www.onfootmoney.com Open in urlscan Pro
54.208.252.81 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.onfootmoney.com/
Effective URL:
https://www.onfootmoney.com/
Submission: On March 07 via api (March 7th 2024, 9:31:06 pm UTC) from US — Scanned from DE

Summary HTTP 65 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 19 IPs in 2 countries across 13 domains to perform 65 HTTP transactions. The main IP is 54.208.252.81, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.onfootmoney.com.
TLS certificate: Issued by R3 on January 11th 2024. Valid for: 3 months.

This is the only time www.onfootmoney.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.230.43.178 3.230.43.178	14618 (AMAZON-AES) (AMAZON-AES)
1	54.208.252.81 54.208.252.81	14618 (AMAZON-AES) (AMAZON-AES)
4	2600:9000:205... 2600:9000:2057:7200:15:515:3740:93a1	16509 (AMAZON-02) (AMAZON-02)
3	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
8	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.193.91 151.101.193.91	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
21	2600:9000:275... 2600:9000:275d:be00:1e:7b69:edc0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:236... 2600:9000:236e:a800:1e:a36b:f680:93a1	16509 (AMAZON-02) (AMAZON-02)
1	146.75.116.193 146.75.116.193	54113 (FASTLY) (FASTLY)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	162.55.95.216 162.55.95.216	24940 (HETZNER-AS) (HETZNER-AS)
2	2600:9000:25e... 2600:9000:25e8:fa00:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	44.236.167.79 44.236.167.79	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
65	19

1 3.230.43.178 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-43-178.compute-1.amazonaws.com

www.onfootmoney.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.208.252.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-252-81.compute-1.amazonaws.com

www.onfootmoney.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2057:7200:15:515:3740:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.airbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.91 (United States)

ASN54113 (FASTLY, US)

static.woopra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2600:9000:275d:be00:1e:7b69:edc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.airbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:236e:a800:1e:a36b:f680:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.airbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.55.95.216 (Bergen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.216.95.55.162.clients.your-server.de

www.woopra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:25e8:fa00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.236.167.79 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-167-79.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	airbit.com app.airbit.com cdn.airbit.com api.airbit.com	8 MB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 161	227 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29 region1.google-analytics.com — Cisco Umbrella Rank: 2089	21 KB
4	stripe.com js.stripe.com — Cisco Umbrella Rank: 1155 m.stripe.com — Cisco Umbrella Rank: 1134	170 KB
3	gstatic.com fonts.gstatic.com	24 KB
3	woopra.com static.woopra.com — Cisco Umbrella Rank: 49034 www.woopra.com — Cisco Umbrella Rank: 39052	13 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	244 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1243	16 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	5 KB
2	onfootmoney.com 1 redirects www.onfootmoney.com	16 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	imgur.com i.imgur.com — Cisco Umbrella Rank: 7986	35 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	924 B
65	13

	Domain	Requested by
21	cdn.airbit.com	www.onfootmoney.com
8	pagead2.googlesyndication.com	www.onfootmoney.com pagead2.googlesyndication.com tpc.googlesyndication.com
4	api.airbit.com	app.airbit.com
4	app.airbit.com	www.onfootmoney.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.onfootmoney.com
3	www.googletagmanager.com	www.onfootmoney.com www.googletagmanager.com www.google-analytics.com
3	js.stripe.com	www.onfootmoney.com js.stripe.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	www.woopra.com	static.woopra.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.onfootmoney.com	1 redirects
1	www.google.com	tpc.googlesyndication.com
1	m.stripe.com	m.stripe.network
1	region1.google-analytics.com	www.googletagmanager.com
1	i.imgur.com	www.onfootmoney.com
1	static.woopra.com	www.onfootmoney.com
1	fonts.googleapis.com	app.airbit.com
65	19

This site contains links to these domains. Also see Links.

