www.footem.site Open in urlscan Pro
2a00:1450:4001:831::2013 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.footem.site/
Effective URL:
https://www.footem.site/
Submission: On October 28 via api (October 28th 2023, 1:31:44 pm UTC) from US — Scanned from DE

Summary HTTP 64 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 16 domains to perform 64 HTTP transactions. The main IP is 2a00:1450:4001:831::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.footem.site.
TLS certificate: Issued by GTS CA 1D4 on October 13th 2023. Valid for: 3 months.

This is the only time www.footem.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	2a00:1450:400... 2a00:1450:4001:831::2013	15169 (GOOGLE) (GOOGLE)
5	2606:4700:303... 2606:4700:3037::ac43:b509	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3038::6815:eae6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	18.244.28.6 18.244.28.6	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2009	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
3	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2602:803:c003... 2602:803:c003:200::61	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	95.101.149.233 95.101.149.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
64	22

3 2a00:1450:4001:831::2013 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.footem.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3037::ac43:b509 (United States)

ASN13335 (CLOUDFLARENET, US)

ads.holid.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
helloworld.holid.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3038::6815:eae6 (United States)

ASN13335 (CLOUDFLARENET, US)

rawcdn.githack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
raw.githack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 18.244.28.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-28-6.cdg52.r.cloudfront.net

images.fotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b177186d4ec9d97448b63b3123bee989.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	fotmob.com images.fotmob.com — Cisco Umbrella Rank: 22302	126 KB
8	googlesyndication.com b177186d4ec9d97448b63b3123bee989.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	42 KB
6	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 513 eus.rubiconproject.com — Cisco Umbrella Rank: 602 token.rubiconproject.com — Cisco Umbrella Rank: 458	14 KB
6	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	214 KB
5	holid.io ads.holid.io — Cisco Umbrella Rank: 302356 helloworld.holid.io — Cisco Umbrella Rank: 481932	125 KB
4	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 246 acdn.adnxs.com — Cisco Umbrella Rank: 609	20 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196	171 KB
3	githack.com rawcdn.githack.com — Cisco Umbrella Rank: 83057 raw.githack.com — Cisco Umbrella Rank: 67656	30 KB
3	footem.site 1 redirects www.footem.site	47 KB
2	adform.net adx.adform.net — Cisco Umbrella Rank: 4418	1 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	3 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 12682	10 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	gstatic.com fonts.gstatic.com	36 KB
1	blogger.com www.blogger.com — Cisco Umbrella Rank: 10409	57 KB
64	16

	Domain	Requested by
16	images.fotmob.com	www.footem.site
6	cdnjs.cloudflare.com	www.footem.site
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	helloworld.holid.io	ads.holid.io
3	fastlane.rubiconproject.com	ads.holid.io
3	ib.adnxs.com	ads.holid.io acdn.adnxs.com
3	securepubads.g.doubleclick.net	ads.holid.io securepubads.g.doubleclick.net
3	www.footem.site	1 redirects www.footem.site
2	eus.rubiconproject.com	ads.holid.io eus.rubiconproject.com
2	adx.adform.net	ads.holid.io
2	cdn.jsdelivr.net	ads.holid.io securepubads.g.doubleclick.net
2	www.google-analytics.com	www.footem.site www.google-analytics.com
2	raw.githack.com	www.footem.site
2	blogger.googleusercontent.com	www.footem.site
2	ads.holid.io	www.footem.site ads.holid.io
1	token.rubiconproject.com	eus.rubiconproject.com
1	acdn.adnxs.com	ads.holid.io
1	www.google.com	tpc.googlesyndication.com
1	b177186d4ec9d97448b63b3123bee989.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	fonts.gstatic.com	www.footem.site
1	www.blogger.com	www.footem.site
1	rawcdn.githack.com	www.footem.site
64	23

This site contains links to these domains. Also see Links.

Domain
lnk.bio
www.whatsapp.com
footem-wt.blogspot.com
www.cricem.com
us.hashsecure.tech
us.footem.in
news.google.com
facebook.com
www.twitter.com
www.instagram.com
footemxtra.com
www.blogger.com

Subject Issuer	Validity	Valid
www.footem.site GTS CA 1D4	`2023-10-13` - `2024-01-11`	3 months	crt.sh
holid.io GTS CA 1P5	`2023-10-05` - `2024-01-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
githack.com GTS CA 1P5	`2023-09-05` - `2023-12-04`	3 months	crt.sh
*.fotmob.com Amazon RSA 2048 M02	`2023-02-21` - `2024-02-08`	a year	crt.sh
*.blogger.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.footem.site/
Frame ID: 8CBDB8DF021EF9CF5B4783919C57BAFC
Requests: 53 HTTP requests in this frame

Frame: https://b177186d4ec9d97448b63b3123bee989.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F37ECE59D62BF45C303C913E7FEBEE32
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0EB135E6EF777C99592D5D798ADC85B9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 249E439E2D94B12872F52D0070EEBC14
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: B10830DA949F7AD990FE6A30C9C2A00D
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DCA1243700DB8FDF4C532870D3B74095
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FootEM | Football In Every MinuteFootEM | Football In Every Minute

Page URL History Show full URLs

http://www.footem.site/ HTTP 301
https://www.footem.site/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

64
Requests

100 %
HTTPS

71 %
IPv6

16
Domains

23
Subdomains

22
IPs

4
Countries

918 kB
Transfer

2162 kB
Size

11
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://lnk.bio/footem
Title: Join Us

Search URL Search Domain Scan URL

URL: https://www.whatsapp.com/channel/0029Va5CwglCRs1jRlhkhF3x
Title: Join WhatsApp Channel

Search URL Search Domain Scan URL

URL: https://footem-wt.blogspot.com/
Title: Join WhatsApp Group

Search URL Search Domain Scan URL

URL: https://www.cricem.com/
Title: New Zealand10:30 AMLIVE NOW AustraliaICC Cricket World CupCRICEM CRICKET

Search URL Search Domain Scan URL

URL: https://us.hashsecure.tech/2023/10/chelsea-brentford.html
Title: Brentford5:00 PM00:00:00ChelseaRound 10FOOTEM Premier League

Search URL Search Domain Scan URL

URL: https://us.hashsecure.tech/2023/10/arsenal-vs-sheffield.html
Title: Sheff Ufd7:30 PM00:28:17ArsenalRound 10FOOTEM Premier League

Search URL Search Domain Scan URL

URL: https://us.footem.in/2023/10/barclona-real-madrid-elclassico.html
Title: Real Madrid7:45 PM00:43:17BarcelonaRound 10FOOTEM LaLiga-elcasico

Search URL Search Domain Scan URL

URL: https://us.footem.in/2023/10/al-fayha-vs-al-nassr.html
Title: Al Nassr8:30 PM01:28:17Al FayhaRound 10FOOTEM Saudi Pro League

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMIKyzQswss3kAw

Search URL Search Domain Scan URL

URL: https://facebook.com/footemofficial/

Search URL Search Domain Scan URL

URL: https://www.twitter.com/footemoff

Search URL Search Domain Scan URL

URL: https://www.instagram.com/footemxtra

Search URL Search Domain Scan URL

URL: https://footemxtra.com/
Title: Powered by Footem Media Network

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.footem.site/ HTTP 301
https://www.footem.site/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

