Submitted URL: http://www.footem.site/
Effective URL: https://www.footem.site/
Submission: On December 06 via api from US — Scanned from DE

Summary

This website contacted 30 IPs in 4 countries across 21 domains to perform 98 HTTP transactions. The main IP is 2a00:1450:4001:813::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.footem.site.
TLS certificate: Issued by GTS CA 1D4 on October 13th 2023. Valid for: 3 months.
This is the only time www.footem.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:e6:... 13335 (CLOUDFLAR...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:303... 13335 (CLOUDFLAR...)
12 13.32.27.56 16509 (AMAZON-02)
1 192.243.59.20 39572 (ADVANCEDH...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 37.157.2.230 198622 (ADFORM)
2 2602:803:c003... 26667 (RUBICONPR...)
1 7 185.89.210.46 29990 (ASN-APPNEX)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:46::45 8075 (MICROSOFT...)
7 37.252.171.85 29990 (ASN-APPNEX)
5 23.38.80.182 16625 (AKAMAI-AS)
3 8 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 88.221.125.233 16625 (AKAMAI-AS)
1 69.173.144.138 26667 (RUBICONPR...)
98 30
Apex Domain
Subdomains
Transfer
19 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
fra1-ib.adnxs.com — Cisco Umbrella Rank: 8028
cdn.adnxs.com — Cisco Umbrella Rank: 1605
acdn.adnxs.com — Cisco Umbrella Rank: 610
115 KB
12 fotmob.com
images.fotmob.com — Cisco Umbrella Rank: 30796
149 KB
9 googlesyndication.com
e072cf693e7e6711f3535b47d8ecb864.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
42 KB
8 bing.com
www.bing.com — Cisco Umbrella Rank: 60
79 KB
8 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
189 KB
6 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
214 KB
5 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 537
eus.rubiconproject.com — Cisco Umbrella Rank: 588
token.rubiconproject.com — Cisco Umbrella Rank: 461
16 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
22 KB
4 holid.io
ads.holid.io — Cisco Umbrella Rank: 312653
helloworld.holid.io — Cisco Umbrella Rank: 409896
130 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
3 githack.com
rawcdn.githack.com — Cisco Umbrella Rank: 77463
raw.githack.com — Cisco Umbrella Rank: 71356
25 KB
3 footem.site
www.footem.site
46 KB
2 microsoft.com
adsdk.microsoft.com — Cisco Umbrella Rank: 4453
75 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
128 KB
2 adform.net
adx.adform.net — Cisco Umbrella Rank: 4544
1 KB
2 gstatic.com
fonts.gstatic.com
www.gstatic.com
239 KB
2 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 12342
10 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
148 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
1 blogger.com
www.blogger.com — Cisco Umbrella Rank: 11518
58 KB
1 hzr0dm28m17c.com
hzr0dm28m17c.com — Cisco Umbrella Rank: 933045
98 21
Domain Requested by
12 images.fotmob.com www.footem.site
8 www.bing.com 3 redirects www.footem.site
8 securepubads.g.doubleclick.net ads.holid.io
securepubads.g.doubleclick.net
www.footem.site
www.googletagservices.com
7 fra1-ib.adnxs.com ads.holid.io
www.footem.site
cdn.adnxs.com
7 ib.adnxs.com 1 redirects ads.holid.io
acdn.adnxs.com
6 cdnjs.cloudflare.com www.footem.site
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
4 cdn.jsdelivr.net ads.holid.io
securepubads.g.doubleclick.net
3 acdn.adnxs.com www.footem.site
ads.holid.io
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 www.footem.site 1 redirects www.footem.site
2 eus.rubiconproject.com ads.holid.io
eus.rubiconproject.com
2 cdn.adnxs.com ads.holid.io
2 adsdk.microsoft.com ads.holid.io
2 www.googletagservices.com securepubads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 helloworld.holid.io ads.holid.io
2 fastlane.rubiconproject.com ads.holid.io
2 adx.adform.net ads.holid.io
2 raw.githack.com www.footem.site
2 blogger.googleusercontent.com www.footem.site
2 www.googletagmanager.com www.footem.site
www.googletagmanager.com
2 ads.holid.io www.footem.site
ads.holid.io
2 www.google.com www.footem.site
tpc.googlesyndication.com
1 token.rubiconproject.com eus.rubiconproject.com
1 e072cf693e7e6711f3535b47d8ecb864.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 region1.google-analytics.com www.googletagmanager.com
1 www.gstatic.com www.google.com
1 www.blogger.com www.footem.site
1 fonts.gstatic.com www.footem.site
1 hzr0dm28m17c.com www.footem.site
1 rawcdn.githack.com www.footem.site
98 32
Subject Issuer Validity Valid
www.footem.site
GTS CA 1D4
2023-10-13 -
2024-01-11
3 months crt.sh
www.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
holid.io
GTS CA 1P5
2023-12-03 -
2024-03-02
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
githack.com
GTS CA 1P5
2023-11-04 -
2024-02-02
3 months crt.sh
*.fotmob.com
Amazon RSA 2048 M02
2023-02-21 -
2024-02-08
a year crt.sh
hzr0dm28m17c.com
R3
2023-10-13 -
2024-01-11
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.blogger.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-06 -
2024-09-19
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-03
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
adsdk.microsoft.com
Microsoft Azure TLS Issuing CA 02
2023-10-11 -
2024-04-08
6 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2023-08-24 -
2024-08-24
a year crt.sh
r.bing.com
Microsoft Azure ECC TLS Issuing CA 05
2023-10-18 -
2024-06-27
8 months crt.sh

This page contains 10 frames:

Primary Page: https://www.footem.site/
Frame ID: E337BA423F53230EDA43E017BB425204
Requests: 54 HTTP requests in this frame

Frame: https://e072cf693e7e6711f3535b47d8ecb864.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C5DFAE18FCE998E0A5BFB06045F0D590
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstHEVATmMFZ9-uoA9f-K3WCWX_I81P6K36LPDMX0-_Di_ePiH0cwYM-I-jmdj5qx1u3bFItIucNKJjfUiky9QeZOwNCLxV7SnmkgrYOE7NeVn1wKqB2TOv-g6MkfV035Q7qkTxfCd-MX1MtmAMvXmOVoN-US-6fzesNHmrK70LDuTxVwFbWNRzqIrXQigotc9OvpuOhuXYSM9aQzcH1tmvcaTEsSwcXuHrx65axxYDmfQspX54X0zvKW8uPkWA3mjhNCg7H0EBHlhSxt3hUZnZ7fDKHKnoXW4sx9hVaH44eppq2bYNIhLgd0HzH2H4jDzroGi1Pk-OiFrzKiJuw2SiKfYEpZSpid8zy6ZfJ1Q&sai=AMfl-YRCmq05qcSfjROPIRieY-mxqRbO4eLacoeSsqMEOMkYgCDhPvlcsCUCCafR9z_NpFhL0riL7Pq2pVzYsJGM-mxxxQkYZXjjqiGnA-C621Iz5KWeI1Odd0xXVslggRKPRq759u2RSiUVLqft7oyPIO6DjIvoSzknLVxjuA&sig=Cg0ArKJSzHJpxqQRWFw1EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 36966ECD979E51132454DA1E8346C301
Requests: 15 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11179&pub_id=2238743
Frame ID: 5EE415F57E501B5DABD215351B015A29
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 50EAE25811F5A3921F9CD79027FB0F27
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F04F8F5BE05958D9962C9ED7CF048974
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8nC7tSl-3ctFRvb3vFTe6qBbRK52hIHu5Tiy0ptmqnxprCAMAduduT4YJMU_0ESvvSCPkkstennbwjFFbFJyYgyRyrxf-F1EwRLRLl4LdBow-QlyWQo2dF-m76vp4raXTE8lKunDJ861CwTVkBAgysLqgVRtsRQ9FejETEcgWBQ6w80Tg0ggyLpi1utMgVZaIE3BIlLWy5c9in2zIS-RJP6tZh860ZwUIWViAvcZFPgd1MBGhfQn6oN2CBWxBMuigSBI-Vi0bxQPPxxrT_TZ1Vr3xmKKbfeCO5THTq_jDRRPZbHZ2-tei0xJ-KkKbolrj-V6vPm4cqTE3t49k20i2TkbBZGw9CR0p-xExmA&sai=AMfl-YRVgPrbJjwPkYQs6kil4XTmH_CHJ_FauWz03IZYG1J0Jsbpd11TfNNGwGdm4MK0rABZ6NPtoY0TkIsXATFsbrTsnZ3N4fwaWr7DYgTxe-aGXILvKAdb7L1q2fI0RDzlz20ES6VpjHsF&sig=Cg0ArKJSzLRIL3dNOGKnEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 6F78C3F9532B43AD042D2B8F271E9F45
Requests: 15 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11179&pub_id=2238743
Frame ID: A56082168AA8784F902C99B22AD0B49F
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F8090F10093D83352449D799D939E206
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A621A8577BCD42E5DF7BDECB127697A1
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

FootEM | Football In Every MinuteFootEM | Football In Every Minute

Page URL History Show full URLs

  1. http://www.footem.site/ HTTP 301
    https://www.footem.site/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

98
Requests

93 %
HTTPS

72 %
IPv6

21
Domains

32
Subdomains

30
IPs

4
Countries

1709 kB
Transfer

4153 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.footem.site/ HTTP 301
    https://www.footem.site/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=79895868-b1e4-4df1-8d75-c823fa6c2a65&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=eef552c1-0ed3-4e2f-b9e1-3e8e25dbb5cd&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Daf09e6b5732e40fca3bf4aa3ceecb3a4%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=28216118&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_syvtugrq_a2q&aid=4221606316745117774 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=af09e6b5732e40fca3bf4aa3ceecb3a4&SNR=1&GV=2&med=10
Request Chain 65
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11179&pub_id=2238743&gdpr=0 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels%26seller_id%3D11179%26pub_id%3D2238743%26gdpr%3D0
Request Chain 82
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=79895868-b1e4-4df1-8d75-c823fa6c2a65&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=eef552c1-0ed3-4e2f-b9e1-3e8e25dbb5cd&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Daf09e6b5732e40fca3bf4aa3ceecb3a4%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=28216118&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_syvtugrq_a2q&aid=4221606316745117774 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=af09e6b5732e40fca3bf4aa3ceecb3a4&SNR=1&GV=2&med=10
Request Chain 95
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=79895868-b1e4-4df1-8d75-c823fa6c2a65&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=eef552c1-0ed3-4e2f-b9e1-3e8e25dbb5cd&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3Daf09e6b5732e40fca3bf4aa3ceecb3a4%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=28216118&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_syvtugrq_a2q&aid=4221606316745117774 HTTP 303
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=af09e6b5732e40fca3bf4aa3ceecb3a4&tids=15000&med=10