Domain
accounts.airbit.com

Subject Issuer	Validity	Valid
www.onfootmoney.com R3	`2024-01-11` - `2024-04-10`	3 months	crt.sh
airbit.com Amazon RSA 2048 M01	`2023-08-14` - `2024-09-10`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-02-07` - `2024-05-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
static.woopra.com R3	`2024-02-19` - `2024-05-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-15` - `2025-02-14`	a year	crt.sh
woopra.com R3	`2024-01-09` - `2024-04-08`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-26` - `2024-05-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.onfootmoney.com/
Frame ID: 304E253C29EA9D89631227E0E92DE7C9
Requests: 53 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/zrt_lookup_fy2021.html
Frame ID: 002561C7BA0152F3757DCEA240E52CE2
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 95F038D92494FFBE55356D47891E53DB
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3507318516874040&output=html&adk=1812271804&adf=3025194257&lmt=1709847061&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x810_r&format=0x0&url=https%3A%2F%2Fwww.onfootmoney.com%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709847060654&bpp=1&bdt=636&idt=502&shv=r20240306&mjsv=m202403050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1828053859014&frm=20&pv=2&ga_vid=842547452.1709847061&ga_sid=1709847061&ga_hid=287983161&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95325752%2C31081641%2C95320377%2C95321865%2C95324161%2C95325785%2C95326431%2C95326920&oid=2&pvsid=4136832470353738&tmod=264786366&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=517
Frame ID: A40ECFBCD73D0ABAB22EF89FF2510D68
Requests: 1 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 4E873EEB22482614915D73DA657CCAE9
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 138D36B027887760742ACE502C4FAE4D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6C651107436197DF5C4144D48B88F628
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ONFOOTMONEY!

Page URL History Show full URLs

http://www.onfootmoney.com/ HTTP 308
https://www.onfootmoney.com/ Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Woopra (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.woopra\.com

Page Statistics

65
Requests

100 %
HTTPS

65 %
IPv6

13
Domains

19
Subdomains

19
IPs

2
Countries

8850 kB
Transfer

10697 kB
Size

10
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://accounts.airbit.com/password/reset
Title: Forgot password?

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.onfootmoney.com/ HTTP 308
https://www.onfootmoney.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

65 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.onfootmoney.com/
Redirect Chain

http://www.onfootmoney.com/
https://www.onfootmoney.com/

74 KB
15 KB

631ms
394ms

Document
text/html

54.208.252.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onfootmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.208.252.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-252-81.compute-1.amazonaws.com
Software: Caddy Apache/2.4.52 (Ubuntu) /
Resource Hash: d1a09dcdf4c362a65eee99ae090b0e3420a13d6e5865f60dcab71ce24d9418fe

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Accept, Accept-Encoding, Accept-Language, Authorization, X-Request-With, Cache-Control, Host, X-Requested-With, X-XSRF-TOKEN, X-Authorization, x-socket-id
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, private
content-encoding: gzip
content-length: 14010
content-type: text/html; charset=UTF-8
date: Thu, 07 Mar 2024 21:30:59 GMT
server: Caddy Apache/2.4.52 (Ubuntu)
vary: Accept-Encoding,User-Agent

Redirect headers

Connection: close
Content-Length: 0
Date: Thu, 07 Mar 2024 21:30:59 GMT
Location: https://www.onfootmoney.com/
Server: Caddy

GET
H2 200 libs.css
app.airbit.com/assets/infinity/css/ 283 KB
45 KB 172ms
42ms Stylesheet
text/css 2600:9000:2057:7200:15:515:3740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.airbit.com/assets/infinity/css/libs.css?id=4acfd95118da1f9aa9e2
Requested by: Host: www.onfootmoney.com
URL: https://www.onfootmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7200:15:515:3740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: eb344edd44a97b3ec8293c6999c2dca57ad14732a5df4da72cb8c6d2353a71b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 07:10:40 GMT
content-encoding: gzip
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
last-modified: Mon, 26 Feb 2024 19:40:30 GMT
server: Apache/2.4.52 (Ubuntu)
x-amz-cf-pop: FRA6-C1
age: 51622
etag: "46aa9-6124e150a2780-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 45469
x-amz-cf-id: Ue7Nx_bNSZfED9HsybcxbiGSgjifH3tLz7pj6K00cGyJzlyZvujHPw==