64 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.footem.site/
Redirect Chain

http://www.footem.site/
https://www.footem.site/

202 KB
44 KB

212ms
187ms

Document
text/html

2a00:1450:4001:831::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.footem.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6641f3ed7966108f950fcbdb2f5ce8f7fdb54ef24fb0bd4c19258b49aa493830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 44654
content-type: text/html; charset=UTF-8
date: Sat, 28 Oct 2023 13:31:39 GMT
etag: W/"25a3d9477d921bb9d9be46d4e167af28eb43cbdaf9258517809b21d381b4c180"
expires: Sat, 28 Oct 2023 13:31:39 GMT
last-modified: Fri, 27 Oct 2023 22:54:14 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: private, max-age=0
Content-Encoding: gzip
Content-Length: 172
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html; charset=UTF-8
Date: Sat, 28 Oct 2023 13:31:39 GMT
Expires: Sat, 28 Oct 2023 13:31:39 GMT
Location: https://www.footem.site/
Server: GSE
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H2 200 holid.js Show response
ads.holid.io/auto/footem.site/ 35 KB
5 KB 68ms
20ms Script
application/javascript 2606:4700:3037::ac43:b509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.holid.io/auto/footem.site/holid.js
Requested by: Host: www.footem.site
URL: https://www.footem.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bf2581a1797321eb95ae5dc00473465fa58e94704ba44b5c64d2ad368c801a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 13:31:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5471
cf-polished: origSize=78392
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 16 Oct 2023 12:01:03 GMT
server: cloudflare
etag: W/"652d25ff-13238"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EvTYM%2B5nD1qVOJDOeTyLETaV11YBrX0gbN%2BbRyebrCjdhLhTSTUursk6TM5o0zIrTycOUURinu1WNzFiD0yqDmf2VmEQcQDB16rYHxZTw0zNPyJfb5nmLgnnlnyYSCfrUxxvxeidJc9GmjQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 81d38a54cf702c39-FRA

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 35ms
17ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.footem.site
URL: https://www.footem.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 13:31:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6511632
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5634
last-modified: Thu, 22 Jun 2023 11:02:18 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942a3a-1602"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=10ElS%2FRIl2RfRyO9EBf%2BQ48yVmP98cgegUjdA49%2BW825mDiSBmvqV%2FtmmQdh%2BbQfEwovkUZsTEnbnfjyUq3H%2BJJ5jxcjrVVb0cF1nNSeFcGpogTWifGEcZw6m4I5szz%2Ft%2FEWsbkZCon47xl6H5L2Piu9"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81d38a549a2735f8-FRA
expires: Thu, 17 Oct 2024 13:31:39 GMT

GET
H2 200 fontawesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/ 57 KB
10 KB 36ms
18ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/fontawesome.min.css

Requested by

Host: www.footem.site
URL: https://www.footem.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8d00356859998784bda26e1d14f2d981515921b96ded50d5d6f6f0e75bac15c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 13:31:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 11892336
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10256
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-e238"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLBxrSVncyHqnwVDcyuXEdeA4Ulr78nmiahwFMcfGx6OgtTJE156r7PzicXFPEZbF2SdoljOX4sKu3vmtNZ5RTe943hsYPtVrNsgYnsjhIcq4cfYz9moBzRY8IVgBMM6vPydFQFkrTqHN%2B3th%2FEYm75H"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81d38a549a2b35f8-FRA
expires: Thu, 17 Oct 2024 13:31:39 GMT

GET
H2 200 AVvXsEjFnchNph1LwH922yXiuXv8LEqyL_LTdUoE5sHnFlxsDFJU-fYuypV3RPEVfvV6uJNruRG1_639moP3LWjg43iUnFy5-fTCr-xrXpugYpNv3IsNUpEZ5ZnfgGyaL2Cw91IcXpSHFOpmPI0czETe2D-ARHW9uYhrwuwd8HMjjDSWtvce5R9_P2lot-jzXw=s176
blogger.googleusercontent.com/img/a/ 4 KB
5 KB 208ms
185ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEjFnchNph1LwH922yXiuXv8LEqyL_LTdUoE5sHnFlxsDFJU-fYuypV3RPEVfvV6uJNruRG1_639moP3LWjg43iUnFy5-fTCr-xrXpugYpNv3IsNUpEZ5ZnfgGyaL2Cw91IcXpSHFOpmPI0czETe2D-ARHW9uYhrwuwd8HMjjDSWtvce5R9_P2lot-jzXw=s176

Requested by

Host: www.footem.site
URL: https://www.footem.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

64687be0ebc03d225dc33d8fd78be938f3b511f4c9dc3bb5a615caa407d5bc2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 13:31:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v838"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Footem-2.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4374
x-xss-protection: 0
expires: Sun, 29 Oct 2023 13:31:39 GMT

GET
H2 200 ins-devtool.js Show response
rawcdn.githack.com/insnesia/INSSA/e779e059a072e368d201c5f602c9f0543549ac13/ 11 KB
5 KB 52ms
24ms Script
application/javascript 2606:4700:3038::6815:eae6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawcdn.githack.com/insnesia/INSSA/e779e059a072e368d201c5f602c9f0543549ac13/ins-devtool.js

Requested by

Host: www.footem.site
URL: https://www.footem.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eae6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a53ae8d9a3a099bb2cc967237d2a4c4bab22b976b6ffa59ebaa7d2e8272ca9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-fastly-request-id: fd99d5f0867d482d434536364acbaf7cba7be317
date: Sat, 28 Oct 2023 13:31:39 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2329844
content-encoding: br
x-cache: MISS
x-cache-hits: 0
alt-svc: h3=":443"; ma=86400
x-served-by: cache-hel1410030-HEL
server: cloudflare
x-github-request-id: FFC6:DD5F:B658A9:C33D0C:638EFA21
x-timer: S1670314530.921447,VS0,VE207
etag: W/"0fbd63ca7a87fc839816d79442906718268c5d5e52f9a3a00ff77385695443c7"
source-age: 0
vary: Authorization,Accept-Encoding,Origin
x-githack-cache-status: MISS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VnZvH53uAjae5m61p0vjLzRx293%2Bk8PKWnwD4HyRen2B4EZa%2BlCYZEN2rGSHZU55QWIy5DRex0UNPqYw8mk0VeKdaAoA3On5fj7Her%2FtluvJ967Z4QzT31MZLe%2F759cfJ7cttAJUjIuEVlaJRRHqGmU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000, public, immutable
x-robots-tag: none
cf-ray: 81d38a54cf869b40-FRA
expires: Wed, 06 Dec 2023 08:15:30 GMT

GET
H2 200 5820.png
images.fotmob.com/image_resources/logo/teamlogo/ 6 KB
7 KB 119ms
39ms Image
image/png 18.244.28.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fotmob.com/image_resources/logo/teamlogo/5820.png
Requested by: Host: www.footem.site
URL: https://www.footem.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.28.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-28-6.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae573b6f992cf5000b2d4c9c439c487ec20268df27acce4b58ba13d1ebe3a457

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 21:10:10 GMT
x-amz-meta-cache-control: max-age=2592000
via: 1.1 a2c28a67ab9b1e3f87982cdc792b4200.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 12:17:47 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P5
age: 577290
etag: "8f9a272febe63159f7bc2222fef4c246"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 6281
x-amz-cf-id: _7rnqQWciIZNtZJH-GFZa7vuasermvnNdO6PmhGf6-vXcyzvfXmxDg==

GET
H2 200 6716.png
images.fotmob.com/image_resources/logo/teamlogo/ 4 KB
5 KB 121ms
42ms Image
image/png 18.244.28.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fotmob.com/image_resources/logo/teamlogo/6716.png
Requested by: Host: www.footem.site
URL: https://www.footem.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.28.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-28-6.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74e5c1d91046c801d4053a649c9daa4b186e6c617981c9e9f04d92d0c3a13d07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 15:31:14 GMT
via: 1.1 a2c28a67ab9b1e3f87982cdc792b4200.cloudfront.net (CloudFront)
last-modified: Wed, 23 Aug 2023 10:08:54 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P5
age: 597626
etag: "f8d39d902dee813e5739110fe5677b60"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: must-revalidate, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 4345
x-amz-cf-id: LKhyhKhYliVnIdJ_WwQ0ckxDG1qSkSE4tfwkh0CpC2F7wim5xVsDTA==