98 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.footem.site/
Redirect Chain
  • http://www.footem.site/
  • https://www.footem.site/
199 KB
43 KB
Document
General
Full URL
https://www.footem.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f06d4453396f60e0be643140640f8a0e47ad7ff473e9a8a95038abbdfef16d2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0
content-encoding
gzip
content-length
43937
content-type
text/html; charset=UTF-8
date
Wed, 06 Dec 2023 20:20:35 GMT
etag
W/"e898cd978f162ec42f80a82f4002a7ecf2f5c9289eb2f6a9901f7bfb6d221855"
expires
Wed, 06 Dec 2023 20:20:35 GMT
last-modified
Wed, 06 Dec 2023 09:15:05 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
private, max-age=0
Content-Encoding
gzip
Content-Length
172
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html; charset=UTF-8
Date
Wed, 06 Dec 2023 20:20:35 GMT
Expires
Wed, 06 Dec 2023 20:20:35 GMT
Location
https://www.footem.site/
Server
GSE
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
api.js
www.google.com/recaptcha/
1 KB
1 KB
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
78d7bb0b5371e973a752330ab8b3e10e1b79375a4cf0e4053ebb201cd6d3dd17
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:20:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 06 Dec 2023 20:20:36 GMT
holid.js
ads.holid.io/auto/footem.site/
35 KB
5 KB
Script
General
Full URL
https://ads.holid.io/auto/footem.site/holid.js
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c723 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bf2581a1797321eb95ae5dc00473465fa58e94704ba44b5c64d2ad368c801a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:20:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
472348
cf-polished
origSize=78392
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 16 Oct 2023 12:01:03 GMT
server
cloudflare
etag
W/"652d25ff-13238"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DsmxFxZKJq69jXWJEXPFvKJlNR22Pd546ZUSAg7SLLZM1%2FbLUpvERrqfQ7DOqUwqiCS8UFe01QG4FQX86I6dv67%2BFFHUdt0eLzbepP3I2ELPRM7bv6%2Fp1YkHXhAM3Ns3yy4itooBavzf6AA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=691200, s-maxage=691200
cf-ray
83173afd7f720e35-AMS
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
30 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:20:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
483799
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BGbtZnuXez3ngc1Mc1jeTiLvjtMOgSsxhSCVuliDmAid6zJELZuVzFWxz3n4VxAm%2FS5z%2Bo7MXXKB42jUvI1xcMnmz9xezk3zQqqwHN1sZUMyiyjk9P2Ll48ySphfgndilAghKojZwDjf0jlh7WWRRt7Y"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83173afd5b1b3bbf-WAW
expires
Mon, 25 Nov 2024 20:20:36 GMT
fontawesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/
57 KB
10 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/fontawesome.min.css
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8d00356859998784bda26e1d14f2d981515921b96ded50d5d6f6f0e75bac15c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:20:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1313143
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10256
last-modified
Mon, 05 Oct 2020 17:43:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f7b5b5f-e238"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hcckXI470sbJIqLdeNTWWUc28G5k80E0JqrDUsri7oQ5ZPKyO51vkPGmrjZnMnfrkiIVaGaa0nWIBbkCuFDTUHG0Z0pluW66O6gZoSO2a8%2B80NQ2cobtFk9kQ%2F8d8i%2BpMJw2eqgIo8G56lPe1u9EJnyS"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83173afd5b203bbf-WAW
expires
Mon, 25 Nov 2024 20:20:36 GMT
js
www.googletagmanager.com/gtag/
244 KB
85 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5CJ36TGWSE
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d2a2c75062cf6b49b32001aa572899e204b466a6517dee7b41a9e11e90a03b37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:20:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86524
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 06 Dec 2023 20:20:36 GMT
AVvXsEjFnchNph1LwH922yXiuXv8LEqyL_LTdUoE5sHnFlxsDFJU-fYuypV3RPEVfvV6uJNruRG1_639moP3LWjg43iUnFy5-fTCr-xrXpugYpNv3IsNUpEZ5ZnfgGyaL2Cw91IcXpSHFOpmPI0czETe2D-ARHW9uYhrwuwd8HMjjDSWtvce5R9_P2lot-jzXw=s176
blogger.googleusercontent.com/img/a/
4 KB
4 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEjFnchNph1LwH922yXiuXv8LEqyL_LTdUoE5sHnFlxsDFJU-fYuypV3RPEVfvV6uJNruRG1_639moP3LWjg43iUnFy5-fTCr-xrXpugYpNv3IsNUpEZ5ZnfgGyaL2Cw91IcXpSHFOpmPI0czETe2D-ARHW9uYhrwuwd8HMjjDSWtvce5R9_P2lot-jzXw=s176
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
64687be0ebc03d225dc33d8fd78be938f3b511f4c9dc3bb5a615caa407d5bc2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:20:36 GMT
x-content-type-options
nosniff
server
fife
etag
"v838"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Footem-2.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4374
x-xss-protection
0
expires
Thu, 07 Dec 2023 20:20:36 GMT
ins-devtool.js
rawcdn.githack.com/insnesia/INSSA/e779e059a072e368d201c5f602c9f0543549ac13/
0
0
Script
General
Full URL
https://rawcdn.githack.com/insnesia/INSSA/e779e059a072e368d201c5f602c9f0543549ac13/ins-devtool.js
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eae7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-fastly-request-id
688170e58b569b32ba9520f6b12da7b1b4d9c662
date
Wed, 06 Dec 2023 20:20:36 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30
x-cache
MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
14
x-served-by
cache-hel1410033-HEL
server
cloudflare
x-github-request-id
AA10:123CE:5023BE:52AFAB:6570D6AC
x-timer
S1701893806.702114,VS0,VE146
source-age
0
vary
Authorization,Accept-Encoding,Origin
x-githack-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aE8mgexPIq%2FGsAD%2F6z%2FXRFk2QAwCOu0aEVN8NpquD8Co%2BadWZ3snuqA5EjMeRulK%2BTqa%2Fsgex9wYw25p%2FpJTvT992cbxZp%2BcRNvvkXUVSJbnnDi%2BNsb6Saw1n67R22vJA%2B%2BZyz1TMoVtpWIrbnWAXG4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=300, public
cf-ray
83173afedca9670f-AMS
x-cache-hits
0
578653.png
images.fotmob.com/image_resources/logo/teamlogo/
10 KB
10 KB
Image
General
Full URL
https://images.fotmob.com/image_resources/logo/teamlogo/578653.png
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-56.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
11e4b55a73394ccdfc27b933cf3a25570c689a214ee08953ef27932426759c35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 15:30:40 GMT
x-amz-meta-cache-control
max-age=2592000
via
1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
last-modified
Tue, 29 Oct 2019 10:02:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
1399797
etag
"66b8cc4ba34015afbc0ce6d865c25e82"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
10059
x-amz-cf-id
l5Q8eP6AhSp4tPjyvmqzB_ZzM4IGphZ8o05DrHaprjbKCIkNVCeNnA==
578651.png
images.fotmob.com/image_resources/logo/teamlogo/
10 KB
11 KB
Image
General
Full URL
https://images.fotmob.com/image_resources/logo/teamlogo/578651.png
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-56.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84f026f169adc5bf989d9c57e5c5701cc54eee22bc6f3ea86e0a48dff9c48616

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 08:25:08 GMT
via
1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
last-modified
Sun, 16 Jul 2023 13:25:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
1079729
etag
"84923bedc5cc80ce3206e1bed4cbbe25"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
must-revalidate, max-age=2592000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
10708
x-amz-cf-id
T2Hoepk1F8YQJahuRZ1ykaMSTMNBKVQWBum4jiceQrCnLWG8899o2g==
8650.png
images.fotmob.com/image_resources/logo/teamlogo/
13 KB
13 KB
Image
General
Full URL
https://images.fotmob.com/image_resources/logo/teamlogo/8650.png
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-56.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
602226218e1378b2c21234dc86949e30b0883ede3e811149a09e71e833e2ce63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 23:42:18 GMT
x-amz-meta-cache-control
max-age=2592000
via
1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
last-modified
Mon, 09 Sep 2019 07:14:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
938299
etag
"68f243b68d72435378988018c59c864c"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
13350
x-amz-cf-id
LHNR4XPHv9IkE5cvokmLKUnM_p3xcFC9ltzRYb2E3P1n17y4b1oZQw==
8657.png
images.fotmob.com/image_resources/logo/teamlogo/
11 KB
11 KB
Image
General
Full URL
https://images.fotmob.com/image_resources/logo/teamlogo/8657.png
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-56.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6553b434beef8faafed3e14142ba5a1c7b63c85b5c06e4f3ad61951a72380d7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 20:03:28 GMT
x-amz-meta-cache-control
max-age=2592000
via
1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
last-modified
Fri, 09 Aug 2019 07:14:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
1124229
etag
"49c8f652cf326683b00b2f10c8269440"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
11179
x-amz-cf-id
gt90mXft8szoozJzkG9wSlvX7GzsyOyRHJBqXgKVgCJ9cMGM_Fca0Q==
9937.png
images.fotmob.com/image_resources/logo/teamlogo/
14 KB
15 KB
Image
General
Full URL
https://images.fotmob.com/image_resources/logo/teamlogo/9937.png
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-56.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40ea0f1ce6a865641c11d2b18aea950a437f62d74ad8edf80411288ae0225753

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 01:57:31 GMT
x-amz-meta-cache-control
max-age=2592000
via
1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
last-modified
Tue, 04 Dec 2018 10:30:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
2312586
etag
"a1fc1cec337dc52e6ec144d61310f11b"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
14576
x-amz-cf-id
EJ__ye-in62GSlNzwWtrdTLAUqzDR6kr4zt609ev4K8fnXOumz5hMw==
10204.png
images.fotmob.com/image_resources/logo/teamlogo/
11 KB
12 KB
Image
General
Full URL
https://images.fotmob.com/image_resources/logo/teamlogo/10204.png
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-56.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2d326e9197c15cee2342aa84195132add35fc836b3750442039a331e110f2c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 15:57:26 GMT
x-amz-meta-cache-control
max-age=2592000
via
1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
last-modified
Tue, 04 Dec 2018 10:31:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
1916591
etag
"b3890571378e2cc210e928d9bf409f02"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
11611
x-amz-cf-id
qr08wsHvLiYjvTjh9Tyf8tRrtGdgzGM_3BIeBRYysEr8h64wB-npcQ==
9789.png
images.fotmob.com/image_resources/logo/teamlogo/
10 KB
10 KB
Image
General
Full URL
https://images.fotmob.com/image_resources/logo/teamlogo/9789.png
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-56.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6c930671e4ab37e34399dc4be981158bb8d3957e8c82ecefaf8f71a6197db142

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-meta-cache-control
max-age=2592000
date
Sun, 26 Nov 2023 16:01:54 GMT
via
1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
last-modified
Tue, 04 Dec 2018 10:28:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
879523
etag
"116622ee77a362fed42b6b077eafc334"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
9731
x-amz-cf-id
dsrWJMLm8q9-3nOAP4eeImyngzarWewyTpzmrDVEayNlChWSVkwbIw==
10269.png
images.fotmob.com/image_resources/logo/teamlogo/
12 KB
13 KB
Image
General
Full URL
https://images.fotmob.com/image_resources/logo/teamlogo/10269.png
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-56.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7aeb5df6c1ba0e44674657f1399139bb0ab0737376d10c7b4b60b4fa2a0dd109

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 20:20:17 GMT
x-amz-meta-cache-control
max-age=2592000
via
1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
last-modified
Tue, 04 Dec 2018 13:26:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
1382420
etag
"eaa721bd88c8e73998794de9eccd42a2"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
12415
x-amz-cf-id
OWcMa_qmdu8VpIdR0Gt-F_U7hPQ-skLEhzn_yEH6_buzu7_PgLxpVw==
8455.png
images.fotmob.com/image_resources/logo/teamlogo/
13 KB
14 KB
Image
General
Full URL
https://images.fotmob.com/image_resources/logo/teamlogo/8455.png
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-56.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be5014997cfd0c5933ce9cba77979fc3fc9fd941fd14de7759def6ccadcedf24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 06:49:16 GMT
via
1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
last-modified
Sun, 30 Jul 2023 17:35:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
1603881
etag
"c7a4f01e8f07bdca51a67f6426d273cc"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
must-revalidate, max-age=2592000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
13750
x-amz-cf-id
nJOQUyJMYorJsz5eYC1bzh4GcxqCEc6iI6HreOAzQMn791sNgt0_Mg==
10260.png
images.fotmob.com/image_resources/logo/teamlogo/
15 KB
16 KB
Image
General
Full URL
https://images.fotmob.com/image_resources/logo/teamlogo/10260.png
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-56.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8fb036da25b891ee8717d39d7be59e460dccda4d2ba1a486a4ad3022049fd075

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-meta-cache-control
max-age=2592000
date
Tue, 28 Nov 2023 01:29:44 GMT
via
1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
last-modified
Tue, 10 Sep 2019 11:37:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
759053
etag
"195b175cab7cbe3bc1bf6f23a3566d3c"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
15616
x-amz-cf-id
20p54r4DTxT-kaxNmWlom0NyJiYpkukgJvfX_qDQBO1B4gvzTxNkHA==
8456.png
images.fotmob.com/image_resources/logo/teamlogo/
14 KB
15 KB
Image
General
Full URL
https://images.fotmob.com/image_resources/logo/teamlogo/8456.png
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-56.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7bbb9988b5f64e410f01c03fda12858dd273ba0166da2dbb098b0ca4deb8e30a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 17:51:09 GMT
x-amz-meta-cache-control
max-age=2592000
via
1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
last-modified
Tue, 14 May 2019 06:41:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
1909768
etag
"3fa72e8cc7685a2c2e435d253d4b04b7"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
14739
x-amz-cf-id
a_3hAj9C7v1FWTyyMSWa_q3mXaKVMB2uLi8M3OqsO-HeKOo5BpchCw==
10252.png
images.fotmob.com/image_resources/logo/teamlogo/
10 KB
10 KB
Image
General
Full URL
https://images.fotmob.com/image_resources/logo/teamlogo/10252.png
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-56.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10b3cf36771fc6dab4d3f9f3841220c6330c5791ca7ad69ac099ab59e08ca251