GET
H2 200 infinity.css
app.airbit.com/assets/infinity/css/ 125 KB
24 KB 173ms
43ms Stylesheet
text/css 2600:9000:2057:7200:15:515:3740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.airbit.com/assets/infinity/css/infinity.css?id=db1446c0b8810cc1a5fe
Requested by: Host: www.onfootmoney.com
URL: https://www.onfootmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7200:15:515:3740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: d2a2044b9c208f850133e155f9ed6be70104c0dc78367ae6d84881719ded2c60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 09:41:31 GMT
content-encoding: gzip
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
last-modified: Mon, 26 Feb 2024 19:40:30 GMT
server: Apache/2.4.52 (Ubuntu)
x-amz-cf-pop: FRA6-C1
age: 42569
etag: "1f2c7-6124e150a2780-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 24308
x-amz-cf-id: G3RBHXsOPDIvEwKu1iTQSaYTgDuBtitXTu9zi2yV1mzFkhloXoH9lA==

GET
H2 200 libs.js Show response
app.airbit.com/assets/infinity/js/ 266 KB
266 KB 60ms
45ms Script
text/javascript 2600:9000:2057:7200:15:515:3740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.airbit.com/assets/infinity/js/libs.js?id=0661631378937c491318
Requested by: Host: www.onfootmoney.com
URL: https://www.onfootmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7200:15:515:3740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: d0b350b364a9af4fadce4280eac6748d743fab9cc555cfb90cd4cb096a01435b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 08:15:54 GMT
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
last-modified: Mon, 26 Feb 2024 19:40:30 GMT
server: Apache/2.4.52 (Ubuntu)
x-amz-cf-pop: FRA6-C1
age: 47987
etag: "426d5-6124e150a2780"
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 272085
x-amz-cf-id: TjUwQ4hCE71igRc26atu7illMnm91obFB8IkjOqWIgtTAcRZ7ToMyA==

GET
H2 200 / Show response
js.stripe.com/v3/ 604 KB
168 KB 129ms
38ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: www.onfootmoney.com
URL: https://www.onfootmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1fdae05695fc8be43a88dc97c9a285c87b3f7d7e01f14469dc29c80cfa5e23ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 07 Mar 2024 21:31:00 GMT
via: 1.1 varnish
age: 17
x-cache: HIT
content-length: 171219
x-request-id: a4b6e225-8fb3-4b9c-8d5a-fc9edb034c66
x-served-by: cache-fra-etou8220125-FRA
last-modified: Thu, 07 Mar 2024 18:53:09 GMT
server: Fastly
etag: "24a8cfd3b02982ef80080c91b3954fdd"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 11

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 212ms
95ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3507318516874040

Requested by

Host: www.onfootmoney.com
URL: https://www.onfootmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a2b5374122b3223bb5202ac7c57383d871fc324fe8aa42fbcebf5a2112b7257

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onfootmoney.com/
Origin: https://www.onfootmoney.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:31:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50865
x-xss-protection: 0
server: cafe
etag: 9423789020509272356
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 07 Mar 2024 21:31:00 GMT

GET
H2 200 infinity.js Show response
app.airbit.com/assets/infinity/js/ 7 MB
7 MB 58ms
44ms Script
text/javascript 2600:9000:2057:7200:15:515:3740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.airbit.com/assets/infinity/js/infinity.js?id=2f265fbc10ca141bbbf9
Requested by: Host: www.onfootmoney.com
URL: https://www.onfootmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7200:15:515:3740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 0fce4538c4756f0adda0138119bab69bde5b3a12a60bf550e816a5ea9568d1c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 08:45:56 GMT
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
last-modified: Mon, 26 Feb 2024 19:40:30 GMT
server: Apache/2.4.52 (Ubuntu)
x-amz-cf-pop: FRA6-C1
age: 45972
etag: "74d2f8-6124e150a2780"
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 7656184
x-amz-cf-id: EJTt9iopjmChkXcXsJL2P4v6_cXKZB_l_4apv6zWKQkNaUkNRLb2Bw==