GET
H2 200 95797.png
images.fotmob.com/image_resources/logo/teamlogo/ 4 KB
5 KB 120ms
41ms Image
image/png 18.244.28.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fotmob.com/image_resources/logo/teamlogo/95797.png
Requested by: Host: www.footem.site
URL: https://www.footem.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.28.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-28-6.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aab0fab6ad0729167c52fb01c169df413c981d341b149aa490f1608c7b7434c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-meta-cache-control: max-age=2592000
date: Sat, 21 Oct 2023 11:55:29 GMT
via: 1.1 a2c28a67ab9b1e3f87982cdc792b4200.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 10:22:29 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P5
age: 610571
etag: "6fd7ebd376447e63b45c9a34f891b9fa"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 4584
x-amz-cf-id: QU0iUxzhsYhRfKLIt0ejbTzCqlh8sx_aK89KF1EnvCZnNpnEQ_AFmA==

GET
H2 200 6708.png
images.fotmob.com/image_resources/logo/teamlogo/ 3 KB
4 KB 119ms
40ms Image
image/png 18.244.28.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fotmob.com/image_resources/logo/teamlogo/6708.png
Requested by: Host: www.footem.site
URL: https://www.footem.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.28.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-28-6.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3decf3353c4f957295d4645acd8be08b3cc4055f120f611c959391b1856a996d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 05:41:39 GMT
x-amz-meta-cache-control: max-age=2592000
via: 1.1 a2c28a67ab9b1e3f87982cdc792b4200.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 12:16:43 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P5
age: 1842601
etag: "b1116fd0319edce872cbf617fd1d9638"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 3452
x-amz-cf-id: hzjtIYsWbtplMcNBT29il0fEMjSqnv7zXKNawPsGqji6uLeFfXq87Q==

GET
H2 200 9937_small.png
images.fotmob.com/image_resources/logo/teamlogo/ 10 KB
11 KB 102ms
23ms Image
image/png 18.244.28.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fotmob.com/image_resources/logo/teamlogo/9937_small.png
Requested by: Host: www.footem.site
URL: https://www.footem.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.28.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-28-6.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 271bb7338cb0d130874514ca05043735c8a06248737d0c8df70dd4a1a729746f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-meta-cache-control: max-age=2592000
date: Thu, 19 Oct 2023 13:09:42 GMT
via: 1.1 a2c28a67ab9b1e3f87982cdc792b4200.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 10:30:43 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P5
age: 778918
etag: "84d3e10e6d604e277d21612a20a139b2"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 10687
x-amz-cf-id: KFPwSw2ZIBjqh9TuFwgrz29qmyKsSIqAtRaSyOBhCAtcqRdpvP_LeA==

GET
H2 200 8455_small.png
images.fotmob.com/image_resources/logo/teamlogo/ 10 KB
10 KB 101ms
40ms Image
image/png 18.244.28.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fotmob.com/image_resources/logo/teamlogo/8455_small.png
Requested by: Host: www.footem.site
URL: https://www.footem.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.28.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-28-6.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 680aa098b117ae7f76cd4f854d92649e6b2eca4d55d275a84a57f8f97f490f91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:34:30 GMT
via: 1.1 a2c28a67ab9b1e3f87982cdc792b4200.cloudfront.net (CloudFront)
last-modified: Sun, 30 Jul 2023 17:35:54 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P5
age: 93430
x-amz-server-side-encryption: AES256
etag: "91e1cc46fa42f8096e6b37a05e61c90e"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: must-revalidate, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 9855
x-amz-cf-id: isyl7IDnweU5mSKzeeyunVuI5xXb8ShU12L1GUoG1_lvclgDwNkNJg==

GET
H2 200 8262_small.png
images.fotmob.com/image_resources/logo/teamlogo/ 10 KB
10 KB 25ms
22ms Image
image/png 18.244.28.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fotmob.com/image_resources/logo/teamlogo/8262_small.png
Requested by: Host: www.footem.site
URL: https://www.footem.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.28.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-28-6.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5911676f9bd1992093fe1d410880a7cf89757c70c9c9fe1f6923c1d1d6ceef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 04:17:56 GMT
x-amz-meta-cache-control: max-age=2592000
via: 1.1 a2c28a67ab9b1e3f87982cdc792b4200.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 10:49:29 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P5
age: 1070024
etag: "0b07b42e50c071a88ace23b1b2ca2937"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 10308
x-amz-cf-id: 22Q0GO8l9Xatdy7d-24o3LDgrYZ0DpqcjRykhToEgYT0UkoZn9QIfg==

GET
H2 200 9823_small.png
images.fotmob.com/image_resources/logo/teamlogo/ 10 KB
11 KB 47ms
44ms Image
image/png 18.244.28.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fotmob.com/image_resources/logo/teamlogo/9823_small.png
Requested by: Host: www.footem.site
URL: https://www.footem.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.28.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-28-6.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 992d7259464235385c39e64585ea31df653ba887caf3fcb7c5deaa9c5b99f009

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-meta-cache-control: max-age=2592000
date: Mon, 23 Oct 2023 06:39:34 GMT
via: 1.1 a2c28a67ab9b1e3f87982cdc792b4200.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 10:23:51 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P5
age: 456726
etag: "a6493bae3fa2a98b1f4c108997ea32dc"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 10677
x-amz-cf-id: Zmb3VoQ-lrU9Y7C4PXK8N_wBqIq67wRHQ28ty3HMOJBKfTV5Jrl8UA==

GET
H2 200 8657_small.png
images.fotmob.com/image_resources/logo/teamlogo/ 8 KB
9 KB 36ms
33ms Image
image/png 18.244.28.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fotmob.com/image_resources/logo/teamlogo/8657_small.png
Requested by: Host: www.footem.site
URL: https://www.footem.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.28.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-28-6.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1bff030fda2d82d61ff537a1e79fdfe13ea6702685fb8b957f1294fef0e1df0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 22:47:26 GMT
x-amz-meta-cache-control: max-age=2592000
via: 1.1 a2c28a67ab9b1e3f87982cdc792b4200.cloudfront.net (CloudFront)
last-modified: Fri, 09 Aug 2019 07:14:15 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P5
age: 1521854
etag: "ab4d0a2f5e4d5d810510abefe92c3008"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 8646
x-amz-cf-id: lR_ehBjOhecMZc8_ZAWhlXCCVb9BX64vnKgjD0eiYJqsv0d6sGMXNw==

GET
H2 200 9825_small.png
images.fotmob.com/image_resources/logo/teamlogo/ 8 KB
9 KB 47ms
45ms Image
image/png 18.244.28.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fotmob.com/image_resources/logo/teamlogo/9825_small.png
Requested by: Host: www.footem.site
URL: https://www.footem.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.28.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-28-6.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 87efbc0fc1d805fe738e2fe2e7d7ffeb46255311b3df442e894c195afb2aea86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 22:51:36 GMT
x-amz-meta-cache-control: max-age=2592000
via: 1.1 a2c28a67ab9b1e3f87982cdc792b4200.cloudfront.net (CloudFront)
last-modified: Fri, 21 Dec 2018 11:10:56 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P5
age: 1089604
etag: "59292a301fb9f90fa2e031accb024cc6"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 8444
x-amz-cf-id: Bfsiq7SQQoSFCd80283owHVutbQ-IVsonxDYhaK_tCF9pYyvLdn7HA==

GET
H2 200 8633_small.png
images.fotmob.com/image_resources/logo/teamlogo/ 7 KB
7 KB 25ms
22ms Image
image/png 18.244.28.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fotmob.com/image_resources/logo/teamlogo/8633_small.png
Requested by: Host: www.footem.site
URL: https://www.footem.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.28.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-28-6.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 22a06016dd2011033d42ea148f8d8b36347c24182cd35da1db30eb33c0bf4ea9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 07:03:29 GMT
x-amz-meta-cache-control: max-age=2592000
via: 1.1 a2c28a67ab9b1e3f87982cdc792b4200.cloudfront.net (CloudFront)
last-modified: Thu, 18 Nov 2021 04:31:15 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P5
age: 1492091
etag: "2bf7da3fd0b36ebbd03003009cc4bbcf"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 6856
x-amz-cf-id: L0j-XTj2eKdc3L3hldK6g_erbRfjKFUmkDBMnzuIcU9vn7rlRk1ZEA==