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 01:36:39 GMT
via
1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
last-modified
Sun, 09 Jul 2023 22:02:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
2313838
etag
"e19add3484d56ef2732cf1b071bfe706"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
must-revalidate, max-age=2592000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
10220
x-amz-cf-id
tpl9xdI91hObLNAS_DwCNmqX7taIIjTpjiXA0CZc7KXtUpX0-zQ8_g==
invoke.js
hzr0dm28m17c.com/1be28071cb8484a1053cd220bc9652dd/
0
0
Script
General
Full URL
https://hzr0dm28m17c.com/1be28071cb8484a1053cd220bc9652dd/invoke.js
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 06 Dec 2023 20:20:36 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
download%20(2).png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhusedq1TM61VbTwKWxb3-gTCkRmY1N11fzs7mhgL_pGG6d5c-nW8KEghlDxUvbhaTHK-GtcUD8S_J7Cb1UNgkMyifaxxThekvG0GNCsucC0Rhgz_lh43_2fHKmc8LAMQQyxPr5361-2P_Dknnc...
5 KB
5 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhusedq1TM61VbTwKWxb3-gTCkRmY1N11fzs7mhgL_pGG6d5c-nW8KEghlDxUvbhaTHK-GtcUD8S_J7Cb1UNgkMyifaxxThekvG0GNCsucC0Rhgz_lh43_2fHKmc8LAMQQyxPr5361-2P_Dknnc5FBVoZAW14xN8lhOUCKFwLjOkPuX-3gmjvQmPMNfTkf7/s320/download%20(2).png
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
56cc5c753fac681d45b9ef305197694b57e3690d5257f2576274fdbd45f96cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:20:36 GMT
x-content-type-options
nosniff
server
fife
etag
"vaad"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="download (2).png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5100
x-xss-protection
0
expires
Thu, 07 Dec 2023 20:20:36 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/
87 KB
28 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:20:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
746658
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27958
last-modified
Mon, 04 May 2020 23:01:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb09ed3-15d84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2aXD0VZCb3OePmcujyiZSHAi%2FQSQl%2F413Ffb2ck9jQJWiNxC5CUl6326z9fwAgnOkOSkIWe2%2FnxpqdG0xh31%2FV8tIHrk210KfQ%2F61J2UpFlgvlZGjOScj5LLxkBRN%2BG2BCnrSy%2B57FOgAKhs89lHmAHg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83173afd9ba23bbf-WAW
expires
Mon, 25 Nov 2024 20:20:36 GMT
fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/
13 KB
14 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-regular-400.woff2
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6df2ce1dd3eb2bb0e0e5418aa6cdf26ff6cd382363f5d72b56d1befbec4131e5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.footem.site/
Origin
https://www.footem.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:20:36 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
654595
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13548
last-modified
Mon, 05 Oct 2020 17:43:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f7b5b5f-34ec"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F2MtHo3%2Flgcfnt98Rcn7Oh5aItIXR2mp%2BmQHfZrKbWjRrT7tzX9U4xM9%2FeBVPDKdvfQcMFTYkHBM8IAb%2BywdMhrjCK034XnZ56rsNCvsuFTu%2BdqI91fuXo%2FVJCeRQE8nT8lTRs7M6Fvv7E2n4Wykokxp"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83173afddd41bff5-WAW
expires
Mon, 25 Nov 2024 20:20:36 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v2/
36 KB
36 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v2/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f2ff871cd7f284064ca188d22dd0b8f2abb173b4f3cb03a7487d23717273021
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.footem.site/
Origin
https://www.footem.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:24 GMT
x-content-type-options
nosniff
age
127632
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36740
x-xss-protection
0
last-modified
Fri, 26 Jun 2020 02:37:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Dec 2024 08:53:24 GMT
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/
77 KB
77 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-brands-400.woff2
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7e82d9e917c569248435f4fc04d5d05b755a84ab795adcf89efe9783091b5f7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.footem.site/
Origin
https://www.footem.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:20:36 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
561138
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
78460
last-modified
Mon, 05 Oct 2020 17:43:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f7b5b5f-1327c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=clbXZ6W4OH9vsSoo06QT4hwK3%2FUwCYa6f3ps1X9DYovyETUUY0dzZI%2B2BI1zBG3jnN9ZKqO6s5%2FEwu0bu57SU%2B1hD3aKscnrIEomYbp4Qc8LeGRGNwAZzINbV223k1a6WaJals2AD8KDVQ5tE9BmE3r3"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83173afddd43bff5-WAW
expires
Mon, 25 Nov 2024 20:20:36 GMT
mm1ten.js
raw.githack.com/rzn076/asd/codes/
50 KB
18 KB
Script
General
Full URL
https://raw.githack.com/rzn076/asd/codes/mm1ten.js
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eae7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d851ea913ba751ce5ca5bd6b03f24e84bb33a9568dbe869d602209416c5dd34
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-fastly-request-id
13996c532e379d401f1f380a818a4efd189f4ba8
date
Wed, 06 Dec 2023 20:20:36 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24
content-encoding
br
x-cache
HIT
x-cache-hits
1
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-hel1410023-HEL
server
cloudflare
x-github-request-id
CCC0:3CC3:C4E988:CCF50C:656F4F36
x-timer
S1701796803.618398,VS0,VE204
etag
W/"6864cca62aaa0422c3d35a8f1c9ed3c740070f1e47581341f4ba4a6e976dfea6"
source-age
0
vary
Authorization,Accept-Encoding,Origin
x-githack-cache-status
MISS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F9%2BOu3YPSKRXymljYIfHhrtuUNa0EyOyRiRmmJvjzv13kr0ftqdkMb6oZOhJxx2%2BmI3Q7VWTiEdVZtZovXU4UNk46LfUdDKQBj6CB8eZVQ5%2FZOJP1gpauTgduI8iZYJ9F4ykahZdE0GfcmxUf4Y%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=300, max-age=300, public
x-robots-tag
none
cf-ray
83173afed82706c0-AMS
expires
Wed, 06 Dec 2023 20:21:06 GMT
Footem12Timer.js
raw.githack.com/rzn076/asd/codes/
36 KB
7 KB
Script
General
Full URL
https://raw.githack.com/rzn076/asd/codes/Footem12Timer.js
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eae7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12e9d389d759c1c5da338104b603b194a42dde9d8ac75276e72562c8308c19a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-fastly-request-id
7d2388e9947dbd554550c5a86dfbf6b043e967c8
date
Wed, 06 Dec 2023 20:20:36 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24
content-encoding
br
x-cache
HIT
x-cache-hits
1
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-hel1410020-HEL
server
cloudflare
x-github-request-id
9A50:E1B6:4496DE4:47CD1C9:656F2CD3
x-timer
S1701796803.630384,VS0,VE210
etag
W/"1ab5f1a622928b29d508e4f9c0b7b23120ebf4236d77c84333771805e4cd3d5d"
source-age
0
vary
Authorization,Accept-Encoding,Origin
x-githack-cache-status
MISS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4HjeQnWWMOIFaGlr2aVoRdSi6NngucSobO%2BmXGNLo77a%2FZ8VM4rgeq8DZ2qRB%2BEmOtLMM0mrhdLYHnVGlRdat2J2AIT4FmYjHZOrv3zu%2ByBl6Fo%2BCBzl4PXYc90K7bN7mzWfTObj81g5lwdinzQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=300, max-age=300, public
x-robots-tag
none
cf-ray
83173afed82b06c0-AMS
expires
Wed, 06 Dec 2023 20:21:06 GMT
cookienotice.js
www.footem.site/js/
6 KB
2 KB
Script
General
Full URL
https://www.footem.site/js/cookienotice.js
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:20:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 06 Dec 2023 17:57:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
2026
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Wed, 13 Dec 2023 20:20:36 GMT
3754116945-widgets.js
www.blogger.com/static/v1/widgets/
161 KB
58 KB
Script
General
Full URL
https://www.blogger.com/static/v1/widgets/3754116945-widgets.js
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
38d944d88c98612f76ed693afb143f1c032ca27ba56ec46a6714ab3dc511f974
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:03:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
166648
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59286
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 23:28:54 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 03 Dec 2024 22:03:08 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/
504 KB
202 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43760313e4a6cfb7be2b72e5b0daa391e8880a24e3274e00bfc2c7b8bba09936
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.footem.site/
Origin
https://www.footem.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 01:29:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
154265
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206640
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 17:08:31 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 01:29:31 GMT
truncated
/
500 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/
78 KB
79 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-solid-900.woff2
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de18f83fe5e106b0ff08097632c801d3b2a5744cb2040302314b3ed08d5c0c8e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.footem.site/
Origin
https://www.footem.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:20:36 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2397222
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
80300
last-modified
Mon, 05 Oct 2020 17:43:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f7b5b5f-139ac"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zy%2Byn94WuDddKFvFjuCUjfHGTyBjZbrIQpM6A12n5WUFj%2FQ8GzBArYEEgytx6H%2FaiYN71Ue%2FxHKLncQ5fRVmuvKJre%2Ff1xw5sYCdDq09npA8jUVGIJDmhYvhqV9AKZyhh0CJCHqxIPThiy7pIgP8%2FFDe"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83173aff4f77bff5-WAW
expires
Mon, 25 Nov 2024 20:20:36 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
91 KB
30 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ads.holid.io
URL: https://ads.holid.io/auto/footem.site/holid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
07d6b66be54519cbc6486ba1311a95c9d497862fdc6c32077672cc9e00476b71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:20:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30011
x-xss-protection
0
server
cafe
etag
285 / 19697 / 31079946 / config-hash: 16835354973066905572
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 06 Dec 2023 20:20:36 GMT
prebid8.5.0.1.js
ads.holid.io/
383 KB
119 KB
Script
General
Full URL
https://ads.holid.io/prebid8.5.0.1.js
Requested by
Host: ads.holid.io
URL: https://ads.holid.io/auto/footem.site/holid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c723 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1e79529cab34e8a3c245f8bbd1b767c5ba3e54dd8a342e6b255c1c2df79b6ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:20:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
541918
cf-polished
origSize=392864
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 27 Sep 2023 12:53:12 GMT
server
cloudflare
etag
W/"651425b8-5fea0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hzQgfWOE8iEb3iHgyRcdokRG%2BapyHBBko8D3ezlaGiwsSqzdhtfopLBm4nTiWnlWeSnkNmuFQMJ%2FVAb6zbKGTNaDUdY3ixjHFMGKfnQZ7l%2FEvk0%2FxpabvYEDfN3aGa9bdPquWz%2FirJLc8AU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
83173b005c010e35-AMS
js
www.googletagmanager.com/gtag/
174 KB
63 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-188931075-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5CJ36TGWSE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
94db59ade1e62ecba474c27e19e433ea369a8c24d5c009927c99b8d93c3c3026
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:20:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64862
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 06 Dec 2023 20:20:36 GMT
collect
region1.google-analytics.com/g/
0
245 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-5CJ36TGWSE&gtm=45je3bt0v874592862&_p=1701894036084&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1029087753.1701894037&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701894036&sct=1&seg=0&dl=https%3A%2F%2Fwww.footem.site%2F&dt=FootEM%20%7C%20Football%20In%20Every%20Minute&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1356
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5CJ36TGWSE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 20:20:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.footem.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
2 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21afa7199d559d4dfd75da10d23a37752ed1c2636718c556a133dc13ba88fdbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.footem.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Dec 2023 20:20:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
15582
x-jsd-version
1.0.1896
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230065-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"636-7T+n14p651UDqUUrsjlaf56A4j0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vqGqg33zULDYt2m7br21uXQjludK6tK0eUlRouaxV%2Fl3Gk6PbRNWdQO%2Fs%2Bn9L75VJsywiDScsUNd9mHBIS%2Fdy6QmbPnSFWU%2FsH4g0KQazLaix9gsC1CfxnlZOKAKCGDbpP7d8Ec0ESl7Ksw1Ros%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
83173b01aa1e70b5-WAW
openrtb
adx.adform.net/adx/
0
532 B
XHR
General
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.230 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.footem.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 20:20:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.footem.site
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
fastlane.json
fastlane.rubiconproject.com/a/api/
408 B
923 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19172&site_id=455578&zone_id=2672282&size_id=2&alt_size_ids=31%2C55%2C57%2C78%2C79%2C145&rp_schain=1.0,1!holid.io,6313,1,,,&eid_pubcid.org=39d58308-6b0d-490e-931c-7b68805f5958%5E1&rf=https%3A%2F%2Fwww.footem.site%2F&kw=Footem7%2Clivekoora%2Cfootemfootball%2Cfootballnews%2Cfootballlive%2Cepicsports%2Csportstrack%2Cyalla-live%2Cfootemsite%2Cfootball%2Csoccer%2Csportstracklive%2Cfootem%2Clivestreaming&tg_i.domain=footem.site&tg_i.page=https%3A%2F%2Fwww.footem.site%2F&tg_i.pbadslot=div-gpt-ad-3962781-2&tk_flint=pbjs_lite_v8.5.0&x_source.tid=3b88bcf5-4593-4286-a3df-ff7d620a2910&l_pb_bid_id=5d24051f46bb88&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=e83a39b6-b61b-4db0-89af-b967331f9283&rp_maxbids=1&slots=1&rand=0.9142320568028832
Requested by
Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b969a50f6ad6748da873ca5e57d773cfb7b8b305d3019000f9283f689c7ae4bd