GET
H2 200 css
fonts.googleapis.com/ 3 KB
924 B 135ms
48ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:400,500,600

Requested by

Host: app.airbit.com
URL: https://app.airbit.com/assets/infinity/css/infinity.css?id=db1446c0b8810cc1a5fe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

63d2ed5694f124b34a302287e59fcfa2a02915256d1d74aa6b1064ecacffcba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.airbit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Mar 2024 21:31:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Mar 2024 20:12:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Mar 2024 21:31:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 242 KB
82 KB 180ms
76ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WCVMVPG

Requested by

Host: www.onfootmoney.com
URL: https://www.onfootmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a049e330ff65843859bec4aea005f90863257a1efeff40ff237027c800901ff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:31:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83377
x-xss-protection: 0
last-modified: Thu, 07 Mar 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 07 Mar 2024 21:31:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403050101/ 405 KB
137 KB 173ms
94ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3507318516874040&plah=www.onfootmoney.com&aplac=true&bust=31081641

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3507318516874040

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43c65456d619775be9c5834766d4b3a683b79c256308245515a232f1600f5edc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:31:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140615
x-xss-protection: 0
server: cafe
etag: 13896382704694609257
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 07 Mar 2024 21:31:00 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/ Frame 0025 9 KB
4 KB 125ms
38ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3507318516874040

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onfootmoney.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 51334
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Mar 2024 07:15:26 GMT
etag: 5035419970550746386
expires: Thu, 21 Mar 2024 07:15:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 w.js Show response
static.woopra.com/js/ 37 KB
13 KB 136ms
39ms Script
text/javascript 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.woopra.com/js/w.js
Requested by: Host: www.onfootmoney.com
URL: https://www.onfootmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 99de63f5da432e6e1703320047f01d18d721107a37db27717a0f9060d84e9039

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:31:00 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 34904
x-cache: HIT, HIT
content-length: 13005
x-served-by: cache-iad-kjyo7100129-IAD, cache-fra-etou8220094-FRA
last-modified: Thu, 11 Jan 2024 02:48:03 GMT
server: Apache/2.2.15 (Red Hat)
x-timer: S1709847061.821331,VS0,VE0
etag: "21dbc-9518-60ea29394e59b"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
x-cache-hits: 872, 450

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
80 KB 60ms
58ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7677LB9PML&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCVMVPG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

027f3a466ae915adbfdbda10d134103f424108a966cf12f6bb6e7304e230f0fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:31:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82133
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Mar 2024 21:31:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 125ms
39ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCVMVPG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 07 Mar 2024 19:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6172
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 07 Mar 2024 21:48:08 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 130ms
43ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.onfootmoney.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 09:00:04 GMT
x-content-type-options: nosniff
age: 217857
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Mar 2025 09:00:04 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 138ms
54ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.onfootmoney.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 08:57:38 GMT
x-content-type-options: nosniff
age: 218003
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Mar 2025 08:57:38 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 130ms
47ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.onfootmoney.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:21:35 GMT
x-content-type-options: nosniff
age: 245366
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Mar 2025 01:21:35 GMT

GET
H2 200 f1887b75488599330521603d73f8d7a7.png
cdn.airbit.com/infinity/logos/ 2 KB
3 KB 719ms
566ms Image
image/png 2600:9000:275d:be00:1e:7b69:edc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.airbit.com/infinity/logos/f1887b75488599330521603d73f8d7a7.png
Requested by: Host: www.onfootmoney.com
URL: https://www.onfootmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:be00:1e:7b69:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 328dd08e32c1360c9e87c0ac3c5fe9b2fd0ead59f7d011423f08bc9608d17f3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:31:02 GMT
x-amz-version-id: fzaumhC8cz7j4HthzzL29FfX08IK35hv
via: 1.1 717c15467a10d8501ae3f6716e2421d8.cloudfront.net (CloudFront)
last-modified: Wed, 17 Jan 2024 20:22:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
etag: "c0d26e80cde0c9cdd5b343fd590807c4"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2444
x-amz-cf-id: wc4dQyI_WvoKJVfu-IJbxf3H2NmiFz19aEBTHWhdaJFju6s7v4K1UQ==