GET
H2 200 8634_small.png
images.fotmob.com/image_resources/logo/teamlogo/ 7 KB
7 KB 49ms
47ms Image
image/png 18.244.28.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fotmob.com/image_resources/logo/teamlogo/8634_small.png
Requested by: Host: www.footem.site
URL: https://www.footem.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.28.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-28-6.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c7580edcec68a30619b8a3ff408d6d3974be8da73098f3235d5065529d330db7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 03:05:36 GMT
x-amz-meta-cache-control: max-age=2592000
via: 1.1 a2c28a67ab9b1e3f87982cdc792b4200.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 10:22:56 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P5
age: 2456764
etag: "353cd20553b15fd4c770644b1254bc16"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 6925
x-amz-cf-id: LqIgcD6WrJAieBWNX96Gz2_qNqcq_rHfr1fxhYbjnHg4VZhMDOi5Ug==

GET
H2 200 101918_small.png
images.fotmob.com/image_resources/logo/teamlogo/ 9 KB
9 KB 36ms
35ms Image
image/png 18.244.28.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fotmob.com/image_resources/logo/teamlogo/101918_small.png
Requested by: Host: www.footem.site
URL: https://www.footem.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.28.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-28-6.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e912b43c052175543ef9fc1bab4ed57456d8f5e60d301129b9872136b425cc02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:28:38 GMT
x-amz-meta-cache-control: max-age=2592000
via: 1.1 a2c28a67ab9b1e3f87982cdc792b4200.cloudfront.net (CloudFront)
last-modified: Mon, 14 Dec 2020 07:26:37 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P5
age: 792182
etag: "f461899495191429a3ee32f7b912f858"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 8861
x-amz-cf-id: RE_-pAtbTgqhBfMDiLQXY6U_z18ws0EQLsfgj71iPA1saxYjRWuONQ==

GET
H2 200 582749_small.png
images.fotmob.com/image_resources/logo/teamlogo/ 7 KB
8 KB 45ms
44ms Image
image/png 18.244.28.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fotmob.com/image_resources/logo/teamlogo/582749_small.png
Requested by: Host: www.footem.site
URL: https://www.footem.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.28.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-28-6.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 80d029d3432f499f96fa52cd26fb05054983788ee1d0db7c01a97b6b86756c47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 00:57:46 GMT
via: 1.1 a2c28a67ab9b1e3f87982cdc792b4200.cloudfront.net (CloudFront)
last-modified: Wed, 19 Jul 2023 13:56:50 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P5
age: 909234
x-amz-server-side-encryption: AES256
etag: "f66fc083561846ed0a267ab822388d63"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: must-revalidate, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 7379
x-amz-cf-id: dGBG2nIyFkS-tkGBN5QIL8_bhG-YjAmNOK5eiC9qE99QLr7Pk3vjnw==

GET
H2 200 10261_small.png
images.fotmob.com/image_resources/logo/teamlogo/ 10 KB
11 KB 46ms
45ms Image
image/png 18.244.28.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fotmob.com/image_resources/logo/teamlogo/10261_small.png
Requested by: Host: www.footem.site
URL: https://www.footem.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.28.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-28-6.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f387c2c33c6f8d0d80b07b2c78e243254aa53308da9f063050e9416733e765a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 03:05:27 GMT
x-amz-meta-cache-control: max-age=2592000
via: 1.1 a2c28a67ab9b1e3f87982cdc792b4200.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 12:18:11 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P5
age: 2456773
etag: "f0c86d81d162c10df907bf4109e92300"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 10579
x-amz-cf-id: JfuSSHWVqwRyh1rVOqe2XC-VU99AVheJ-qXcRCFHtAyD95KrlhDWRg==

GET
H2 200 8602_small.png
images.fotmob.com/image_resources/logo/teamlogo/ 5 KB
5 KB 46ms
45ms Image
image/png 18.244.28.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fotmob.com/image_resources/logo/teamlogo/8602_small.png
Requested by: Host: www.footem.site
URL: https://www.footem.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.28.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-28-6.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72235d84d9baa8eaca747b9cef50e1a4c75ac3bc20084886246a5d7c58ef7eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 05:17:26 GMT
x-amz-meta-cache-control: max-age=2592000
via: 1.1 a2c28a67ab9b1e3f87982cdc792b4200.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 13:33:48 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P5
age: 980054
etag: "b3f00f22da35833cdae6818e349cca49"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 4990
x-amz-cf-id: Rsnv-NMR-mKErxZFdCEwvRo2xM4GGa94HBqFPn5c57tdtp4PP4KCIw==

GET
H2 200 download%20(2).png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhusedq1TM61VbTwKWxb3-gTCkRmY1N11fzs7mhgL_pGG6d5c-nW8KEghlDxUvbhaTHK-GtcUD8S_J7Cb1UNgkMyifaxxThekvG0GNCsucC0Rhgz_lh43_2fHKmc8LAMQQyxPr5361-2P_Dknnc... 5 KB
5 KB 211ms
205ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhusedq1TM61VbTwKWxb3-gTCkRmY1N11fzs7mhgL_pGG6d5c-nW8KEghlDxUvbhaTHK-GtcUD8S_J7Cb1UNgkMyifaxxThekvG0GNCsucC0Rhgz_lh43_2fHKmc8LAMQQyxPr5361-2P_Dknnc5FBVoZAW14xN8lhOUCKFwLjOkPuX-3gmjvQmPMNfTkf7/s320/download%20(2).png

Requested by

Host: www.footem.site
URL: https://www.footem.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

56cc5c753fac681d45b9ef305197694b57e3690d5257f2576274fdbd45f96cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 13:31:39 GMT
x-content-type-options: nosniff
server: fife
etag: "vaad"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="download (2).png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5100
x-xss-protection: 0
expires: Sun, 29 Oct 2023 13:31:39 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 87 KB
28 KB 18ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.footem.site
URL: https://www.footem.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 13:31:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4347209
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 28007
last-modified: Thu, 22 Jun 2023 11:06:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b1e-6d67"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I8TOBzAd5Xp9QruLN1h9ACMn6aNoDMuZ0nocxhBB25vV5L2RbJBE6BZOFxQYBD6UbDzIilyzVJBKdRhvomp5m87QJ2NrGGX0zwZ3ZRMcKcKgmu%2BTFbEDZPFR%2FtLuCUGZgq8QULWGdGPbZ0nqvPB4z317"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81d38a54ca6535f8-FRA
expires: Thu, 17 Oct 2024 13:31:39 GMT

GET
H2 200 mm1ten.js Show response
raw.githack.com/rzn076/asd/codes/ 50 KB
18 KB 42ms
22ms Script
application/javascript 2606:4700:3038::6815:eae6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://raw.githack.com/rzn076/asd/codes/mm1ten.js

Requested by

Host: www.footem.site
URL: https://www.footem.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eae6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d851ea913ba751ce5ca5bd6b03f24e84bb33a9568dbe869d602209416c5dd34

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-fastly-request-id: a4a25cf36af2f757c1f8807f607da7c4fca9b4cb
date: Sat, 28 Oct 2023 13:31:39 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 207
content-encoding: br
x-cache: HIT
x-cache-hits: 1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-hel1410020-HEL
server: cloudflare
x-github-request-id: D218:74D3:30A8FF:325E33:653BE55C
x-timer: S1698428980.235116,VS0,VE173
etag: W/"6864cca62aaa0422c3d35a8f1c9ed3c740070f1e47581341f4ba4a6e976dfea6"
source-age: 0
vary: Authorization,Accept-Encoding,Origin
x-githack-cache-status: MISS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DuEx2YxFYirsuQrGMgQ3V0g1vt8n5obSlU0FpCAPyfpu3A%2BGleYNiT35hEZJltfhRETeJvIK6bvOYqm7EhqtqKxkj6Z3670Cf3cUQr130k8J0%2FZY7BZl64HW4ZmDgFiubLJReua4QaoJMHEA4f0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=300, max-age=300, public
x-robots-tag: none
cf-ray: 81d38a54ffb39b40-FRA
expires: Sat, 28 Oct 2023 13:32:32 GMT