Request headers

Referer
https://www.footem.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 20:20:36 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.footem.site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
408
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
409 B
748 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19172&site_id=455578&zone_id=2672300&size_id=2&alt_size_ids=31%2C55%2C57%2C78%2C79%2C145&rp_schain=1.0,1!holid.io,6313,1,,,&eid_pubcid.org=39d58308-6b0d-490e-931c-7b68805f5958%5E1&rf=https%3A%2F%2Fwww.footem.site%2F&kw=Footem7%2Clivekoora%2Cfootemfootball%2Cfootballnews%2Cfootballlive%2Cepicsports%2Csportstrack%2Cyalla-live%2Cfootemsite%2Cfootball%2Csoccer%2Csportstracklive%2Cfootem%2Clivestreaming&tg_i.domain=footem.site&tg_i.page=https%3A%2F%2Fwww.footem.site%2F&tg_i.pbadslot=div-gpt-ad-3962781-11&tk_flint=pbjs_lite_v8.5.0&x_source.tid=3b88bcf5-4593-4286-a3df-ff7d620a2910&l_pb_bid_id=64bb330f23f847&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=191f55a9-75a0-4572-90d6-7b0c71e94ca3&rp_maxbids=1&slots=1&rand=0.4305066592901745
Requested by
Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9f9f2c00132b24e86fdec5c58bb34b5e48cbe7c01ddc17a52ebea09cf6e8b339

Request headers

Referer
https://www.footem.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 20:20:36 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.footem.site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
409
expires
Wed, 17 Sep 1975 21:32:10 GMT
openrtb
adx.adform.net/adx/
0
531 B
XHR
General
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.230 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.footem.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 20:20:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.footem.site
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/
249 B
813 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
8df31a9361cb7369eeb0cb75fc04718cc6050501fcaa3c7d7a6c9d26630d20e5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.footem.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 20:20:36 GMT
an-x-request-uuid
fd8d9a9e-cf9c-48ee-a9b7-b9c612fa38df
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.footem.site
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.212; 193.32.248.212; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
249
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
helloworld.holid.io/openrtb2/
13 KB
5 KB
XHR
General
Full URL
https://helloworld.holid.io/openrtb2/auction
Requested by
Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c723 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00ba1abfe8d84fa5d0a7e86aaf9bbaa3b8c10fdbc4c86cfe9ff83b3cae2e779d

Request headers

Referer
https://www.footem.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Dec 2023 20:20:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-prebid
pbs-go/0.275.0
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UW%2FTbEQ9mgUgtANCslSpQxJmu1PIS7vvxfi8uRshFxuq%2B1qW0N4DAgsHo3Rx2sAiWyHOi2H2YtGo1F82Ep3BnR5sRg9Dw9XIVCofpKx8FMf%2Fq5kAJu8nUMyLarto%2BkZ7K6S%2BKdc52AK9dQ0r8tNn8t4i"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.footem.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
83173b016da70e35-AMS
expires
0
auction
helloworld.holid.io/openrtb2/
271 B
626 B
XHR
General
Full URL
https://helloworld.holid.io/openrtb2/auction
Requested by
Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c723 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7708bde88a4a5c13edd6d3e7c28dcee7a381afc0af223ffb1636e163c353dfe9

Request headers

Referer
https://www.footem.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Dec 2023 20:20:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-prebid
pbs-go/0.275.0
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2gP9S%2FQ3%2FZHZo7L2rhpOvzelyqt%2F3h3TLn1reC1wnACnnreAG2y3fIcAZy5tAj4Su1%2F9ipsRWino1%2Fn7jvMbUe94XpoX2AZ4fSCnwIpaAHdxVgKHCgtyjrtGvdJC%2FMVkmHJZcJ8G%2Bcg3cxutWdNWqJ8F"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.footem.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
83173b016da90e35-AMS
expires
0
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-188931075-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 06 Dec 2023 19:41:49 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2327
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 06 Dec 2023 21:41:49 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/
431 KB
135 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c44b1665bde2b3f0a1b356fec4559832ae270f7180b48265da8832815698a55e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 11:36:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
31457
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138089
x-xss-protection
0
server
cafe
etag
6648938400208870771
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 05 Dec 2024 11:36:19 GMT
collect
www.google-analytics.com/j/
1 B
206 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2090017999&t=pageview&_s=1&dl=https%3A%2F%2Fwww.footem.site%2F&ul=en-us&de=UTF-8&dt=FootEM%20%7C%20Football%20In%20Every%20Minute&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=712868804&gjid=95287206&cid=1029087753.1701894037&tid=UA-188931075-1&_gid=955293613.1701894037&_r=1&gtm=457e3bt0z8874592862&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1083618484
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.footem.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 20:20:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.footem.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/
732 B
1 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:20:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4080
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-ams21047-AMS
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sK3UBAOZ%2BwtC2f6FDAxaIlmz6i4Ax9s1aB7MmZaVoCbmsoYWss10YfoULD6oorz%2FkvXB%2FGXz9l8mdpuC0QMcRU%2BkokWSCBBh6sbOLZpssun3bQ4Z9QO1VluW2oiOgxcjzuPv1UBxFmz9BBvymFo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
83173b049cff357b-WAW
ads
securepubads.g.doubleclick.net/gampad/
30 KB
12 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1142390636813213&correlator=183703454878386&eid=31078987%2C31079234%2C31079946%2C31079525%2C31079575&output=ldjh&gdfp_req=1&vrg=202311300101&ptt=17&impl=fifs&iu_parts=21756427176%2CDefault2%2CDefault11&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%7C980x300%7C970x250%7C980x120%7C970x90%7C980x250%7C980x150%7C980x240%7C970x120%2C728x90%7C980x300%7C970x250%7C980x120%7C970x90%7C980x250%7C980x150%7C980x240%7C970x120&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701894037177&lmt=1701854105&adxs=315%2C315&adys=98%2C1361&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.footem.site%2F&vis=1&psz=970x0%7C970x0&msz=970x0%7C970x0&fws=4%2C4&ohw=1600%2C1600&ga_vid=1029087753.1701894037&ga_sid=1701894037&ga_hid=2090017999&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcYsr2ohsQxSABSAghk&dlt=1701894035971&idt=1173&prev_scp=hb_format_holid%3Dbanner%26hb_size_holid%3D970x250%26hb_pb_holid%3D4.20%26hb_adid_holid%3D161f38a8605b9b4%26hb_bidder_holid%3Dholid%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D4.20%26hb_adid%3D161f38a8605b9b4%26hb_bidder%3Dholid%7C&adks=3152758767%2C3448955163&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf503d1736fc5a303e19bf9e5e2585aec8056cf8ca9a7d3604ef78fa2ae408aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:20:37 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12667
x-xss-protection
0
google-lineitem-id
6196654275,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138419879227,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.footem.site
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e072cf693e7e6711f3535b47d8ecb864.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C5DF
6 KB
3 KB
Document
General
Full URL
https://e072cf693e7e6711f3535b47d8ecb864.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.footem.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 06 Dec 2023 20:20:37 GMT
expires
Thu, 05 Dec 2024 20:20:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311300101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b86e7252b46cb9383680ff576426c8e41f4fb3eb4b2851da8f3706af6ee9291
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:20:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12432
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 3696
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstHEVATmMFZ9-uoA9f-K3WCWX_I81P6K36LPDMX0-_Di_ePiH0cwYM-I-jmdj5qx1u3bFItIucNKJjfUiky9QeZOwNCLxV7SnmkgrYOE7NeVn1wKqB2TOv-g6MkfV035Q7qkTxfCd-MX1MtmAMvXmOVoN-US-6fzesNHmrK70LDuTxVwFbWNRzqIrXQigotc9OvpuOhuXYSM9aQzcH1tmvcaTEsSwcXuHrx65axxYDmfQspX54X0zvKW8uPkWA3mjhNCg7H0EBHlhSxt3hUZnZ7fDKHKnoXW4sx9hVaH44eppq2bYNIhLgd0HzH2H4jDzroGi1Pk-OiFrzKiJuw2SiKfYEpZSpid8zy6ZfJ1Q&sai=AMfl-YRCmq05qcSfjROPIRieY-mxqRbO4eLacoeSsqMEOMkYgCDhPvlcsCUCCafR9z_NpFhL0riL7Pq2pVzYsJGM-mxxxQkYZXjjqiGnA-C621Iz5KWeI1Odd0xXVslggRKPRq759u2RSiUVLqft7oyPIO6DjIvoSzknLVxjuA&sig=Cg0ArKJSzHJpxqQRWFw1EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:20:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 06 Dec 2023 20:20:37 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 3696
26 KB
10 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:20:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3544
x-jsd-version
1.16.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220028-FRA, cache-vie6337-VIE
x-jsd-version-type
version
server
cloudflare
etag
W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aanyvA%2F9Ofg2Aaq8mP9wy3tQZFpR1lGrj7S%2BwLckO%2FxLHezEm6VpmIUuEc3MRPdwP9%2BSQckLAAXrx71bEt88z8MYPR4Wq4DfKwfik%2FFiz7MKg4SJporbg5D9ilrjubwWUPEhBLIHKjeYKbJf9gA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
83173b083a86357b-WAW
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 3696
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:20:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65147
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701694399686299"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Dec 2023 20:20:37 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:20:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 06 Dec 2023 20:20:38 GMT
sdk.js
adsdk.microsoft.com/native-to-display/ Frame 3696
95 KB
38 KB
Script
General
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c4286b5a1606b8f76c136f69043974148e12d6e80d3a1f1178a54c6ab67b7b07

Request headers

Referer
https://www.footem.site/
Origin
https://www.footem.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 06 Dec 2023 20:20:37 GMT
content-encoding
br
last-modified
Mon, 04 Dec 2023 20:39:18 GMT
vary
Accept-Encoding
x-azure-ref
20231206T202037Z-2b5pnx82vh1afb7u9pg9yte8nn00000006kg00000000r39s
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
81af1b7f-201e-0021-38f2-26d08f000000
cache-control
private, max-age=3600
x-cache
TCP_HIT
x-ms-version
2009-09-19
it
fra1-ib.adnxs.com/ Frame 3696
0
534 B
Image
General
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.footem.site%2F&e=wqT_3QKeCPBMHgQAAAMA1gAFAQiUr8OrBhDOoI3Zv5KKyzoY_unV8fffxrR7KjYJAAAATOOl2z8RAAAAVf5D2j8ZAAAAgOtRCkAhAAAAVf5D2j8pAAAJJPCfMQAAACCF69E_MLaWug04q1dAtV5I4wNQuomKtgFYj6-jAWAAaOKaxwF419kFgAEBigEDVVNEkgEDU0VLmAHKB6AB-gGoAQGwAQC4AQHAAQXIAQLQAQnYAQDgAQDwAQDYAgDgAsTIVeoCGGh0dHBzOi8vd3d3LmZvb3RlbS5zaXRlL4ADAIgDAZADAJgDFKADAaoDrwMKxQJodHRwczovLwEu8IZiaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1lZWY1NTJjMS0wZWQzLTRlMmYtYjllMS0zZThlMjVkYmI1Y2QmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTMJXFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4AZY5xALhydHlwZT1udXJsJnRhZ0lkPTI4MjE2MTE4JnRyYWZmaWNHcm91cD1rbmFxZV8zYxEWCFN1YgkZFHp6ZiUzQREf9EgBX3N5dnR1Z3JxX2EycSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzQyMjE2MDYzMTY3NDUxMTc3NzQiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnpJeU1qUTFNakE1TmpBek56QWpNak15TkRBeU16azROREV3T1RVMk9BPT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQUMmEwMzoxYjIwOmI6ZjAxMTo6MWWoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAPAEuomKtgGIBQGYBQCgBeGamJT5scC3AaoFDzEzMjc3ODJlNDFmZmI0OcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBc6bAfoFBAgAEACQBgCYBgC4BgDBBgAAAAABMSTQBsKNBNoGFgoQDTYVAQGdZOAGAfIGAggAgAcBiAcAoAcByAfX2QXSBw0JEScBJgzaBwYIBQnwcuAHAOoHAggA8AebS4oIRwpDAAABjEDKGiA6liiT-yNQTkpccldUfKTviWbRVom1NvhbhPMOdDfq3BSJMWLCGUR6ADSn4LN6fZNg-FiuaayMd6GhCBABlQgAAIA_mAgBwAgA0ggOCIGChIiQoMCAARAAGAA.&s=29a5e21d0acd3c446217cfa3c939d3d6f78ee4a7&pp=0.4104
Requested by
Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 20:20:37 GMT
an-x-request-uuid
a998fb43-c8c4-4e31-8dde-00834c1d22cb
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.212; 193.32.248.212; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/240/ Frame 3696
80 KB
27 KB
Script
General
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.80.182 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-80-182.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 06 Dec 2023 20:20:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27680
Expires
Thu, 05 Dec 2024 20:20:37 GMT
c.gif
www.bing.com/aes/ Frame 3696
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=79895868-b1e4-4df1-8d75-c823fa6c2a65&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=eef552c1-0ed3-4e2f...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=af09e6b5732e40fca3bf4aa3ceecb3a4&SNR=1&GV=2&med=10
0
545 B
Image
General
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=af09e6b5732e40fca3bf4aa3ceecb3a4&SNR=1&GV=2&med=10
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
H2
Server
2a02:26f0:3500:1b::1724:a39f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 20:20:38 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 167FE28E2A4249D9B2FC6AE1FD5735E8 Ref B: FRAEDGE1409 Ref C: 2023-12-06T20:20:38Z
x-cdn-traceid
0.9fa12417.1701894038.47162b7
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Wed, 06 Dec 2023 20:20:38 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B03E846999844E6E95601A19E51CDE10 Ref B: DUS30EDGE0920 Ref C: 2023-12-06T20:20:38Z
x-cdn-traceid
0.9fa12417.1701894038.471616d
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=af09e6b5732e40fca3bf4aa3ceecb3a4&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
154
expires
0
th
www.bing.com/ Frame 3696
39 KB
39 KB
Image
General
Full URL
https://www.bing.com/th?id=OADD2.7215963591658_1K9DTJQHCYXPMOZ3CK&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=379&h=198&qlt=90
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:1b::1724:a39f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3903e30e4e29b5a1bad20db538aa5d27f7e82bf3e374cc398f68ed182bc3a420