GET
H2 200 beats Show response
api.airbit.com/users/649348/ 47 KB
5 KB 393ms
259ms XHR
application/json 2600:9000:236e:a800:1e:a36b:f680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.airbit.com/users/649348/beats?page=1&limit=20&search=&user_id=649348&expand=tags&genre=0&moods=&added=0&order=&tags=&tempo=
Requested by: Host: app.airbit.com
URL: https://app.airbit.com/assets/infinity/js/infinity.js?id=2f265fbc10ca141bbbf9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:a800:1e:a36b:f680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 9d9340ec0a9307ca8c2d4cefec473a56065fa3d826fd5345dee4651ccfcdc804

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.onfootmoney.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:31:01 GMT
content-encoding: gzip
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
content-length: 4478
server: Apache/2.4.52 (Ubuntu)
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-credentials: true
vary: Accept-Encoding,User-Agent
access-control-allow-headers: Origin, Content-Type, Accept, Accept-Encoding, Accept-Language, Authorization, X-Request-With, Cache-Control, Host, X-Requested-With, X-XSRF-TOKEN, X-Authorization, x-socket-id
x-amz-cf-id: sjzlAOCDoUk7Rp_kxMloKch4tf41S4xeS_4G7S1dK5tgFeyzVJIo5A==

GET
H2 200 YB4fJJk.gif
i.imgur.com/ 35 KB
35 KB 147ms
49ms Image
image/gif 146.75.116.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/YB4fJJk.gif

Requested by

Host: www.onfootmoney.com
URL: https://www.onfootmoney.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

c4e97edb4a8980564138ef96147a7ae04fe9472a4eaebb77a0c00e07606b887b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:31:01 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: MIA3-C4
age: 687064
x-cache: Miss from cloudfront, HIT, HIT
content-length: 35421
x-served-by: cache-iad-kjyo7100059-IAD, cache-fra-eddf8230049-FRA
last-modified: Fri, 05 Oct 2018 17:30:09 GMT
server: cat factory 1.0
x-timer: S1709847061.048028,VS0,VE2
etag: "56716558e567a88aacfd3409d9fb0963"
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 2HflmSOUfUv_R1TkZjy_Vb4pMLQtvt8Hkr45yOIaQytC780FR8bLMQ==
x-cache-hits: 110, 1

GET
H2 200 moods Show response
api.airbit.com/users/649348/beats/ 750 B
870 B 329ms
196ms XHR
application/json 2600:9000:236e:a800:1e:a36b:f680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.airbit.com/users/649348/beats/moods
Requested by: Host: app.airbit.com
URL: https://app.airbit.com/assets/infinity/js/infinity.js?id=2f265fbc10ca141bbbf9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:a800:1e:a36b:f680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 89c46e3012d95c10dfb5ce5960d9c0db3e8e60b70712878ec23e0c3a9228b288

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.onfootmoney.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:31:01 GMT
content-encoding: gzip
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
content-length: 271
server: Apache/2.4.52 (Ubuntu)
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-credentials: true
vary: Accept-Encoding,User-Agent
access-control-allow-headers: Origin, Content-Type, Accept, Accept-Encoding, Accept-Language, Authorization, X-Request-With, Cache-Control, Host, X-Requested-With, X-XSRF-TOKEN, X-Authorization, x-socket-id
x-amz-cf-id: a4THPyLSQC9U_v4avZHF45MFJpxO8fmr6C6QHUyzkprhGsxnROZ-Ug==

GET
H2 200 genres Show response
api.airbit.com/users/649348/beats/ 219 B
733 B 328ms
195ms XHR
application/json 2600:9000:236e:a800:1e:a36b:f680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.airbit.com/users/649348/beats/genres
Requested by: Host: app.airbit.com
URL: https://app.airbit.com/assets/infinity/js/infinity.js?id=2f265fbc10ca141bbbf9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:a800:1e:a36b:f680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 1431b3548cbf354d3f873a9424219256df242f198520f0f26b5ed6d93663d2b5