GET
H2 200 Footem12Timer.js Show response
raw.githack.com/rzn076/asd/codes/ 36 KB
7 KB 31ms
19ms Script
application/javascript 2606:4700:3038::6815:eae6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://raw.githack.com/rzn076/asd/codes/Footem12Timer.js

Requested by

Host: www.footem.site
URL: https://www.footem.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eae6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a12e9d389d759c1c5da338104b603b194a42dde9d8ac75276e72562c8308c19a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-fastly-request-id: 5e77c45f0d39a2c194a4a3f2a87b03474321abf2
date: Sat, 28 Oct 2023 13:31:39 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 207
content-encoding: br
x-cache: HIT
x-cache-hits: 1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-hel1410028-HEL
server: cloudflare
x-github-request-id: 90C2:0F62:1A6216D:1B8EA32:653CBD40
x-timer: S1698479743.236869,VS0,VE162
etag: W/"1ab5f1a622928b29d508e4f9c0b7b23120ebf4236d77c84333771805e4cd3d5d"
source-age: 0
vary: Authorization,Accept-Encoding,Origin
x-githack-cache-status: MISS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1frmlMpjZlRcShG%2FG2eMpLmmir%2Bc7LEtSAmU2B0x%2BZ1dLua7D3GvOZzP4Z8wRB%2B2KPWhr8UzlV9L48OrIgKNwZA%2BhzG6SmeuzQkKXatZhkTKVd%2FpTpoyAoDB8Wo2H8NZ9AYrnzMlY53wzdI5BWo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=300, max-age=300, public
x-robots-tag: none
cf-ray: 81d38a54ffb09b40-FRA
expires: Sat, 28 Oct 2023 13:32:44 GMT

GET
H2 200 cookienotice.js Show response
www.footem.site/js/ 6 KB
2 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:831::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.footem.site/js/cookienotice.js

Requested by

Host: www.footem.site
URL: https://www.footem.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 13:31:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 28 Oct 2023 10:56:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 04 Nov 2023 13:31:39 GMT

GET
H2 200 4222370799-widgets.js Show response
www.blogger.com/static/v1/widgets/ 157 KB
57 KB 83ms
17ms Script
text/javascript 2a00:1450:4001:829::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/4222370799-widgets.js

Requested by

Host: www.footem.site
URL: https://www.footem.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9af227d76624335e290dc70aaef77227f4c63cb96588f9663bc59fd3c6f42cf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 01:58:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128005
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57984
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 21:56:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 26 Oct 2024 01:58:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 34ms
9ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.footem.site
URL: https://www.footem.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 28 Oct 2023 11:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6117
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 28 Oct 2023 13:49:42 GMT

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 13 KB
14 KB 46ms
37ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-regular-400.woff2

Requested by

Host: www.footem.site
URL: https://www.footem.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6df2ce1dd3eb2bb0e0e5418aa6cdf26ff6cd382363f5d72b56d1befbec4131e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.footem.site/
Origin: https://www.footem.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 13:31:39 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 847442
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13548
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-34ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G5uFhHJyJxjCUUX%2BP4knnxag%2BP2dOt%2FjDz3giw5slpg11HNs1lE6I4hqOOOJXUfvJeuB3T3WIAyN3hhsrV4QcdPmvHoJeh%2BvutU4g42Hu2fGzOJNBoeQEJy%2FWUouMzDzi3ahgDCHTfnsJeGHpJI9q%2FF5"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81d38a54de711c07-FRA
expires: Thu, 17 Oct 2024 13:31:39 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v2/ 36 KB
36 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v2/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: www.footem.site
URL: https://www.footem.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f2ff871cd7f284064ca188d22dd0b8f2abb173b4f3cb03a7487d23717273021

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.footem.site/
Origin: https://www.footem.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 23:41:31 GMT
x-content-type-options: nosniff
age: 49808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36740
x-xss-protection: 0
last-modified: Fri, 26 Jun 2020 02:37:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 23:41:31 GMT

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 77 KB
77 KB 25ms
17ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-brands-400.woff2

Requested by

Host: www.footem.site
URL: https://www.footem.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7e82d9e917c569248435f4fc04d5d05b755a84ab795adcf89efe9783091b5f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.footem.site/
Origin: https://www.footem.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 13:31:39 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1358040
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 78460
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-1327c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4G40uI6QJQxPYPz6b0esUNKku%2BL9W%2BPuSmyHf7jjDSa1T%2B%2BUE6TlXto1YgV2PJXg0oteeAgrHPRH%2BEcYfolZWLLawYRwiaQp%2FHTvf4hM2QR1bYSMqActwrnZRAmgc4mj%2FXS%2B5tw0eTBG%2B0tgrSq4kobd"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81d38a54de701c07-FRA
expires: Thu, 17 Oct 2024 13:31:39 GMT

GET
DATA 200
OK truncated
/ 500 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 78 KB
79 KB 16ms
15ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-solid-900.woff2

Requested by

Host: www.footem.site
URL: https://www.footem.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de18f83fe5e106b0ff08097632c801d3b2a5744cb2040302314b3ed08d5c0c8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.footem.site/
Origin: https://www.footem.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 13:31:39 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4377693
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 80300
last-modified: Thu, 22 Jun 2023 11:02:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942a3b-139ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJsAqJQ3Zs72FDXvm9D22PUinGwwtSYzdptY06WQHcnXlxixCLybpBsW%2BlC9oaNfCit9RbBNc0%2B8mzPzYQwqKqFFVLsLxIXdrZbrExJIwc95LFqStUG6DREmCDjgjNTPqqXeZ%2F1wWw6aqKx%2B8L3mptuh"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81d38a550eab1c07-FRA
expires: Thu, 17 Oct 2024 13:31:39 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
208 B 14ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=203370907&t=pageview&_s=1&dl=https%3A%2F%2Fwww.footem.site%2F&ul=en-us&de=UTF-8&dt=FootEM%20%7C%20Football%20In%20Every%20Minute&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=294527413&gjid=1440491664&cid=142891821.1698499900&tid=UA-188931075-1&_gid=1228922194.1698499900&_r=1&_slc=1&z=791518411

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.footem.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 13:31:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.footem.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 128ms
104ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ads.holid.io
URL: https://ads.holid.io/auto/footem.site/holid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05cf9fa2b461313f282fc769494de08ac20917b3af2f5e2a952577884ac977b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 13:31:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29121
x-xss-protection: 0
server: cafe
etag: 985 / 19658 / m202310190101 / config-hash: 13942866851986637457
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 13:31:39 GMT

GET
H2 200 prebid8.5.0.1.js Show response
ads.holid.io/ 383 KB
119 KB 25ms
24ms Script
application/javascript 2606:4700:3037::ac43:b509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.holid.io/prebid8.5.0.1.js
Requested by: Host: ads.holid.io
URL: https://ads.holid.io/auto/footem.site/holid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1e79529cab34e8a3c245f8bbd1b767c5ba3e54dd8a342e6b255c1c2df79b6ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 13:31:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6143
cf-polished: origSize=392864
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 27 Sep 2023 12:53:12 GMT
server: cloudflare
etag: W/"651425b8-5fea0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BKU0jpiW6wHUs%2FFDsu5iNvg30QtKKhEV2NZtoMssk7%2BDYQEHdFb5N2Ivf3tpz7eVhR15pVdd6uC8r%2F3K8Lm%2F1d6e11u6hgGc6lI5t7X5YjEy%2BopPEUUC%2FmmyRpcald2JLQhediCRdv3hMZM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 81d38a55b86c2c39-FRA

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 35ms
15ms XHR
application/json 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json

Requested by

Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7609de7faabb98dea0f3491e5177bb996889aaf6f95783402f16a31b44d5c593

