 88.221.125.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.125.233 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-125-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: ba53c1dbf53755d9f05c72f6864e4d08c09d00e346969f2407eaf6150a4fdbd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 06 Dec 2023 20:20:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Dec 2023 12:56:39 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59766
Connection: keep-alive
Content-Length: 13236
Expires: Thu, 07 Dec 2023 12:56:46 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame F809 7 B
380 B 141ms
30ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 0c26bf0e0878be6b26493f33577d6373
Expires: 0

GET
H3

200

c.gif
www.bing.com/aes/ Frame 6F78
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=79895868-b1e4-4df1-8d75-c823fa6c2a65&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=eef552c1-0ed3-4e2f...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=af09e6b5732e40fca3bf4aa3ceecb3a4&tids=15000&med=10

0
18 B

132ms
132ms

Image
text/plain

2a02:26f0:3500:1b::1724:a39f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=af09e6b5732e40fca3bf4aa3ceecb3a4&tids=15000&med=10
Protocol: H3
Server: 2a02:26f0:3500:1b::1724:a39f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 20:20:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3BCE3D63586244189170CEB896B20B51 Ref B: FRAEDGE1917 Ref C: 2023-12-06T20:20:40Z
x-cdn-traceid: 0.9fa12417.1701894040.4717989
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Wed, 06 Dec 2023 20:20:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C7A9D19419FC4A0EB4C126E692DB8CDF Ref B: FRAEDGE1406 Ref C: 2023-12-06T20:20:40Z
x-cdn-traceid: 0.9fa12417.1701894040.47178c2
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=af09e6b5732e40fca3bf4aa3ceecb3a4&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 146
quic-version: 0x00000001

POST
H2 200 vevent
fra1-ib.adnxs.com/ Frame 6F78 0
664 B 28ms
28ms Ping
text/html 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.footem.site%2F&e=wqT_3QKeCPBMHgQAAAMA1gAFAQiUr8OrBhDOoI3Zv5KKyzoY_unV8fffxrR7KjYJAAAATOOl2z8RAAAAVf5D2j8ZAAAAgOtRCkAhAAAAVf5D2j8pAAAJJPCfMQAAACCF69E_MLaWug04q1dAtV5I4wNQuomKtgFYj6-jAWAAaOKaxwF419kFgAEBigEDVVNEkgEDU0VLmAHKB6AB-gGoAQGwAQC4AQHAAQXIAQLQAQnYAQDgAQDwAQDYAgDgAsTIVeoCGGh0dHBzOi8vd3d3LmZvb3RlbS5zaXRlL4ADAIgDAZADAJgDFKADAaoDrwMKxQJodHRwczovLwEu8IZiaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1lZWY1NTJjMS0wZWQzLTRlMmYtYjllMS0zZThlMjVkYmI1Y2QmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTMJXFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4AZY5xALhydHlwZT1udXJsJnRhZ0lkPTI4MjE2MTE4JnRyYWZmaWNHcm91cD1rbmFxZV8zYxEWCFN1YgkZFHp6ZiUzQREf9EgBX3N5dnR1Z3JxX2EycSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzQyMjE2MDYzMTY3NDUxMTc3NzQiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnpJeU1qUTFNakE1TmpBek56QWpNak15TkRBeU16azROREV3T1RVMk9BPT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQUMmEwMzoxYjIwOmI6ZjAxMTo6MWWoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAPAEuomKtgGIBQGYBQCgBeGamJT5scC3AaoFDzEzMjc3ODJlNDFmZmI0OcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBc6bAfoFBAgAEACQBgCYBgC4BgDBBgAAAAABMSTQBsKNBNoGFgoQDTYVAQGdZOAGAfIGAggAgAcBiAcAoAcByAfX2QXSBw0JEScBJgzaBwYIBQnwcuAHAOoHAggA8AebS4oIRwpDAAABjEDKGiA6liiT-yNQTkpccldUfKTviWbRVom1NvhbhPMOdDfq3BSJMWLCGUR6ADSn4LN6fZNg-FiuaayMd6GhCBABlQgAAIA_mAgBwAgA0ggOCIGChIiQoMCAARAAGAA.&s=29a5e21d0acd3c446217cfa3c939d3d6f78ee4a7&type=pv&jm=1003&px=315&py=98&bw=478&bh=250&sf=1&sid=5396984631589268736&vd=ct~0|rr~5&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=28216118&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 20:20:40 GMT
an-x-request-uuid: e099d69e-a5ff-406e-b5d7-5e048eae9288
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.footem.site
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 193.32.248.212; 193.32.248.212; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame A560 0
596 B 33ms
32ms Script
text/html 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11179&pub_id=2238743&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11179&pub_id=2238743