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.onfootmoney.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:31:01 GMT
content-encoding: gzip
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
content-length: 133
server: Apache/2.4.52 (Ubuntu)
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-credentials: true
vary: Accept-Encoding,User-Agent
access-control-allow-headers: Origin, Content-Type, Accept, Accept-Encoding, Accept-Language, Authorization, X-Request-With, Cache-Control, Host, X-Requested-With, X-XSRF-TOKEN, X-Authorization, x-socket-id
x-amz-cf-id: C8GMp-Zg3AmpIqQpMkVx6CCVr1vbJ4BbHp5G1q7PAVaAEpRNfKpCbA==

GET
H2 200 short Show response
api.airbit.com/url/ 35 B
653 B 330ms
197ms XHR
application/json 2600:9000:236e:a800:1e:a36b:f680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.airbit.com/url/short?url=https:%2F%2Fonfootmoney.com
Requested by: Host: app.airbit.com
URL: https://app.airbit.com/assets/infinity/js/infinity.js?id=2f265fbc10ca141bbbf9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:a800:1e:a36b:f680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: b1480bef9fe96acaec4e731f183058172f0776e30632cf9cb69687159b99fdf9

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.onfootmoney.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:31:01 GMT
content-encoding: gzip
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
content-length: 55
server: Apache/2.4.52 (Ubuntu)
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-credentials: true
vary: Accept-Encoding,User-Agent
access-control-allow-headers: Origin, Content-Type, Accept, Accept-Encoding, Accept-Language, Authorization, X-Request-With, Cache-Control, Host, X-Requested-With, X-XSRF-TOKEN, X-Authorization, x-socket-id
x-amz-cf-id: SaJL49WsM9D5oI5iuMZWBS73w2z2NfRFUvaA3HXRK2GkZsjM2wHFRQ==

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame 95F0 200 B
840 B 40ms
39ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onfootmoney.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 236944
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 07 Mar 2024 21:31:01 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 106484
x-content-type-options: nosniff
x-request-id: 0c380588-c574-40c6-a703-5fcb3d85e417
x-served-by: cache-fra-etou8220125-FRA

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
162 B 46ms
46ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=287983161&t=pageview&_s=1&dl=https%3A%2F%2Fwww.onfootmoney.com%2F&ul=en-us&de=UTF-8&dt=ONFOOTMONEY!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=159044192&gjid=1047078732&cid=842547452.1709847061&tid=UA-91807727-5&_gid=1066782967.1709847061&_r=1&_slc=1&gtm=45He4340n81WCVMVPGv855502565za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1965120030

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

29afa58720911c7789dce468d2903946b32d24a75b13a8a39209d6f7617ec4c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onfootmoney.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Mar 2024 21:31:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.onfootmoney.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 39ms
39ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=287983161&t=pageview&_s=1&dl=https%3A%2F%2Fwww.onfootmoney.com%2F&ul=en-us&de=UTF-8&dt=ONFOOTMONEY!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=&gjid=&cid=842547452.1709847061&tid=UA-91807727-5&_gid=1066782967.1709847061&gtm=45He4340n81WCVMVPGv855502565za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=651977175

Requested by

Host: www.onfootmoney.com
URL: https://www.onfootmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Mar 2024 09:00:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45006
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 136ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7677LB9PML&gtm=45je4340v9117446483z8855502565za200&_p=1709847060390&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=842547452.1709847061&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&dt=ONFOOTMONEY!&dl=https%3A%2F%2Fwww.onfootmoney.com%2F&dp=%2F&sid=1709847061&sct=1&seg=0&en=page_view&_fv=1&_ss=1&tfd=2204
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7677LB9PML&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Mar 2024 21:31:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.onfootmoney.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A40E 603 B
112 B 205ms
205ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3507318516874040&output=html&adk=1812271804&adf=3025194257&lmt=1709847061&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x810_r&format=0x0&url=https%3A%2F%2Fwww.onfootmoney.com%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709847060654&bpp=1&bdt=636&idt=502&shv=r20240306&mjsv=m202403050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1828053859014&frm=20&pv=2&ga_vid=842547452.1709847061&ga_sid=1709847061&ga_hid=287983161&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95325752%2C31081641%2C95320377%2C95321865%2C95324161%2C95325785%2C95326431%2C95326920&oid=2&pvsid=4136832470353738&tmod=264786366&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=517