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.footem.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 28 Oct 2023 13:31:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 34250
x-jsd-version: 1.0.1856
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230079-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"639-g7+9ydUD3nY6bwndYu4/TwgVUZk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X821mIagyoRtsXHsvzhnzWVC48SFNowQO6xmWCNXJpz1To6OtFjznTMjdcdS2auqTnY%2FcA7NfDFBhJErjBrQwl%2FEElN872zIU%2FjejWW%2B2DQNkujZtMAjyHUYB9YDRrSRFVnAdrMpUScx0F62zW0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 81d38a563a75905e-FRA

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
531 B 164ms
67ms XHR
text/plain 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.footem.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 13:31:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.footem.site
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 364 B
1 KB 120ms
88ms XHR
application/json 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

21446e2240e48192f2bb32b33eb3e4b76c96fa1a68084fdd1b284dc20bd30195

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.footem.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 13:31:39 GMT
an-x-request-uuid: 1485f868-5cd2-4f11-bca7-feca5c294593
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.footem.site
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 364
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 408 B
923 B 85ms
32ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19172&site_id=455578&zone_id=2672282&size_id=2&alt_size_ids=31%2C55%2C57%2C78%2C79%2C145&rp_schain=1.0,1!holid.io,6313,1,,,&eid_pubcid.org=9abe2ca7-8ed2-4626-bb77-2a10a9cd40af%5E1&rf=https%3A%2F%2Fwww.footem.site%2F&kw=Footem7%2Clivekoora%2Cfootemfootball%2Cfootballnews%2Cfootballlive%2Cepicsports%2Csportstrack%2Cyalla-live%2Cfootemsite%2Cfootball%2Csoccer%2Csportstracklive%2Cfootem%2Clivestreaming&tg_i.domain=footem.site&tg_i.page=https%3A%2F%2Fwww.footem.site%2F&tg_i.pbadslot=div-gpt-ad-3962781-2&tk_flint=pbjs_lite_v8.5.0&x_source.tid=c9497b34-4a28-4826-8491-db5b83373f6b&l_pb_bid_id=10aac1bb877c8b3&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=d7fe8918-f03a-496c-808e-580832383dc0&rp_maxbids=1&slots=1&rand=0.7242899435123114
Requested by: Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 28953006bc7c2921bfc60026325a7736247f756a4c991ac00bd4a78bfcf780c2

Request headers

Referer: https://www.footem.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 13:31:39 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.footem.site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 408
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 408 B
746 B 85ms
33ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19172&site_id=455578&zone_id=2672284&size_id=2&alt_size_ids=31%2C55%2C57%2C78%2C79%2C145&rp_schain=1.0,1!holid.io,6313,1,,,&eid_pubcid.org=9abe2ca7-8ed2-4626-bb77-2a10a9cd40af%5E1&rf=https%3A%2F%2Fwww.footem.site%2F&kw=Footem7%2Clivekoora%2Cfootemfootball%2Cfootballnews%2Cfootballlive%2Cepicsports%2Csportstrack%2Cyalla-live%2Cfootemsite%2Cfootball%2Csoccer%2Csportstracklive%2Cfootem%2Clivestreaming&tg_i.domain=footem.site&tg_i.page=https%3A%2F%2Fwww.footem.site%2F&tg_i.pbadslot=div-gpt-ad-3962781-3&tk_flint=pbjs_lite_v8.5.0&x_source.tid=c9497b34-4a28-4826-8491-db5b83373f6b&l_pb_bid_id=1144a3442841a8a&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=3a67b6d9-8682-4d37-9987-67cdb994e686&rp_maxbids=1&slots=1&rand=0.3914883999872445
Requested by: Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 3b4813feb6ec8ee6bff58ead712307432844ce8e60502b6331530a3a886bedaf

Request headers

Referer: https://www.footem.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 13:31:39 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.footem.site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 408
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 409 B
747 B 86ms
34ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19172&site_id=455578&zone_id=2672300&size_id=2&alt_size_ids=31%2C55%2C57%2C78%2C79%2C145&rp_schain=1.0,1!holid.io,6313,1,,,&eid_pubcid.org=9abe2ca7-8ed2-4626-bb77-2a10a9cd40af%5E1&rf=https%3A%2F%2Fwww.footem.site%2F&kw=Footem7%2Clivekoora%2Cfootemfootball%2Cfootballnews%2Cfootballlive%2Cepicsports%2Csportstrack%2Cyalla-live%2Cfootemsite%2Cfootball%2Csoccer%2Csportstracklive%2Cfootem%2Clivestreaming&tg_i.domain=footem.site&tg_i.page=https%3A%2F%2Fwww.footem.site%2F&tg_i.pbadslot=div-gpt-ad-3962781-11&tk_flint=pbjs_lite_v8.5.0&x_source.tid=c9497b34-4a28-4826-8491-db5b83373f6b&l_pb_bid_id=12e79cd213fcb53&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=67a312ec-1f1f-4606-9381-a41b7b27a63a&rp_maxbids=1&slots=1&rand=0.1570749233467621
Requested by: Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 3c5fbe09a63091037abdd6cb7dbbc04cb5d9884fa7683f614781ff2964fba47f

Request headers

Referer: https://www.footem.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 13:31:39 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.footem.site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 409
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction Show response
helloworld.holid.io/openrtb2/ 269 B
494 B 99ms
88ms XHR
application/json 2606:4700:3037::ac43:b509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helloworld.holid.io/openrtb2/auction
Requested by: Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1737eb77b6b58644bd04aab3ac2cb0ebe65b7c5a2d779b6aa3d76c22d84a2a0

Request headers

Referer: https://www.footem.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 28 Oct 2023 13:31:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-prebid: pbs-go/unknown
alt-svc: h3=":443"; ma=86400
pragma: no-cache
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LE%2FaZeZ20c3Z3dsAHMOyMV%2BhoNh9dHjvO0l2uzAFYsBVFGqVLP3%2Bzz1zo%2B65aoQ6h73U9IwGyt6ioFmSkBbKefAPivzXkfBDY3Lnals%2BnDel2YuMY6YzZQveiRAamF30d%2B8zYYtg3Q5Oxt6Ct6P5sKQA"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.footem.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 81d38a5649202c39-FRA
expires: 0

POST
H2 200 auction Show response
helloworld.holid.io/openrtb2/ 269 B
491 B 130ms
119ms XHR
application/json 2606:4700:3037::ac43:b509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helloworld.holid.io/openrtb2/auction
Requested by: Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d8e9764f5e9c8384ee950d892adcda9c0bf40218e1e49d85221b80b47dc9309

Request headers

Referer: https://www.footem.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 28 Oct 2023 13:31:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-prebid: pbs-go/unknown
alt-svc: h3=":443"; ma=86400
pragma: no-cache
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=51sYPQl2tAPKIt0SK%2FY29AmTrN2NbYVhitbXzuL3gnZtvnZN4DVbf7LslCRXFTjJ8aWUyh50NP73PGLFENOzTBbyv%2Bz9EQPXJNTiS9K2c%2FQesmJRLrxEik5QwKg4KZCb6V7kS61fJghUaNTJIt0kc5cV"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.footem.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 81d38a56491d2c39-FRA
expires: 0

POST
H2 200 auction Show response
helloworld.holid.io/openrtb2/ 269 B
621 B 96ms
85ms XHR
application/json 2606:4700:3037::ac43:b509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helloworld.holid.io/openrtb2/auction
Requested by: Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f41827646d2007bd2fc15e57f891f38aacbcd1dfdd71f7718f63ebe1b3a216bb

Request headers

Referer: https://www.footem.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 28 Oct 2023 13:31:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-prebid: pbs-go/unknown
alt-svc: h3=":443"; ma=86400
pragma: no-cache
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TO6FC6gOxS2ch%2BbZHslYsz%2Bd4zb7imQRtqOLFe%2FjPSC3WaDbQAUHP9pCQXDL7z1t1bm6vBk6W3yeXICl9nX8j4FOUgsDfAKFnicUI7FK75mPd45XGpfkI6uy65LMKt5P1hcJtFnUC39hvWX2o50PAoD4"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.footem.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 81d38a56491a2c39-FRA
expires: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
532 B 153ms
63ms XHR
text/plain 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.footem.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 13:31:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.footem.site
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/ 422 KB
132 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49db66ae1889e3ae58a38124422c4d6648b19cf9f233b12412db9b565b5d85b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 13:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1882
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135316
x-xss-protection: 0
server: cafe
etag: 9779678222609117831
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 27 Oct 2024 13:00:17 GMT