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:20:38 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.9fa12417.1701894038.471616c
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
39665
alt-svc
h3=":443"; ma=93600
async_usersync.html
acdn.adnxs.com/dmp/ Frame 5EE4
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11179&pub_id=2238743
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.80.182 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-80-182.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.footem.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 06 Dec 2023 20:20:38 GMT
ETag
"623de86a-cf34"
Expires
Thu, 07 Dec 2023 20:20:40 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
X-Akamai-EW-Subworker
8096267
rd_log
fra1-ib.adnxs.com/ Frame 3696
0
533 B
Script
General
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.footem.site%2F&e=wqT_3QLmBPBMZgIAAAMA1gAFAQiUr8OrBhDOoI3Zv5KKyzoY_unV8fffxrR7KjYJAAAATOOl2z8RAAAAVf5D2j8ZAAAAgOtRCkAhAAAAVf5D2j8pAAAJJPD1MQAAACCF69E_MLaWug04q1dAtV5I4wNQuomKtgFYj6-jAWAAaOKaxwF419kFgAEBigEDVVNEkgEDU0VLmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQnYAQDgAQDwAQDYAgDgAsTIVeoCGGh0dHBzOi8vd3d3LmZvb3RlbS5zaXRlL4ADAIgDAZADAJgDFKADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBBQyYTAzOjFiMjA6YjpmMDExOjoxZagEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQA8AS6Ad3QiAUBmAUAoAXhmpiU-bHAtwGqBQ8xMzI3NzgyZTQxZmZiNDnABQDJBQAAAAAAAPA_0gUJCQAFDHgAANgFAeAFAfAFzpsB-gUECAAQAJAGAJgGALgGAMEGCSQs8D_QBsKNBNoGFgoQCRIZAQGdYOAGAfIGAggAgAcBiAcAoAcByAfX2QXSBw0VZQEmCNoHBgFe8GwYAOAHAOoHAggA8AebS4oIRwpDAAABjEDKGiA6liiT-yNQTkpccldUfKTviWbRVom1NvhbhPMOdDfq3BSJMWLCGUR6ADSn4LN6fZNg-FiuaayMd6GhCBABlQgAAIA_mAgBwAgA0ggGCAAQABgA&s=438fdfe5613e0e33103eb0ba1531c6d34a04284d&bdref=https%3A%2F%2Fwww.footem.site%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.footem.site%2F,https%3A%2F%2Fwww.footem.site%2F&
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 20:20:38 GMT
an-x-request-uuid
7f0c2fd1-4262-488d-977e-3ab13fbe8656
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.212; 193.32.248.212; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 3696
0
549 B
Ping
General
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.footem.site%2F&e=wqT_3QKeCPBMHgQAAAMA1gAFAQiUr8OrBhDOoI3Zv5KKyzoY_unV8fffxrR7KjYJAAAATOOl2z8RAAAAVf5D2j8ZAAAAgOtRCkAhAAAAVf5D2j8pAAAJJPCfMQAAACCF69E_MLaWug04q1dAtV5I4wNQuomKtgFYj6-jAWAAaOKaxwF419kFgAEBigEDVVNEkgEDU0VLmAHKB6AB-gGoAQGwAQC4AQHAAQXIAQLQAQnYAQDgAQDwAQDYAgDgAsTIVeoCGGh0dHBzOi8vd3d3LmZvb3RlbS5zaXRlL4ADAIgDAZADAJgDFKADAaoDrwMKxQJodHRwczovLwEu8IZiaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1lZWY1NTJjMS0wZWQzLTRlMmYtYjllMS0zZThlMjVkYmI1Y2QmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTMJXFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4AZY5xALhydHlwZT1udXJsJnRhZ0lkPTI4MjE2MTE4JnRyYWZmaWNHcm91cD1rbmFxZV8zYxEWCFN1YgkZFHp6ZiUzQREf9EgBX3N5dnR1Z3JxX2EycSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzQyMjE2MDYzMTY3NDUxMTc3NzQiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnpJeU1qUTFNakE1TmpBek56QWpNak15TkRBeU16azROREV3T1RVMk9BPT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQUMmEwMzoxYjIwOmI6ZjAxMTo6MWWoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAPAEuomKtgGIBQGYBQCgBeGamJT5scC3AaoFDzEzMjc3ODJlNDFmZmI0OcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBc6bAfoFBAgAEACQBgCYBgC4BgDBBgAAAAABMSTQBsKNBNoGFgoQDTYVAQGdZOAGAfIGAggAgAcBiAcAoAcByAfX2QXSBw0JEScBJgzaBwYIBQnwcuAHAOoHAggA8AebS4oIRwpDAAABjEDKGiA6liiT-yNQTkpccldUfKTviWbRVom1NvhbhPMOdDfq3BSJMWLCGUR6ADSn4LN6fZNg-FiuaayMd6GhCBABlQgAAIA_mAgBwAgA0ggOCIGChIiQoMCAARAAGAA.&s=29a5e21d0acd3c446217cfa3c939d3d6f78ee4a7&type=nv&nvt=5&jm=1003&px=315&py=98&bw=478&bh=250&sid=5396984631589268736&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=28216118&sw=1600&sh=1200&pw=1600&ph=2442&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 20:20:38 GMT
an-x-request-uuid
84641646-5109-4a75-9531-c47bddc3ddac
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.footem.site
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.212; 193.32.248.212; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 50EA
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.footem.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3243
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 06 Dec 2023 19:26:35 GMT
expires
Thu, 05 Dec 2024 19:26:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F04F
829 B
945 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b82dcbd69f814c8ef68ea4aae948779ae3bc124ed3a51f3d461b25d7e881edf6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Qr1eTS3zaEzAPPN-NcwlZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.footem.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Qr1eTS3zaEzAPPN-NcwlZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 06 Dec 2023 20:20:38 GMT
expires
Wed, 06 Dec 2023 20:20:38 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bounce
ib.adnxs.com/ Frame 5EE4
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11179&pub_id=2238743&gdpr=0
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels%26seller_id%3D11179%26pub_id%3D2238743%26gdpr%3D0
0
647 B
Script
General
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels%26seller_id%3D11179%26pub_id%3D2238743%26gdpr%3D0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11179&pub_id=2238743
Protocol
H2
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 20:20:38 GMT
an-x-request-uuid
ef59ad9e-4ed0-4770-b47c-6b6fe3b71e65
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.212; 193.32.248.212; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 06 Dec 2023 20:20:38 GMT
an-x-request-uuid
d353dd38-94ff-439b-acc4-c42858e7cd29
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels%26seller_id%3D11179%26pub_id%3D2238743%26gdpr%3D0
cache-control
no-store, no-cache, private
x-proxy-origin
193.32.248.212; 193.32.248.212; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F04F
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311300101&jk=1142390636813213&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 50EA
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 10:36:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
35077
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Dec 2024 10:36:01 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3696
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuc9Im4igDDC2URSxx7tS2_U8glJSVAQaSPrxxLmIK4UBEKHcp0O4jcfNKBXGanVgWdkN7-Jd86TLwNWW_U6QDolvnfdfOowm60YC09CE7sF59u7YIPe127o1SKjWWwIGXXXZaE6MIOhfgmyJ9N-vojbk6ENWpS3KtpdIJ5YumrkNhf7KShLBbW--GJpFOHYlBF1Y_FYhu16Yhra_p_DTIamUZLocFamWTiy0U6ZQPNhA9RA-ha293Wv2__D-bGUPy56FLTm14XE9gpKUqszm8XhUjrGKGrEkE81or8NmPV3bGB_nprWth1Blp9qX2VloAheFBL7N04xy8pJK7u9Bqb1T5KGeJipcYfXz9fGimW&sai=AMfl-YTBziMjuI1pbPH_HK29uONKok6jmyW92yGxLMnuJ91zgqVL73reGQyJEMIJh6w9OV-kkug9dw-_8E_WKUjHLbduY9oW9x53Z4Kwszn-UqkNPUdrDjZ8ZPT5bfhGXRiPHyFGbpg4MCr8UbH7SH6p0bEUgF5VDSk0Rb9esg&sig=Cg0ArKJSzIYY7MCegFo9EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:20:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 06 Dec 2023 20:20:38 GMT
truncated
/ Frame 3696
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c9beb824465464ef88906b6f8a67d13f8ccca388e30a7c219be65a12dc7cd64