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3507318516874040&plah=www.onfootmoney.com&aplac=true&bust=31081641

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onfootmoney.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Mar 2024 21:31:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 70ms
70ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=app-player%20player-wrapper%20bg-mid-grey%20open&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: www.onfootmoney.com
URL: https://www.onfootmoney.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Mar 2024 21:31:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 70ms
70ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&id=top-navbar&cls=top-menu%20navbar&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.onfootmoney.com
URL: https://www.onfootmoney.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Mar 2024 21:31:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.woopra.com/track/ce/ 0
160 B 391ms
108ms Script
text/javascript 162.55.95.216
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.woopra.com/track/ce/?project=airbit.com&instance=woopra&meta=&screen=1600x1200&language=en-US&app=js-client&referer=&cookie=5zPX5VTR0SPh&event=pv&timeout=600000&idptnc=cM978Uf4HI2i&ce_url=%2F&ce_title=Infinity%20Store%20-%20Onfootmoney%20%7C%20Homepage&ce_pageTitle=ONFOOTMONEY!&ce_domain=www.onfootmoney.com&ce_uri=https%3A%2F%2Fwww.onfootmoney.com%2F&ce_scroll%20depth=1&ce_returning=false
Requested by: Host: static.woopra.com
URL: https://static.woopra.com/js/w.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.95.216 Bergen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.216.95.55.162.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 07 Mar 2024 21:31:01 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
content-type: text/javascript; charset=utf-8

GET
H2 200 / Show response
www.woopra.com/track/ce/ 0
161 B 386ms
103ms Script
text/javascript 162.55.95.216
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.woopra.com/track/ce/?project=airbit.com&instance=woopra&meta=&screen=1600x1200&language=en-US&app=js-client&referer=&cookie=5zPX5VTR0SPh&event=pv&timeout=600000&idptnc=QMgxoustdQlj&ce_url=%2F&ce_title=Infinity%20Store%20-%20Onfootmoney%20%7C%20Homepage&ce_pageTitle=ONFOOTMONEY!&ce_domain=www.onfootmoney.com&ce_uri=https%3A%2F%2Fwww.onfootmoney.com%2F&ce_scroll%20depth=1&ce_returning=false
Requested by: Host: static.woopra.com
URL: https://static.woopra.com/js/w.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.95.216 Bergen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.216.95.55.162.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 07 Mar 2024 21:31:01 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
content-type: text/javascript; charset=utf-8

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 95F0 526 B
449 B 39ms
39ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 07 Mar 2024 21:31:01 GMT
via: 1.1 varnish
age: 236943
x-cache: HIT
content-length: 315
x-request-id: eb0cb727-5faa-4325-9ff4-65c537173059
x-served-by: cache-fra-etou8220125-FRA
last-modified: Fri, 11 Nov 2022 20:25:36 GMT
server: Fastly
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 101740

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
82 KB 58ms
57ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7677LB9PML&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6386d001939f7a7fcef69cd431a54b74f117a31c1951c97d1071633f1b88eaaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:31:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83944
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Mar 2024 21:31:01 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 4E87 930 B
2 KB 123ms
41ms Document
text/html 2600:9000:25e8:fa00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25e8:fa00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 130
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 07 Mar 2024 21:28:52 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 316c3f6f9514dc45c45cd1b2385757cc.cloudfront.net (CloudFront)
x-amz-cf-id: VN-d_TaqnklO3vy_AK70NjhltuqQWhSOVBxcsCUdh675_n1EY-nXAw==
x-amz-cf-pop: AMS1-P3
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 0627e2f68e4470316e9b42667fd309b6@300x.jpg
cdn.airbit.com/artwork/ 16 KB
17 KB 468ms
468ms Image
image/jpeg 2600:9000:275d:be00:1e:7b69:edc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.airbit.com/artwork/0627e2f68e4470316e9b42667fd309b6@300x.jpg
Requested by: Host: www.onfootmoney.com
URL: https://www.onfootmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:be00:1e:7b69:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2f972159abe74120b98b4d695de27df3d8418bd96d6629bd49ab3a7efb6eb091