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 20:20:40 GMT
an-x-request-uuid: 26c475cf-fc54-43f1-be28-498646aea878
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 193.32.248.212; 193.32.248.212; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6F78 42 B
64 B 115ms
115ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNnBdGCXoStRCwnTS7BG7ZO2TqV3P3eKSZA-6lxM2YOgY79DMd2hPXfAu_wMQxGMmhnoRH514VJk122R6fotjQwgwEOHvl36PFWD1en6uQ0r3wNB-C7q_WNXD_f4IKc0lwek_6mC0uLw&sai=AMfl-YSkhLwgnPJvECKavZ1dOWsPvdZgeVV_hlQM098G1xVRCjvG9Ig&sig=Cg0ArKJSzAsoweUBCxdkEAE&id=lidar2&mcvt=1000&p=98,315,348,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231204&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3152758767&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701894039052&rpt=185&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 20:20:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame A621 0
596 B 33ms
32ms Script
text/html 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 20:20:41 GMT
an-x-request-uuid: b47e0b81-f20d-48d3-9372-db9a77c6af89
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 193.32.248.212; 193.32.248.212; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.bing.com
URL: https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=79895868-b1e4-4df1-8d75-c823fa6c2a65&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=eef552c1-0ed3-4e2f-b9e1-3e8e25dbb5cd&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3Daf09e6b5732e40fca3bf4aa3ceecb3a4%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=28216118&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_syvtugrq_a2q&aid=4221606316745117774

Domain: fra1-ib.adnxs.com
URL: https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.footem.site%2F&e=wqT_3QKeCPBMHgQAAAMA1gAFAQiUr8OrBhDOoI3Zv5KKyzoY_unV8fffxrR7KjYJAAAATOOl2z8RAAAAVf5D2j8ZAAAAgOtRCkAhAAAAVf5D2j8pAAAJJPCfMQAAACCF69E_MLaWug04q1dAtV5I4wNQuomKtgFYj6-jAWAAaOKaxwF419kFgAEBigEDVVNEkgEDU0VLmAHKB6AB-gGoAQGwAQC4AQHAAQXIAQLQAQnYAQDgAQDwAQDYAgDgAsTIVeoCGGh0dHBzOi8vd3d3LmZvb3RlbS5zaXRlL4ADAIgDAZADAJgDFKADAaoDrwMKxQJodHRwczovLwEu8IZiaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1lZWY1NTJjMS0wZWQzLTRlMmYtYjllMS0zZThlMjVkYmI1Y2QmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTMJXFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4AZY5xALhydHlwZT1udXJsJnRhZ0lkPTI4MjE2MTE4JnRyYWZmaWNHcm91cD1rbmFxZV8zYxEWCFN1YgkZFHp6ZiUzQREf9EgBX3N5dnR1Z3JxX2EycSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzQyMjE2MDYzMTY3NDUxMTc3NzQiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnpJeU1qUTFNakE1TmpBek56QWpNak15TkRBeU16azROREV3T1RVMk9BPT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQUMmEwMzoxYjIwOmI6ZjAxMTo6MWWoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAPAEuomKtgGIBQGYBQCgBeGamJT5scC3AaoFDzEzMjc3ODJlNDFmZmI0OcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBc6bAfoFBAgAEACQBgCYBgC4BgDBBgAAAAABMSTQBsKNBNoGFgoQDTYVAQGdZOAGAfIGAggAgAcBiAcAoAcByAfX2QXSBw0JEScBJgzaBwYIBQnwcuAHAOoHAggA8AebS4oIRwpDAAABjEDKGiA6liiT-yNQTkpccldUfKTviWbRVom1NvhbhPMOdDfq3BSJMWLCGUR6ADSn4LN6fZNg-FiuaayMd6GhCBABlQgAAIA_mAgBwAgA0ggOCIGChIiQoMCAARAAGAA.&s=29a5e21d0acd3c446217cfa3c939d3d6f78ee4a7&type=nv&nvt=15&jm=1003&px=315&py=98&bw=478&bh=250&sf=1&sid=5396984631589268736&vd=ct~0|rr~319|dm~90&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=28216118&pd=1&d=0.99&id=0&ic=0&d0=1&d25=1&d50=1&d75=1&d100=1&ft=2