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
generate_204
tpc.googlesyndication.com/ Frame 50EA
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?9sYErw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:20:38 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ads
securepubads.g.doubleclick.net/gampad/
29 KB
12 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1142390636813213&correlator=3797317010675011&eid=31078987%2C31079234%2C31079946%2C31079525%2C31079575&output=ldjh&gdfp_req=1&vrg=202311300101&ptt=17&impl=fifs&iu_parts=21756427176%2CDefault2%2CDefault11&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%7C980x300%7C970x250%7C980x120%7C970x90%7C980x250%7C980x150%7C980x240%7C970x120%2C728x90%7C980x300%7C970x250%7C980x120%7C970x90%7C980x250%7C980x150%7C980x240%7C970x120&ifi=3&sfv=1-0-40&rcs=1%2C1&eri=1&sc=1&cookie=ID%3D6d48829676ccbf32%3AT%3D1701894037%3ART%3D1701894037%3AS%3DALNI_MamEoSP48jcjr7rLRCpzfbRBuBRfQ&gpic=UID%3D00000d0c926dcea1%3AT%3D1701894037%3ART%3D1701894037%3AS%3DALNI_Mb9IJPmzYQs97sEXMHed9IMBTZBMQ&abxe=1&dt=1701894038521&lmt=1701854105&adxs=315%2C315&adys=98%2C1611&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C2&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.footem.site%2F&vis=1&psz=970x250%7C970x0&msz=970x250%7C728x0&fws=4%2C132&ohw=1600%2C1600&ga_vid=1029087753.1701894037&ga_sid=1701894037&ga_hid=2090017999&ga_fc=true&a3p=EjsKCnB1YmNpZC5vcmcSJDM5ZDU4MzA4LTZiMGQtNDkwZS05MzFjLTdiNjg4MDVmNTk1OBiAvqiGxDFIAA..&dlt=1701894035971&idt=1173&prev_scp=hb_format_holid%3Dbanner%26hb_size_holid%3D970x250%26hb_pb_holid%3D4.20%26hb_adid_holid%3D161f38a8605b9b4%26hb_bidder_holid%3Dholid%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D4.20%26hb_adid%3D161f38a8605b9b4%26hb_bidder%3Dholid%7C&adks=3152758767%2C3448955163&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7abe1967de5628b96bc9df106f355be05f00bd96f7efdc910594db25d33fda9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:20:38 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12376
x-xss-protection
0
google-lineitem-id
6196654275,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138419879221,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.footem.site
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311300101&jk=1142390636813213&bg=!VFelVxjNAAY3kmNgF5I7ADQBe5WfOJlHVxXKDYpO-lT_d3b8zgC0ujP2gFLUrcGeq5R5iSE6AVZr9q2QbxqOcP1SceN-AgAAAD5SAAAAAWgBB5kCzmysLng_03UzznEh9bKxAKbedxB4RU7xUEom6r1f5CRI06bg41pySHaNRN6TYOTeMdi0sHP_leeB64RT3VLcivRIDC3EVpgBWPOODZyKecE4jJE6SkxEr0y9bf5T0pmFXl20kzHrJfCt_0GaU3y54IcUxrg-rcsqQT6EBYkNjeP3690R74_JwvSs5OwU30ReZ0dDCRN9D6h3S_fPDVDjP6IRgVY5VkFDkKRxGXgnxgKbY-FbjVNRCzQtWJ1pZeQt_WOnMOpFxRRs2t_917NUQCoECZM4opqB_Ss7_DV7-XqnInL-qqFrUAfTNjiwB0m0KQDAYw0r3l89FjelYoIeLLcgrH6uhqc4mDcZpb4k2zxzNa05nwvW7N8UYhKJ7hWyQzLYybrbLQGx9EZFfzeU4_4-MA_caAGvqm9xtMTxg7ziBc70XIDaDPP-TlwEagfrHzmirHyFA3vgQIfofKLczmOB9nbF0fbLGt88b61jFieu6qJ2AYpxSe0JFEgKNPdU42Pz68w-u4484b9M5HRhk4HO7h1PsMpnST6jeqgjIdD9fT2YQYbjX7RP4dZQGEWaFqCVkXSLzO5VTvjBYe4ZVOkKJsmzp_b2iUxDAGEbAfiyVN-_srhR42vN66TTJLyzLQNdfElzDXsWJNvphY3CSv7VYPNO6DKDFNSDxH9N8dHcnRs4dbzGiVvUGMTuaDxn6Fw0er24j5NRm8Pak1vMl4qcUcxderAhiyYhcY__lCvO14GxunXyNIM0xvO8N5-RkIeYEO00jBjCgFMZhh4PTQEOwYVzU7K7AWFAQF3EJUg2T_QqNUZUHInKVJ2R4lRCOkXl6ddPsaGkI8lCJ2IOnAfGbGq3lhK2gb2GBWTCMBfLdq_yC7_HrehXZPUClSH6TJowFzUBf9w9qtoScZsx2ygO2INFdCnrTrNsBnmo8y9ILI-5LsY9pMZte3EUyX0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

tracking
www.bing.com/api/v1/mediation/ Frame 3696
0
0

vevent
fra1-ib.adnxs.com/ Frame 3696
0
0

activeview
pagead2.googlesyndication.com/pcs/ Frame 3696
0
0

view
securepubads.g.doubleclick.net/pcs/ Frame 6F78
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8nC7tSl-3ctFRvb3vFTe6qBbRK52hIHu5Tiy0ptmqnxprCAMAduduT4YJMU_0ESvvSCPkkstennbwjFFbFJyYgyRyrxf-F1EwRLRLl4LdBow-QlyWQo2dF-m76vp4raXTE8lKunDJ861CwTVkBAgysLqgVRtsRQ9FejETEcgWBQ6w80Tg0ggyLpi1utMgVZaIE3BIlLWy5c9in2zIS-RJP6tZh860ZwUIWViAvcZFPgd1MBGhfQn6oN2CBWxBMuigSBI-Vi0bxQPPxxrT_TZ1Vr3xmKKbfeCO5THTq_jDRRPZbHZ2-tei0xJ-KkKbolrj-V6vPm4cqTE3t49k20i2TkbBZGw9CR0p-xExmA&sai=AMfl-YRVgPrbJjwPkYQs6kil4XTmH_CHJ_FauWz03IZYG1J0Jsbpd11TfNNGwGdm4MK0rABZ6NPtoY0TkIsXATFsbrTsnZ3N4fwaWr7DYgTxe-aGXILvKAdb7L1q2fI0RDzlz20ES6VpjHsF&sig=Cg0ArKJSzLRIL3dNOGKnEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:20:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 6F78
26 KB
10 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:20:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3546
x-jsd-version
1.16.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220028-FRA, cache-vie6337-VIE
x-jsd-version-type
version
server
cloudflare
etag
W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4wuEolqDJHSidM0FwloCDY7dS6dNYMfC9jVokmnVAKva6J%2Be%2F14vWnxJ9%2FQlNtfeGXjap6NJhleM%2FcTlwvSYzEC4GAInD%2Bc2q0iXkyb2HOFHGb6vOiq6%2Fr3Sd0IlTif5JpP%2BsIO44XnXXqc2px8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
83173b103ed9357b-WAW
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6F78
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:20:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65147
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701694399686299"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Dec 2023 20:20:39 GMT
sdk.js
adsdk.microsoft.com/native-to-display/ Frame 6F78
95 KB
38 KB
Script
General
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c4286b5a1606b8f76c136f69043974148e12d6e80d3a1f1178a54c6ab67b7b07

Request headers

Referer
https://www.footem.site/
Origin
https://www.footem.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 06 Dec 2023 20:20:39 GMT
content-encoding
br
last-modified
Mon, 04 Dec 2023 20:39:18 GMT
vary
Accept-Encoding
x-azure-ref
20231206T202039Z-2b5pnx82vh1afb7u9pg9yte8nn00000006kg00000000r3hb
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
81af1b7f-201e-0021-38f2-26d08f000000
cache-control
private, max-age=3600
x-cache
TCP_HIT
x-ms-version
2009-09-19
it
fra1-ib.adnxs.com/ Frame 6F78
0
648 B
Image
General
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.footem.site%2F&e=wqT_3QKeCPBMHgQAAAMA1gAFAQiUr8OrBhDOoI3Zv5KKyzoY_unV8fffxrR7KjYJAAAATOOl2z8RAAAAVf5D2j8ZAAAAgOtRCkAhAAAAVf5D2j8pAAAJJPCfMQAAACCF69E_MLaWug04q1dAtV5I4wNQuomKtgFYj6-jAWAAaOKaxwF419kFgAEBigEDVVNEkgEDU0VLmAHKB6AB-gGoAQGwAQC4AQHAAQXIAQLQAQnYAQDgAQDwAQDYAgDgAsTIVeoCGGh0dHBzOi8vd3d3LmZvb3RlbS5zaXRlL4ADAIgDAZADAJgDFKADAaoDrwMKxQJodHRwczovLwEu8IZiaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1lZWY1NTJjMS0wZWQzLTRlMmYtYjllMS0zZThlMjVkYmI1Y2QmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTMJXFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4AZY5xALhydHlwZT1udXJsJnRhZ0lkPTI4MjE2MTE4JnRyYWZmaWNHcm91cD1rbmFxZV8zYxEWCFN1YgkZFHp6ZiUzQREf9EgBX3N5dnR1Z3JxX2EycSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzQyMjE2MDYzMTY3NDUxMTc3NzQiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnpJeU1qUTFNakE1TmpBek56QWpNak15TkRBeU16azROREV3T1RVMk9BPT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQUMmEwMzoxYjIwOmI6ZjAxMTo6MWWoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAPAEuomKtgGIBQGYBQCgBeGamJT5scC3AaoFDzEzMjc3ODJlNDFmZmI0OcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBc6bAfoFBAgAEACQBgCYBgC4BgDBBgAAAAABMSTQBsKNBNoGFgoQDTYVAQGdZOAGAfIGAggAgAcBiAcAoAcByAfX2QXSBw0JEScBJgzaBwYIBQnwcuAHAOoHAggA8AebS4oIRwpDAAABjEDKGiA6liiT-yNQTkpccldUfKTviWbRVom1NvhbhPMOdDfq3BSJMWLCGUR6ADSn4LN6fZNg-FiuaayMd6GhCBABlQgAAIA_mAgBwAgA0ggOCIGChIiQoMCAARAAGAA.&s=29a5e21d0acd3c446217cfa3c939d3d6f78ee4a7&pp=0.4104
Requested by
Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 20:20:39 GMT
an-x-request-uuid
a709b87c-a9a3-447d-ab4a-16315c89e267
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.212; 193.32.248.212; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/240/ Frame 6F78
80 KB
27 KB
Script
General
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.80.182 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-80-182.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 06 Dec 2023 20:20:39 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27680
Expires
Thu, 05 Dec 2024 20:20:39 GMT
c.gif
www.bing.com/aes/ Frame 6F78
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=79895868-b1e4-4df1-8d75-c823fa6c2a65&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=eef552c1-0ed3-4e2f...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=af09e6b5732e40fca3bf4aa3ceecb3a4&SNR=1&GV=2&med=10
0
18 B
Image
General
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=af09e6b5732e40fca3bf4aa3ceecb3a4&SNR=1&GV=2&med=10
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
H3
Server
2a02:26f0:3500:1b::1724:a39f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 20:20:39 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 19F4181BC0044809A4533379ACA70628 Ref B: FRA31EDGE0506 Ref C: 2023-12-06T20:20:39Z
x-cdn-traceid
0.9fa12417.1701894039.4716e0a
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0
quic-version
0x00000001

Redirect headers

expires
0
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Wed, 06 Dec 2023 20:20:39 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 25FDEF4FCDFE4D6994BC8CD4D2F3FDD5 Ref B: FRAEDGE1109 Ref C: 2023-12-06T20:20:39Z
x-cdn-traceid
0.9fa12417.1701894039.4716d3b
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=af09e6b5732e40fca3bf4aa3ceecb3a4&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
154
quic-version
0x00000001
th
www.bing.com/ Frame 6F78
39 KB
39 KB
Image
General
Full URL
https://www.bing.com/th?id=OADD2.7215963591658_1K9DTJQHCYXPMOZ3CK&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=379&h=198&qlt=90
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:3500:1b::1724:a39f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3903e30e4e29b5a1bad20db538aa5d27f7e82bf3e374cc398f68ed182bc3a420