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 166ms
16ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 13:31:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 19725
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QjPPhslWyVGx0Ou9QySHeXWqHgcTD6QuO5rJP3YjUwezoAmfCKgz11GcotDmEGtcT8VVx2m%2BL5cnzZtw1x45l19EVrscQJqBRSC7mufKlIYRmmkFZYECMYK6h3fdDVZlJzZ6uwuB9n6f1LTW1g8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 81d38a57f9f09ba1-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
10 KB 362ms
362ms Fetch
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=831386182147235&correlator=970723184032637&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fifs&iu_parts=21756427176%2CDefault2%2CDefault3%2CDefault11&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=728x90%7C980x300%7C970x250%7C980x120%7C970x90%7C980x250%7C980x150%7C980x240%7C970x120%2C728x90%7C980x300%7C970x250%7C980x120%7C970x90%7C980x250%7C980x150%7C980x240%7C970x120%2C728x90%7C980x300%7C970x250%7C980x120%7C970x90%7C980x250%7C980x150%7C980x240%7C970x120&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698499900046&lmt=1698440054&adxs=315%2C315%2C315&adys=98%2C2191%2C1697&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.footem.site%2F&vis=1&psz=970x0%7C970x0%7C970x0&msz=970x0%7C970x0%7C970x0&fws=4%2C4%2C4&ohw=1600%2C1600%2C1600&ga_vid=142891821.1698499900&ga_sid=1698499900&ga_hid=203370907&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcY5uTus7cxSABSAghk&dlt=1698499899592&idt=395&adks=3152758767%2C619223431%2C3448955163&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32ee20f73583c5ffc95c8028466f6b81e434644f6bbad3b8098ea7a93d217067

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 13:31:40 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10158
x-xss-protection: 0
google-lineitem-id: -2,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.footem.site
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b177186d4ec9d97448b63b3123bee989.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F37E 6 KB
3 KB 78ms
15ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b177186d4ec9d97448b63b3123bee989.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.footem.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 13:31:40 GMT
expires: Sun, 27 Oct 2024 13:31:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 80ms
57ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310190101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0463d10b034e59588b80bdae1505fd152d2ad9c89aaa022d0486ff324d4243f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 13:31:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12222
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 48ms
28ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 13:31:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 28 Oct 2023 13:31:40 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0EB1 13 KB
5 KB 10ms
9ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.footem.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 98405
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 10:11:35 GMT
expires: Sat, 26 Oct 2024 10:11:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 249E 829 B
1 KB 53ms
28ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7597f96c860ad6789dc68cbbb61cee06acfa9575f4831a826f5fe6be3acc3bbc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YFXM7pB4P6wYXnLH5GauQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.footem.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-YFXM7pB4P6wYXnLH5GauQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 13:31:40 GMT
expires: Sat, 28 Oct 2023 13:31:40 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 0EB1 38 KB
15 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 07:48:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 27 Oct 2024 07:48:25 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 249E 0
0 41ms
40ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310190101&jk=831386182147235&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0EB1 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?geZZaQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 13:31:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
44ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310190101&jk=831386182147235&bg=!8_Cl8L_NAAbo5yKYyOc7ADQBe5WfOFtO60f38jo0Gjna4umehYlzc-M2V6LGfbIgC8d0s20ngazxrLjVKblJ_Qahj4Y5AgAAAGNSAAAAA2gBBwoAsTkeMMl2AYrLcSpWVQl-I_MUcBPTmLKI2Nb988QNnbrtfSRH9Wnt06vvwwo3O7mkn_WIFDyHHIlBHXwaG4YSQAuW_sIH816CC_Rw31FjMTnwAgCYtzYeXHun9FlteiiLTeN2zfTCr0P7x0QCCt6tHxGs0ve_Vw2vUx167SZWgwkQixStSD8KBCEO0GeIj30bEQxs7yNThGxUChcHLMxxik5iY_fkiqlkZ-ryaAgON1NV35kCsSmxgiqWlpXUWkSUYp7ZFfO77BixuOPg32ql0tlI4AWfwQqNN7ZZbn4YF2zPAIhaww9X4wZ-ejEokwfDhBngVKWQEb-IvsfwQRO8ZjdoMxuW1WesVa6BaU2Gvdt6OEi_petDUqjIR0tz33Bz58dHd3UYFW7v-WRK5nbBYhOz7luRnLEdIWgWkXj3XnY9mO9wObUn16mQM9t4UiIZJHoqy7-A887SdAruuqG7e17K7eCVUbNKSF6t_T0BbtHKctCWC9y0hkhuNqdJxiWRNSlmRLY-vXHTUNlSUKJFiSOM8Tg2HDVSbfUJg68sfuxuRm43H8qVbMWdR6L2WmWfDKRKYv0udpdDnKfytJx7TAW0MQKCce8byv6LHHBD04v62VpDNV2URGkc-lQCodUf2Y9sOQWHUWL2pQR_yJNCytSPeZgMUBDfGCSzqS8D0YRDLzEf1DGRZmwjgLZgYClr6p3lunPrkWKzjUivDQxyQMlANi4a06lmE043rY_2et9A5TrjZ1dfhq_EpT4yxpjHO4naJyNMTG2babhULMe2pJta6NLm8ImBNWqDdYUIQ9jWjj3MKfNqaBI1GEaCKRoXLMrWEJcJu1oNeOJXHYu1XIizvttliH3GEt_TR7W4UZAwnxZS1MoPWj2X6kuZby3dEwr87giqNSxGWrO2nsTBJbFappcl0UxmK5PpBQCWg9KwS2RYkfzDe_o6QOp3aU-3Sofxi9K4ei6aSyNXhA2LWomnUzws2kq1WIbLUWRwkd5Bh2k7wyID6hWA7StUeT2wAVGRz_mCk2YywINlqQUXWhIXUO0xCr5OfpnLB-j62sTsragKjjWB2HhxEIhsnAXKk0nC6BN9xsKj5koprF6FJajHQx5SgMS1tIbS-Mdvj-8ReJI080Evae9-8bq5pKFi0rY3ShWF
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.footem.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame B108 281 B
554 B 41ms
8ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.footem.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 28 Oct 2023 13:31:43 GMT
ETag: "4014f-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame DCA1 52 KB
17 KB 55ms
7ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.holid.io
URL: https://ads.holid.io/prebid8.5.0.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.footem.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 12933
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 28 Oct 2023 13:31:43 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 19 Oct 2023 09:55:51 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1928, 87971
X-Served-By: cache-lga13626-LGA, cache-fra-eddf8230139-FRA
X-Timer: S1698499903.089251,VS0,VE0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame B108 40 KB
11 KB 24ms
23ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: d79acf1c1d0cf52642310a60878e54ad6bf1adc5f9cfc70ce17371a16643028c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Sat, 28 Oct 2023 13:31:43 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Oct 2023 20:32:04 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=25276
Connection: keep-alive
Content-Length: 11052
Expires: Sat, 28 Oct 2023 20:32:59 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame DCA1 0
595 B 18ms
18ms Script
text/html 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 13:31:43 GMT
an-x-request-uuid: 0c5223e0-3012-4d2c-b2b2-fd6fab20f0db
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame B108 7 B
380 B 47ms
8ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: ef823186f233724f4775c0c4b9549d14
Expires: 0

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame DCA1 0
596 B 8ms
7ms Script
text/html 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 13:31:44 GMT
an-x-request-uuid: ff52decb-7342-45b3-aa18-8102f83087bb
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