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuJOmgLxa2kDSMo75vr8XhdLs8S7H6pZhOVnPbLkhk4yyvZglDSq1qhplv4PX003FxJlxvnE6s63INsiCCYwzYgX61pkc2ugDraOcfztWIL1X9JbOur-34hVw4n-IvfkJ_Gp6iU7Qve0g&sai=AMfl-YR8My01JKFOhanvecU9E4AEZ07F3d-jMCZRUAb-Gip_OOpvoYA&sig=Cg0ArKJSzL3rG92Gy6e_EAE&id=lidartos&mcvt=807&p=98,315,348,1285&mtos=807,807,807,807,807&tos=807,0,0,0,0&v=20231204&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3152758767&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1701894037776&rpt=452&isd=0&lsd=0&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Verdicts & Comments Add Verdict or Comment

166 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.footem.site/	1970-01-21 02:20:54	Name: _ga_5CJ36TGWSE Value: GS1.1.1701894036.1.0.1701894036.0.0.0
www.footem.site/	1970-01-20 17:28:06	Name: _pbjs_userid_consent_data Value: 3524755945110770
.rubiconproject.com/	1970-01-21 01:30:30	Name: khaos Value: LPU7RN9M-K-HSXR
.rubiconproject.com/	1970-01-21 01:30:30	Name: audit Value: 1\|yQuirGeEF6CM1d8S00ygfAmOsfVVM1TCDevM3UyPj6hcRpQe2lzShnWuG0Y5IK8A0NzdagfBJYamxlq7HjZXGsxuhZpbWKLtZ+b0k0jZ7MO+xUA9sgf/4eNEKcfJxgEB
.footem.site/	1970-01-21 02:20:54	Name: _ga Value: GA1.2.1029087753.1701894037
.footem.site/	1970-01-20 16:46:20	Name: _gid Value: GA1.2.955293613.1701894037
.footem.site/	1970-01-20 16:44:54	Name: _gat_gtag_UA_188931075_1 Value: 1
.footem.site/	1970-01-21 02:06:30	Name: __gads Value: ID=6d48829676ccbf32:T=1701894037:RT=1701894037:S=ALNI_MamEoSP48jcjr7rLRCpzfbRBuBRfQ
.footem.site/	1970-01-21 02:06:30	Name: __gpi Value: UID=00000d0c926dcea1:T=1701894037:RT=1701894037:S=ALNI_Mb9IJPmzYQs97sEXMHed9IMBTZBMQ
.doubleclick.net/	1970-01-21 02:06:30	Name: IDE Value: AHWqTUnuX--f1ntwa6dszPwQOKcsmF0_rGBxp_bmUwIba-TPg9SSaYlNyZ_gZ_x9M4I
.bing.com/	1970-01-21 02:06:30	Name: MUID Value: 070BECF7BE3469BF0271FF28BF9E6893
.adnxs.com/	1970-01-20 18:54:30	Name: uuid2 Value: 7414157351760624962