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:20:39 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.9fa12417.1701894039.4716d3c
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
39665
alt-svc
h3=":443"; ma=93600
quic-version
0x00000001
async_usersync.html
acdn.adnxs.com/dmp/ Frame A560
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11179&pub_id=2238743
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.80.182 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-80-182.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.footem.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 06 Dec 2023 20:20:39 GMT
ETag
"623de86a-cf34"
Expires
Thu, 07 Dec 2023 20:20:41 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
X-Akamai-EW-Subworker
8096267
rd_log
fra1-ib.adnxs.com/ Frame 6F78
0
648 B
Script
General
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.footem.site%2F&e=wqT_3QLmBPBMZgIAAAMA1gAFAQiUr8OrBhDOoI3Zv5KKyzoY_unV8fffxrR7KjYJAAAATOOl2z8RAAAAVf5D2j8ZAAAAgOtRCkAhAAAAVf5D2j8pAAAJJPD1MQAAACCF69E_MLaWug04q1dAtV5I4wNQuomKtgFYj6-jAWAAaOKaxwF419kFgAEBigEDVVNEkgEDU0VLmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQnYAQDgAQDwAQDYAgDgAsTIVeoCGGh0dHBzOi8vd3d3LmZvb3RlbS5zaXRlL4ADAIgDAZADAJgDFKADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBBQyYTAzOjFiMjA6YjpmMDExOjoxZagEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQA8AS6Ad3QiAUBmAUAoAXhmpiU-bHAtwGqBQ8xMzI3NzgyZTQxZmZiNDnABQDJBQAAAAAAAPA_0gUJCQAFDHgAANgFAeAFAfAFzpsB-gUECAAQAJAGAJgGALgGAMEGCSQs8D_QBsKNBNoGFgoQCRIZAQGdYOAGAfIGAggAgAcBiAcAoAcByAfX2QXSBw0VZQEmCNoHBgFe8GwYAOAHAOoHAggA8AebS4oIRwpDAAABjEDKGiA6liiT-yNQTkpccldUfKTviWbRVom1NvhbhPMOdDfq3BSJMWLCGUR6ADSn4LN6fZNg-FiuaayMd6GhCBABlQgAAIA_mAgBwAgA0ggGCAAQABgA&s=438fdfe5613e0e33103eb0ba1531c6d34a04284d&bdref=https%3A%2F%2Fwww.footem.site%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.footem.site%2F,https%3A%2F%2Fwww.footem.site%2F&
Requested by
Host: www.footem.site
URL: https://www.footem.site/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 20:20:39 GMT
an-x-request-uuid
555f86ad-07b1-4a23-ad42-ed1eea440148
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.212; 193.32.248.212; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 6F78
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e141c4510eb15b88c7385ca11033c3894f64af128ce03e19f09fe73048ccbbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
vevent
fra1-ib.adnxs.com/ Frame 6F78
0
664 B
Ping
General
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.footem.site%2F&e=wqT_3QKeCPBMHgQAAAMA1gAFAQiUr8OrBhDOoI3Zv5KKyzoY_unV8fffxrR7KjYJAAAATOOl2z8RAAAAVf5D2j8ZAAAAgOtRCkAhAAAAVf5D2j8pAAAJJPCfMQAAACCF69E_MLaWug04q1dAtV5I4wNQuomKtgFYj6-jAWAAaOKaxwF419kFgAEBigEDVVNEkgEDU0VLmAHKB6AB-gGoAQGwAQC4AQHAAQXIAQLQAQnYAQDgAQDwAQDYAgDgAsTIVeoCGGh0dHBzOi8vd3d3LmZvb3RlbS5zaXRlL4ADAIgDAZADAJgDFKADAaoDrwMKxQJodHRwczovLwEu8IZiaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1lZWY1NTJjMS0wZWQzLTRlMmYtYjllMS0zZThlMjVkYmI1Y2QmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTMJXFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4AZY5xALhydHlwZT1udXJsJnRhZ0lkPTI4MjE2MTE4JnRyYWZmaWNHcm91cD1rbmFxZV8zYxEWCFN1YgkZFHp6ZiUzQREf9EgBX3N5dnR1Z3JxX2EycSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzQyMjE2MDYzMTY3NDUxMTc3NzQiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnpJeU1qUTFNakE1TmpBek56QWpNak15TkRBeU16azROREV3T1RVMk9BPT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQUMmEwMzoxYjIwOmI6ZjAxMTo6MWWoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAPAEuomKtgGIBQGYBQCgBeGamJT5scC3AaoFDzEzMjc3ODJlNDFmZmI0OcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBc6bAfoFBAgAEACQBgCYBgC4BgDBBgAAAAABMSTQBsKNBNoGFgoQDTYVAQGdZOAGAfIGAggAgAcBiAcAoAcByAfX2QXSBw0JEScBJgzaBwYIBQnwcuAHAOoHAggA8AebS4oIRwpDAAABjEDKGiA6liiT-yNQTkpccldUfKTviWbRVom1NvhbhPMOdDfq3BSJMWLCGUR6ADSn4LN6fZNg-FiuaayMd6GhCBABlQgAAIA_mAgBwAgA0ggOCIGChIiQoMCAARAAGAA.&s=29a5e21d0acd3c446217cfa3c939d3d6f78ee4a7&type=nv&nvt=5&jm=1003&px=315&py=98&bw=478&bh=250&sid=5396984631589268736&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=28216118&sw=1600&sh=1200&pw=1600&ph=2442&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 20:20:39 GMT
an-x-request-uuid
dd359788-45f4-4b5e-96fc-44eee3a817e8
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.footem.site
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.212; 193.32.248.212; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame A560
0
596 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11179&pub_id=2238743&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11179&pub_id=2238743
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 20:20:39 GMT
an-x-request-uuid
5bc1d4f1-13f8-488b-bec8-2ab1e0c887d0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
193.32.248.212; 193.32.248.212; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6F78
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDVb90W6AMWx3MnvsYtJBb-m7b4Z7Zx1MiF0aD_2flWWn9OKy1YfFicdfRYtA26-LahB0bQR1UfPoXjrfYWmyvjtVWxGnbbszjyXBPePjrPO-mpXmvvTaAynq3QhzKPOSiMGmElmcDbjZBgdhBNGiT95llOTmHVe4whFqhpmZukP6LqXm1WuYC2-2er403PReeMMge_q77vK4piuVPr-b61PaoKUUOlAnDiCxerylxLDMxoTmSaoCCsAUM89suaglOLnAEVN3QtTMDDzSFBYcukLXDGKytCHtJsbfLZ-U4aQyHcNb1sKDNU5yaBNWbDpxct9V3WdHqP4824b7BmyhhC_zyKhL9jYmfxDzBlvma&sai=AMfl-YTKsux5D46q1pxhxYLAQUW9Nyux8X3pvGMpcAW7pegbDg908RvewVG-Vn2yEsTElBJnHcoQhnxPFvxvmMSR-6Y39YYOfsZCJ9LRVwo0HJU1jKnAtDieZLKXZwsdXxVJE1YfIJ21a64Q&sig=Cg0ArKJSzEoUFUKo-ZCOEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:20:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 06 Dec 2023 20:20:39 GMT
usync.html
eus.rubiconproject.com/ Frame F809
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.125.233 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-125-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.footem.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 06 Dec 2023 20:20:40 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame A621
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.80.182 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-80-182.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.footem.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 06 Dec 2023 20:20:40 GMT
ETag
"623de86a-cf34"
Expires
Thu, 07 Dec 2023 20:20:42 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
X-Akamai-EW-Subworker
8096267
async_usersync
ib.adnxs.com/ Frame A621
0
596 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 20:20:40 GMT
an-x-request-uuid
620bb225-ec1c-471d-8156-47d155f3632f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
193.32.248.212; 193.32.248.212; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame F809
46 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.125.233 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-125-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ba53c1dbf53755d9f05c72f6864e4d08c09d00e346969f2407eaf6150a4fdbd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 06 Dec 2023 20:20:40 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Dec 2023 12:56:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=59766
Connection
keep-alive
Content-Length
13236
Expires
Thu, 07 Dec 2023 12:56:46 GMT
khaos.json
token.rubiconproject.com/ Frame F809
7 B
380 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
0c26bf0e0878be6b26493f33577d6373
Expires
0
c.gif
www.bing.com/aes/ Frame 6F78
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=79895868-b1e4-4df1-8d75-c823fa6c2a65&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=eef552c1-0ed3-4e2f...
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=af09e6b5732e40fca3bf4aa3ceecb3a4&tids=15000&med=10
0
18 B
Image
General
Full URL
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=af09e6b5732e40fca3bf4aa3ceecb3a4&tids=15000&med=10
Protocol
H3
Server
2a02:26f0:3500:1b::1724:a39f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 20:20:40 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3BCE3D63586244189170CEB896B20B51 Ref B: FRAEDGE1917 Ref C: 2023-12-06T20:20:40Z
x-cdn-traceid
0.9fa12417.1701894040.4717989
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0
quic-version
0x00000001

Redirect headers

expires
0
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Wed, 06 Dec 2023 20:20:40 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C7A9D19419FC4A0EB4C126E692DB8CDF Ref B: FRAEDGE1406 Ref C: 2023-12-06T20:20:40Z
x-cdn-traceid
0.9fa12417.1701894040.47178c2
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=af09e6b5732e40fca3bf4aa3ceecb3a4&tids=15000&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
146
quic-version
0x00000001
vevent
fra1-ib.adnxs.com/ Frame 6F78
0
664 B
Ping
General
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.footem.site%2F&e=wqT_3QKeCPBMHgQAAAMA1gAFAQiUr8OrBhDOoI3Zv5KKyzoY_unV8fffxrR7KjYJAAAATOOl2z8RAAAAVf5D2j8ZAAAAgOtRCkAhAAAAVf5D2j8pAAAJJPCfMQAAACCF69E_MLaWug04q1dAtV5I4wNQuomKtgFYj6-jAWAAaOKaxwF419kFgAEBigEDVVNEkgEDU0VLmAHKB6AB-gGoAQGwAQC4AQHAAQXIAQLQAQnYAQDgAQDwAQDYAgDgAsTIVeoCGGh0dHBzOi8vd3d3LmZvb3RlbS5zaXRlL4ADAIgDAZADAJgDFKADAaoDrwMKxQJodHRwczovLwEu8IZiaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1lZWY1NTJjMS0wZWQzLTRlMmYtYjllMS0zZThlMjVkYmI1Y2QmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTMJXFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4AZY5xALhydHlwZT1udXJsJnRhZ0lkPTI4MjE2MTE4JnRyYWZmaWNHcm91cD1rbmFxZV8zYxEWCFN1YgkZFHp6ZiUzQREf9EgBX3N5dnR1Z3JxX2EycSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzQyMjE2MDYzMTY3NDUxMTc3NzQiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnpJeU1qUTFNakE1TmpBek56QWpNak15TkRBeU16azROREV3T1RVMk9BPT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQUMmEwMzoxYjIwOmI6ZjAxMTo6MWWoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAPAEuomKtgGIBQGYBQCgBeGamJT5scC3AaoFDzEzMjc3ODJlNDFmZmI0OcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBc6bAfoFBAgAEACQBgCYBgC4BgDBBgAAAAABMSTQBsKNBNoGFgoQDTYVAQGdZOAGAfIGAggAgAcBiAcAoAcByAfX2QXSBw0JEScBJgzaBwYIBQnwcuAHAOoHAggA8AebS4oIRwpDAAABjEDKGiA6liiT-yNQTkpccldUfKTviWbRVom1NvhbhPMOdDfq3BSJMWLCGUR6ADSn4LN6fZNg-FiuaayMd6GhCBABlQgAAIA_mAgBwAgA0ggOCIGChIiQoMCAARAAGAA.&s=29a5e21d0acd3c446217cfa3c939d3d6f78ee4a7&type=pv&jm=1003&px=315&py=98&bw=478&bh=250&sf=1&sid=5396984631589268736&vd=ct~0|rr~5&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=28216118&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 20:20:40 GMT
an-x-request-uuid
e099d69e-a5ff-406e-b5d7-5e048eae9288
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.footem.site
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.212; 193.32.248.212; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame A560
0
596 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11179&pub_id=2238743&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11179&pub_id=2238743
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 20:20:40 GMT
an-x-request-uuid
26c475cf-fc54-43f1-be28-498646aea878
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
193.32.248.212; 193.32.248.212; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6F78
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNnBdGCXoStRCwnTS7BG7ZO2TqV3P3eKSZA-6lxM2YOgY79DMd2hPXfAu_wMQxGMmhnoRH514VJk122R6fotjQwgwEOHvl36PFWD1en6uQ0r3wNB-C7q_WNXD_f4IKc0lwek_6mC0uLw&sai=AMfl-YSkhLwgnPJvECKavZ1dOWsPvdZgeVV_hlQM098G1xVRCjvG9Ig&sig=Cg0ArKJSzAsoweUBCxdkEAE&id=lidar2&mcvt=1000&p=98,315,348,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231204&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3152758767&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701894039052&rpt=185&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.footem.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 20:20:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame A621
0
596 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 20:20:41 GMT
an-x-request-uuid
b47e0b81-f20d-48d3-9372-db9a77c6af89
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
193.32.248.212; 193.32.248.212; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.bing.com
URL
https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=79895868-b1e4-4df1-8d75-c823fa6c2a65&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=eef552c1-0ed3-4e2f-b9e1-3e8e25dbb5cd&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3Daf09e6b5732e40fca3bf4aa3ceecb3a4%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=28216118&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_syvtugrq_a2q&aid=4221606316745117774
Domain
fra1-ib.adnxs.com
URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.footem.site%2F&e=wqT_3QKeCPBMHgQAAAMA1gAFAQiUr8OrBhDOoI3Zv5KKyzoY_unV8fffxrR7KjYJAAAATOOl2z8RAAAAVf5D2j8ZAAAAgOtRCkAhAAAAVf5D2j8pAAAJJPCfMQAAACCF69E_MLaWug04q1dAtV5I4wNQuomKtgFYj6-jAWAAaOKaxwF419kFgAEBigEDVVNEkgEDU0VLmAHKB6AB-gGoAQGwAQC4AQHAAQXIAQLQAQnYAQDgAQDwAQDYAgDgAsTIVeoCGGh0dHBzOi8vd3d3LmZvb3RlbS5zaXRlL4ADAIgDAZADAJgDFKADAaoDrwMKxQJodHRwczovLwEu8IZiaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1lZWY1NTJjMS0wZWQzLTRlMmYtYjllMS0zZThlMjVkYmI1Y2QmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTMJXFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4AZY5xALhydHlwZT1udXJsJnRhZ0lkPTI4MjE2MTE4JnRyYWZmaWNHcm91cD1rbmFxZV8zYxEWCFN1YgkZFHp6ZiUzQREf9EgBX3N5dnR1Z3JxX2EycSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzQyMjE2MDYzMTY3NDUxMTc3NzQiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnpJeU1qUTFNakE1TmpBek56QWpNak15TkRBeU16azROREV3T1RVMk9BPT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQUMmEwMzoxYjIwOmI6ZjAxMTo6MWWoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAPAEuomKtgGIBQGYBQCgBeGamJT5scC3AaoFDzEzMjc3ODJlNDFmZmI0OcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBc6bAfoFBAgAEACQBgCYBgC4BgDBBgAAAAABMSTQBsKNBNoGFgoQDTYVAQGdZOAGAfIGAggAgAcBiAcAoAcByAfX2QXSBw0JEScBJgzaBwYIBQnwcuAHAOoHAggA8AebS4oIRwpDAAABjEDKGiA6liiT-yNQTkpccldUfKTviWbRVom1NvhbhPMOdDfq3BSJMWLCGUR6ADSn4LN6fZNg-FiuaayMd6GhCBABlQgAAIA_mAgBwAgA0ggOCIGChIiQoMCAARAAGAA.&s=29a5e21d0acd3c446217cfa3c939d3d6f78ee4a7&type=nv&nvt=15&jm=1003&px=315&py=98&bw=478&bh=250&sf=1&sid=5396984631589268736&vd=ct~0|rr~319|dm~90&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=28216118&pd=1&d=0.99&id=0&ic=0&d0=1&d25=1&d50=1&d75=1&d100=1&ft=2
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuJOmgLxa2kDSMo75vr8XhdLs8S7H6pZhOVnPbLkhk4yyvZglDSq1qhplv4PX003FxJlxvnE6s63INsiCCYwzYgX61pkc2ugDraOcfztWIL1X9JbOur-34hVw4n-IvfkJ_Gp6iU7Qve0g&sai=AMfl-YR8My01JKFOhanvecU9E4AEZ07F3d-jMCZRUAb-Gip_OOpvoYA&sig=Cg0ArKJSzL3rG92Gy6e_EAE&id=lidartos&mcvt=807&p=98,315,348,1285&mtos=807,807,807,807,807&tos=807,0,0,0,0&v=20231204&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3152758767&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1701894037776&rpt=452&isd=0&lsd=0&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Verdicts & Comments Add Verdict or Comment