166 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.footem.site/	1970-01-21 01:24:19	Name: _ga Value: GA1.2.142891821.1698499900
.footem.site/	1970-01-20 15:49:46	Name: _gid Value: GA1.2.1228922194.1698499900
.footem.site/	1970-01-20 15:48:19	Name: _gat_blogger Value: 1
www.footem.site/	1970-01-20 16:31:31	Name: _pbjs_userid_consent_data Value: 3524755945110770
.rubiconproject.com/	1970-01-21 00:33:55	Name: khaos Value: LOA2ZIG0-22-CCWR
.rubiconproject.com/	1970-01-21 00:33:55	Name: audit Value: 1\|naVuGyos1qpBaoDwBMihCyAkF7RiBdb4AgvEG2sPPZosxPxU5qr+6DRJf6mAtsb/a+Vjt0jshc2PecTVxC7/COBxGCOXoSK1hMgX/zf88te+xUA9sgf/4b7FQD2yB//h
.adnxs.com/	1970-01-20 17:57:55	Name: icu Value: ChkIl9KIARAKGAEgASgBMLua9KkGOAFAAUgBELua9KkGGAA.
.adnxs.com/	1970-01-20 17:57:55	Name: uuid2 Value: 3076313975938155717
.doubleclick.net/	1970-01-20 15:48:20	Name: test_cookie Value: CheckForPermission
.footem.site/	1970-01-21 01:09:55	Name: __gads Value: ID=0f1fed12c3b32581:T=1698499900:RT=1698499900:S=ALNI_Ma1psxLBbr_in-uyTqScZkHf9q3Sg
.footem.site/	1970-01-21 01:09:55	Name: __gpi Value: UID=00000cabf502891c:T=1698499900:RT=1698499900:S=ALNI_Ma0dJSJkaMg-CpmEdmpox_Y2m9MXg

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ads.holid.io
adx.adform.net
b177186d4ec9d97448b63b3123bee989.safeframe.googlesyndication.com
blogger.googleusercontent.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.gstatic.com
helloworld.holid.io
ib.adnxs.com
images.fotmob.com
pagead2.googlesyndication.com
raw.githack.com
rawcdn.githack.com
securepubads.g.doubleclick.net
token.rubiconproject.com
tpc.googlesyndication.com
www.blogger.com
www.footem.site
www.google-analytics.com
www.google.com
151.101.193.108
18.244.28.6
2602:803:c003:200::61
2606:4700:3037::ac43:b509
2606:4700:3038::6815:eae6
2606:4700::6810:5714
2606:4700::6811:180e
2a00:1450:4001:801::2003
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:810::2002
2a00:1450:4001:827::2001
2a00:1450:4001:828::2004
2a00:1450:4001:828::200e
2a00:1450:4001:829::2009
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2013
37.157.3.20
37.252.171.52
69.173.144.139
95.101.149.233
0463d10b034e59588b80bdae1505fd152d2ad9c89aaa022d0486ff324d4243f6
05cf9fa2b461313f282fc769494de08ac20917b3af2f5e2a952577884ac977b3
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
21446e2240e48192f2bb32b33eb3e4b76c96fa1a68084fdd1b284dc20bd30195
22a06016dd2011033d42ea148f8d8b36347c24182cd35da1db30eb33c0bf4ea9
271bb7338cb0d130874514ca05043735c8a06248737d0c8df70dd4a1a729746f
28953006bc7c2921bfc60026325a7736247f756a4c991ac00bd4a78bfcf780c2
32ee20f73583c5ffc95c8028466f6b81e434644f6bbad3b8098ea7a93d217067
3b4813feb6ec8ee6bff58ead712307432844ce8e60502b6331530a3a886bedaf
3c5fbe09a63091037abdd6cb7dbbc04cb5d9884fa7683f614781ff2964fba47f
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3decf3353c4f957295d4645acd8be08b3cc4055f120f611c959391b1856a996d
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
49db66ae1889e3ae58a38124422c4d6648b19cf9f233b12412db9b565b5d85b0
4bf2581a1797321eb95ae5dc00473465fa58e94704ba44b5c64d2ad368c801a4
54a53ae8d9a3a099bb2cc967237d2a4c4bab22b976b6ffa59ebaa7d2e8272ca9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56cc5c753fac681d45b9ef305197694b57e3690d5257f2576274fdbd45f96cbc
5f2ff871cd7f284064ca188d22dd0b8f2abb173b4f3cb03a7487d23717273021
5f387c2c33c6f8d0d80b07b2c78e243254aa53308da9f063050e9416733e765a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64687be0ebc03d225dc33d8fd78be938f3b511f4c9dc3bb5a615caa407d5bc2c
6641f3ed7966108f950fcbdb2f5ce8f7fdb54ef24fb0bd4c19258b49aa493830
680aa098b117ae7f76cd4f854d92649e6b2eca4d55d275a84a57f8f97f490f91
6df2ce1dd3eb2bb0e0e5418aa6cdf26ff6cd382363f5d72b56d1befbec4131e5
72235d84d9baa8eaca747b9cef50e1a4c75ac3bc20084886246a5d7c58ef7eb5
74e5c1d91046c801d4053a649c9daa4b186e6c617981c9e9f04d92d0c3a13d07
7597f96c860ad6789dc68cbbb61cee06acfa9575f4831a826f5fe6be3acc3bbc
7609de7faabb98dea0f3491e5177bb996889aaf6f95783402f16a31b44d5c593
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
80d029d3432f499f96fa52cd26fb05054983788ee1d0db7c01a97b6b86756c47
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
87efbc0fc1d805fe738e2fe2e7d7ffeb46255311b3df442e894c195afb2aea86
8d851ea913ba751ce5ca5bd6b03f24e84bb33a9568dbe869d602209416c5dd34
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
992d7259464235385c39e64585ea31df653ba887caf3fcb7c5deaa9c5b99f009
9af227d76624335e290dc70aaef77227f4c63cb96588f9663bc59fd3c6f42cf1
9d8e9764f5e9c8384ee950d892adcda9c0bf40218e1e49d85221b80b47dc9309
a12e9d389d759c1c5da338104b603b194a42dde9d8ac75276e72562c8308c19a
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
aab0fab6ad0729167c52fb01c169df413c981d341b149aa490f1608c7b7434c2
ae573b6f992cf5000b2d4c9c439c487ec20268df27acce4b58ba13d1ebe3a457
b1e79529cab34e8a3c245f8bbd1b767c5ba3e54dd8a342e6b255c1c2df79b6ca
c1bff030fda2d82d61ff537a1e79fdfe13ea6702685fb8b957f1294fef0e1df0
c5911676f9bd1992093fe1d410880a7cf89757c70c9c9fe1f6923c1d1d6ceef1
c7580edcec68a30619b8a3ff408d6d3974be8da73098f3235d5065529d330db7
d1737eb77b6b58644bd04aab3ac2cb0ebe65b7c5a2d779b6aa3d76c22d84a2a0
d79acf1c1d0cf52642310a60878e54ad6bf1adc5f9cfc70ce17371a16643028c
de18f83fe5e106b0ff08097632c801d3b2a5744cb2040302314b3ed08d5c0c8e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7e82d9e917c569248435f4fc04d5d05b755a84ab795adcf89efe9783091b5f7
e912b43c052175543ef9fc1bab4ed57456d8f5e60d301129b9872136b425cc02
f41827646d2007bd2fc15e57f891f38aacbcd1dfdd71f7718f63ebe1b3a216bb
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8d00356859998784bda26e1d14f2d981515921b96ded50d5d6f6f0e75bac15c

www.footem.site Open in urlscan Pro 2a00:1450:4001:831::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

64 Requests

100 %HTTPS

71 %IPv6

16 Domains

23 Subdomains

22 IPs

4 Countries

918 kBTransfer

2162 kBSize

11 Cookies

14 Outgoing links

Page URL History

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.footem.site Open in urlscan Pro
2a00:1450:4001:831::2013 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

100 %
HTTPS

71 %
IPv6

16
Domains

23
Subdomains

22
IPs

4
Countries

918 kB
Transfer

2162 kB
Size

11
Cookies

64 HTTP transactions
1 data transactions