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://rawcdn.githack.com/insnesia/INSSA/e779e059a072e368d201c5f602c9f0543549ac13/ins-devtool.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://www.footem.site/ Message: Refused to execute script from 'https://rawcdn.githack.com/insnesia/INSSA/e779e059a072e368d201c5f602c9f0543549ac13/ins-devtool.js' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://hzr0dm28m17c.com/1be28071cb8484a1053cd220bc9652dd/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ads.holid.io
adsdk.microsoft.com
adx.adform.net
blogger.googleusercontent.com
cdn.adnxs.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
e072cf693e7e6711f3535b47d8ecb864.safeframe.googlesyndication.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.gstatic.com
fra1-ib.adnxs.com
helloworld.holid.io
hzr0dm28m17c.com
ib.adnxs.com
images.fotmob.com
pagead2.googlesyndication.com
raw.githack.com
rawcdn.githack.com
region1.google-analytics.com
securepubads.g.doubleclick.net
token.rubiconproject.com
tpc.googlesyndication.com
www.bing.com
www.blogger.com
www.footem.site
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
fra1-ib.adnxs.com
pagead2.googlesyndication.com
www.bing.com
13.32.27.56
185.89.210.46
192.243.59.20
2001:4860:4802:34::36
23.38.80.182
2602:803:c003:200::51
2606:4700:3038::6815:eae7
2606:4700::6810:5914
2606:4700::6811:180e
2606:4700:e6::ac40:c723
2620:1ec:46::45
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2009
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:813::2013
2a00:1450:4001:81c::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2008
2a02:26f0:3500:1b::1724:a39f
37.157.2.230
37.252.171.85
69.173.144.138
88.221.125.233
00ba1abfe8d84fa5d0a7e86aaf9bbaa3b8c10fdbc4c86cfe9ff83b3cae2e779d
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
07d6b66be54519cbc6486ba1311a95c9d497862fdc6c32077672cc9e00476b71
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea
0c9beb824465464ef88906b6f8a67d13f8ccca388e30a7c219be65a12dc7cd64
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
10b3cf36771fc6dab4d3f9f3841220c6330c5791ca7ad69ac099ab59e08ca251
11e4b55a73394ccdfc27b933cf3a25570c689a214ee08953ef27932426759c35
21afa7199d559d4dfd75da10d23a37752ed1c2636718c556a133dc13ba88fdbc
38d944d88c98612f76ed693afb143f1c032ca27ba56ec46a6714ab3dc511f974
3903e30e4e29b5a1bad20db538aa5d27f7e82bf3e374cc398f68ed182bc3a420
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40ea0f1ce6a865641c11d2b18aea950a437f62d74ad8edf80411288ae0225753
43760313e4a6cfb7be2b72e5b0daa391e8880a24e3274e00bfc2c7b8bba09936
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b86e7252b46cb9383680ff576426c8e41f4fb3eb4b2851da8f3706af6ee9291
4bf2581a1797321eb95ae5dc00473465fa58e94704ba44b5c64d2ad368c801a4
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56cc5c753fac681d45b9ef305197694b57e3690d5257f2576274fdbd45f96cbc
5e141c4510eb15b88c7385ca11033c3894f64af128ce03e19f09fe73048ccbbd
5f2ff871cd7f284064ca188d22dd0b8f2abb173b4f3cb03a7487d23717273021
602226218e1378b2c21234dc86949e30b0883ede3e811149a09e71e833e2ce63