166 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| documentPictureInPicture string| noThumbnail object| monthNames string| dateFormat boolean| fixedMenu boolean| fixedSidebar string| fbCommentsTheme boolean| darkMode boolean| userDarkMode function| gtag object| dataLayer object| adsbygoogle object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| exportify function| $ function| jQuery function| Cookies function| shortCodeIfy function| msgError function| beforeLoader function| getFeedUrl function| getPostLink function| getPostTitle function| MM function| getPostTag function| getPostDate function| getPostMeta function| getPostImage function| getPostImageType function| getAjax function| disqusComments function| beautiAvatar undefined| getFirstImage undefined| getPostComments undefined| ajaxMega undefined| ajaxTrending undefined| ajaxWidget undefined| ajaxRelated function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ string| holid_version number| PREBID_TIMEOUT number| holidSiteId object| adUnits_holid object| bannerWidescreen object| bannerCube object| bannerTower object| bannerMobile object| bannerTablet object| bannerCustom object| bannerNative string| type undefined| len object| adUnits_holid_org object| holid_div_ids object| adUnits_inUse object| bannerOverride undefined| refresh_interval number| refresh_num number| holid_refresh_max boolean| refresh_height undefined| interval number| interval_check_time_in_view undefined| interval_init object| slots number| holid_interval_find_empty_divs number| holid_interval_timer number| holid_interval_timer_reuse number| holid_time_minimum_time_in_view number| holid_time_extra_for_refreshed_banners number| holid_time_check number| holid_time_minimum_before_refresh number| holid_interval_counter number| holid_time_max_before_refreshed_banners_in_view object| div_ads object| acceptedFormats number| windowWidth function| isVisible function| isElementInViewport function| addElement function| holid_find_empty_divs object| pbjs object| customConfigObject object| googletag function| destroy_slots function| getParentClassName function| return_found_adUnits function| sendAdserverRequest function| holid_check_time_in_view function| holid_show_ads function| holid_check_for_new_ad_divs function| holid_refresh_current_ads function| holid_init function| waitForStart boolean| acceptedFormat function| moment object| cookieChoices number| timer_givenDate32 number| timer_givenDate99 number| timer_givenDate31 object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| pbjsChunk object| _pbjsGlobals string| GoogleAnalyticsObject function| ga object| recaptcha object| ggeac object| google_js_reporting_queue object| gaplugins object| gaData undefined| google_measure_js_timing object| slot number| google_unique_id object| GoogleGcLKhOms number| lnt_z object| google_image_requests number| index

12 Cookies

Domain/Path Name / Value
.footem.site/ Name: _ga_5CJ36TGWSE
Value: GS1.1.1701894036.1.0.1701894036.0.0.0
www.footem.site/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.rubiconproject.com/ Name: khaos
Value: LPU7RN9M-K-HSXR
.rubiconproject.com/ Name: audit
Value: 1|yQuirGeEF6CM1d8S00ygfAmOsfVVM1TCDevM3UyPj6hcRpQe2lzShnWuG0Y5IK8A0NzdagfBJYamxlq7HjZXGsxuhZpbWKLtZ+b0k0jZ7MO+xUA9sgf/4eNEKcfJxgEB
.footem.site/ Name: _ga
Value: GA1.2.1029087753.1701894037
.footem.site/ Name: _gid
Value: GA1.2.955293613.1701894037
.footem.site/ Name: _gat_gtag_UA_188931075_1
Value: 1
.footem.site/ Name: __gads
Value: ID=6d48829676ccbf32:T=1701894037:RT=1701894037:S=ALNI_MamEoSP48jcjr7rLRCpzfbRBuBRfQ
.footem.site/ Name: __gpi
Value: UID=00000d0c926dcea1:T=1701894037:RT=1701894037:S=ALNI_Mb9IJPmzYQs97sEXMHed9IMBTZBMQ
.doubleclick.net/ Name: IDE
Value: AHWqTUnuX--f1ntwa6dszPwQOKcsmF0_rGBxp_bmUwIba-TPg9SSaYlNyZ_gZ_x9M4I
.bing.com/ Name: MUID
Value: 070BECF7BE3469BF0271FF28BF9E6893
.adnxs.com/ Name: uuid2
Value: 7414157351760624962

3 Console Messages

Source Level URL
Text
network error URL: https://rawcdn.githack.com/insnesia/INSSA/e779e059a072e368d201c5f602c9f0543549ac13/ins-devtool.js
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://www.footem.site/
Message:
Refused to execute script from 'https://rawcdn.githack.com/insnesia/INSSA/e779e059a072e368d201c5f602c9f0543549ac13/ins-devtool.js' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
network error URL: https://hzr0dm28m17c.com/1be28071cb8484a1053cd220bc9652dd/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ads.holid.io
adsdk.microsoft.com
adx.adform.net
blogger.googleusercontent.com
cdn.adnxs.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
e072cf693e7e6711f3535b47d8ecb864.safeframe.googlesyndication.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.gstatic.com
fra1-ib.adnxs.com
helloworld.holid.io
hzr0dm28m17c.com
ib.adnxs.com
images.fotmob.com
pagead2.googlesyndication.com
raw.githack.com
rawcdn.githack.com
region1.google-analytics.com
securepubads.g.doubleclick.net
token.rubiconproject.com
tpc.googlesyndication.com
www.bing.com
www.blogger.com
www.footem.site
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
fra1-ib.adnxs.com
pagead2.googlesyndication.com
www.bing.com
13.32.27.56
185.89.210.46
192.243.59.20
2001:4860:4802:34::36
23.38.80.182
2602:803:c003:200::51
2606:4700:3038::6815:eae7
2606:4700::6810:5914
2606:4700::6811:180e
2606:4700:e6::ac40:c723
2620:1ec:46::45
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2009
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:813::2013
2a00:1450:4001:81c::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2008
2a02:26f0:3500:1b::1724:a39f
37.157.2.230
37.252.171.85
69.173.144.138
88.221.125.233
00ba1abfe8d84fa5d0a7e86aaf9bbaa3b8c10fdbc4c86cfe9ff83b3cae2e779d
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
07d6b66be54519cbc6486ba1311a95c9d497862fdc6c32077672cc9e00476b71
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea
0c9beb824465464ef88906b6f8a67d13f8ccca388e30a7c219be65a12dc7cd64
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
10b3cf36771fc6dab4d3f9f3841220c6330c5791ca7ad69ac099ab59e08ca251
11e4b55a73394ccdfc27b933cf3a25570c689a214ee08953ef27932426759c35
21afa7199d559d4dfd75da10d23a37752ed1c2636718c556a133dc13ba88fdbc
38d944d88c98612f76ed693afb143f1c032ca27ba56ec46a6714ab3dc511f974
3903e30e4e29b5a1bad20db538aa5d27f7e82bf3e374cc398f68ed182bc3a420
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40ea0f1ce6a865641c11d2b18aea950a437f62d74ad8edf80411288ae0225753
43760313e4a6cfb7be2b72e5b0daa391e8880a24e3274e00bfc2c7b8bba09936
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b86e7252b46cb9383680ff576426c8e41f4fb3eb4b2851da8f3706af6ee9291
4bf2581a1797321eb95ae5dc00473465fa58e94704ba44b5c64d2ad368c801a4
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56cc5c753fac681d45b9ef305197694b57e3690d5257f2576274fdbd45f96cbc
5e141c4510eb15b88c7385ca11033c3894f64af128ce03e19f09fe73048ccbbd
5f2ff871cd7f284064ca188d22dd0b8f2abb173b4f3cb03a7487d23717273021
602226218e1378b2c21234dc86949e30b0883ede3e811149a09e71e833e2ce63
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64687be0ebc03d225dc33d8fd78be938f3b511f4c9dc3bb5a615caa407d5bc2c
6553b434beef8faafed3e14142ba5a1c7b63c85b5c06e4f3ad61951a72380d7d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c930671e4ab37e34399dc4be981158bb8d3957e8c82ecefaf8f71a6197db142
6df2ce1dd3eb2bb0e0e5418aa6cdf26ff6cd382363f5d72b56d1befbec4131e5
7708bde88a4a5c13edd6d3e7c28dcee7a381afc0af223ffb1636e163c353dfe9
78d7bb0b5371e973a752330ab8b3e10e1b79375a4cf0e4053ebb201cd6d3dd17
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7abe1967de5628b96bc9df106f355be05f00bd96f7efdc910594db25d33fda9c
7aeb5df6c1ba0e44674657f1399139bb0ab0737376d10c7b4b60b4fa2a0dd109
7bbb9988b5f64e410f01c03fda12858dd273ba0166da2dbb098b0ca4deb8e30a
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
84f026f169adc5bf989d9c57e5c5701cc54eee22bc6f3ea86e0a48dff9c48616
8d851ea913ba751ce5ca5bd6b03f24e84bb33a9568dbe869d602209416c5dd34
8df31a9361cb7369eeb0cb75fc04718cc6050501fcaa3c7d7a6c9d26630d20e5
8fb036da25b891ee8717d39d7be59e460dccda4d2ba1a486a4ad3022049fd075
94db59ade1e62ecba474c27e19e433ea369a8c24d5c009927c99b8d93c3c3026
9f9f2c00132b24e86fdec5c58bb34b5e48cbe7c01ddc17a52ebea09cf6e8b339
a12e9d389d759c1c5da338104b603b194a42dde9d8ac75276e72562c8308c19a
a2d326e9197c15cee2342aa84195132add35fc836b3750442039a331e110f2c0
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
b1e79529cab34e8a3c245f8bbd1b767c5ba3e54dd8a342e6b255c1c2df79b6ca
b82dcbd69f814c8ef68ea4aae948779ae3bc124ed3a51f3d461b25d7e881edf6
b969a50f6ad6748da873ca5e57d773cfb7b8b305d3019000f9283f689c7ae4bd
ba53c1dbf53755d9f05c72f6864e4d08c09d00e346969f2407eaf6150a4fdbd6
be5014997cfd0c5933ce9cba77979fc3fc9fd941fd14de7759def6ccadcedf24
bf503d1736fc5a303e19bf9e5e2585aec8056cf8ca9a7d3604ef78fa2ae408aa
c4286b5a1606b8f76c136f69043974148e12d6e80d3a1f1178a54c6ab67b7b07
c44b1665bde2b3f0a1b356fec4559832ae270f7180b48265da8832815698a55e
d2a2c75062cf6b49b32001aa572899e204b466a6517dee7b41a9e11e90a03b37
de18f83fe5e106b0ff08097632c801d3b2a5744cb2040302314b3ed08d5c0c8e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7e82d9e917c569248435f4fc04d5d05b755a84ab795adcf89efe9783091b5f7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f06d4453396f60e0be643140640f8a0e47ad7ff473e9a8a95038abbdfef16d2a
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8d00356859998784bda26e1d14f2d981515921b96ded50d5d6f6f0e75bac15c