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64687be0ebc03d225dc33d8fd78be938f3b511f4c9dc3bb5a615caa407d5bc2c
6553b434beef8faafed3e14142ba5a1c7b63c85b5c06e4f3ad61951a72380d7d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c930671e4ab37e34399dc4be981158bb8d3957e8c82ecefaf8f71a6197db142
6df2ce1dd3eb2bb0e0e5418aa6cdf26ff6cd382363f5d72b56d1befbec4131e5
7708bde88a4a5c13edd6d3e7c28dcee7a381afc0af223ffb1636e163c353dfe9
78d7bb0b5371e973a752330ab8b3e10e1b79375a4cf0e4053ebb201cd6d3dd17
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7abe1967de5628b96bc9df106f355be05f00bd96f7efdc910594db25d33fda9c
7aeb5df6c1ba0e44674657f1399139bb0ab0737376d10c7b4b60b4fa2a0dd109
7bbb9988b5f64e410f01c03fda12858dd273ba0166da2dbb098b0ca4deb8e30a
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
84f026f169adc5bf989d9c57e5c5701cc54eee22bc6f3ea86e0a48dff9c48616
8d851ea913ba751ce5ca5bd6b03f24e84bb33a9568dbe869d602209416c5dd34
8df31a9361cb7369eeb0cb75fc04718cc6050501fcaa3c7d7a6c9d26630d20e5
8fb036da25b891ee8717d39d7be59e460dccda4d2ba1a486a4ad3022049fd075
94db59ade1e62ecba474c27e19e433ea369a8c24d5c009927c99b8d93c3c3026
9f9f2c00132b24e86fdec5c58bb34b5e48cbe7c01ddc17a52ebea09cf6e8b339
a12e9d389d759c1c5da338104b603b194a42dde9d8ac75276e72562c8308c19a
a2d326e9197c15cee2342aa84195132add35fc836b3750442039a331e110f2c0
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
b1e79529cab34e8a3c245f8bbd1b767c5ba3e54dd8a342e6b255c1c2df79b6ca
b82dcbd69f814c8ef68ea4aae948779ae3bc124ed3a51f3d461b25d7e881edf6
b969a50f6ad6748da873ca5e57d773cfb7b8b305d3019000f9283f689c7ae4bd
ba53c1dbf53755d9f05c72f6864e4d08c09d00e346969f2407eaf6150a4fdbd6
be5014997cfd0c5933ce9cba77979fc3fc9fd941fd14de7759def6ccadcedf24
bf503d1736fc5a303e19bf9e5e2585aec8056cf8ca9a7d3604ef78fa2ae408aa
c4286b5a1606b8f76c136f69043974148e12d6e80d3a1f1178a54c6ab67b7b07
c44b1665bde2b3f0a1b356fec4559832ae270f7180b48265da8832815698a55e
d2a2c75062cf6b49b32001aa572899e204b466a6517dee7b41a9e11e90a03b37
de18f83fe5e106b0ff08097632c801d3b2a5744cb2040302314b3ed08d5c0c8e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7e82d9e917c569248435f4fc04d5d05b755a84ab795adcf89efe9783091b5f7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f06d4453396f60e0be643140640f8a0e47ad7ff473e9a8a95038abbdfef16d2a
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8d00356859998784bda26e1d14f2d981515921b96ded50d5d6f6f0e75bac15c

www.footem.site Open in urlscan Pro 2a00:1450:4001:813::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

98 Requests

93 %HTTPS

72 %IPv6

21 Domains

32 Subdomains

30 IPs

4 Countries

1709 kBTransfer

4153 kBSize

12 Cookies

14 Outgoing links

Page URL History

Redirected requests

98 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.footem.site Open in urlscan Pro
2a00:1450:4001:813::2013 Public Scan

Screenshot
Live screenshot

Full Image

98
Requests

93 %
HTTPS

72 %
IPv6

21
Domains

32
Subdomains

30
IPs

4
Countries

1709 kB
Transfer

4153 kB
Size

12
Cookies

98 HTTP transactions
3 data transactions