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:31:02 GMT
x-amz-version-id: RjUdE9xEMrfW4Ipf6Rcygi8onAaG_Die
via: 1.1 717c15467a10d8501ae3f6716e2421d8.cloudfront.net (CloudFront)
last-modified: Sun, 03 Mar 2024 15:36:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
etag: "115668e3d630175f1de750f4166ef210"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 16512
x-amz-cf-id: 6xnhOKU9mBrelNQ6sdsIsIGZG0REaVeVuL4ouYcwO2OiDVh-JbQ2cw==

GET
H2 200 fb6ff3df2f2a9dd473af42b43773003d@300x.jpg
cdn.airbit.com/artwork/ 7 KB
8 KB 47ms
47ms Image
image/jpeg 2600:9000:275d:be00:1e:7b69:edc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.airbit.com/artwork/fb6ff3df2f2a9dd473af42b43773003d@300x.jpg
Requested by: Host: www.onfootmoney.com
URL: https://www.onfootmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:be00:1e:7b69:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 319d8e4ef337452006e10b4f33c66e775975d0d31772ae1a1b5c35acbecba2a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 12:21:21 GMT
x-amz-version-id: KsryX.E6Q.ZEFKtSf7HjwVybFUSlFa8T
via: 1.1 717c15467a10d8501ae3f6716e2421d8.cloudfront.net (CloudFront)
last-modified: Wed, 28 Feb 2024 12:00:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 724181
etag: "eef732281705c0cea038f7d9e1d90193"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 7494
x-amz-cf-id: vJHqP0YOwfxxYqbFCYWHbWjtkaCAmk92v6sZGrXMZxltBc5K75eOsw==

GET
H2 200 6f4bc2355d8d7660bb95f595b6289242@300x.jpg
cdn.airbit.com/artwork/ 12 KB
12 KB 478ms
478ms Image
image/jpeg 2600:9000:275d:be00:1e:7b69:edc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.airbit.com/artwork/6f4bc2355d8d7660bb95f595b6289242@300x.jpg
Requested by: Host: www.onfootmoney.com
URL: https://www.onfootmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:be00:1e:7b69:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a7236d0e8fbfe97b2972a79e602510d5fa7f29aa3a8d3027417df95c2f22e791

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:31:02 GMT
x-amz-version-id: DQq0sWAs17pOMr97HpUA7bKjeAlamm4T
via: 1.1 717c15467a10d8501ae3f6716e2421d8.cloudfront.net (CloudFront)
last-modified: Sun, 25 Feb 2024 23:14:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
etag: "f4555d52f2888a669b17b43240f59aa5"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 11944
x-amz-cf-id: x36oI2z9G5-GUjfzhQ9oK7UK_v7RkGxLfgHOX_-0rr9x9W4DVoZsbQ==

GET
H2 200 f456989642179e4323c288df71ed3928@300x.jpg
cdn.airbit.com/artwork/ 11 KB
11 KB 525ms
525ms Image
image/jpeg 2600:9000:275d:be00:1e:7b69:edc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.airbit.com/artwork/f456989642179e4323c288df71ed3928@300x.jpg
Requested by: Host: www.onfootmoney.com
URL: https://www.onfootmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:be00:1e:7b69:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e78dc064a4075486a47b498b89f70115c95c8885086a0d286143f631a3f367c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:31:02 GMT
x-amz-version-id: ppa9WxNk8.CUVfB7GAF71D_GRVbcdrx_
via: 1.1 717c15467a10d8501ae3f6716e2421d8.cloudfront.net (CloudFront)
last-modified: Sun, 25 Feb 2024 00:36:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
etag: "229b0c2dd7ba4d7db5938a3257f2c6a8"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 11159
x-amz-cf-id: IsQst2kchJGQXaXSnrsdjgUupeDbxLoZ7T5f44H8u83EA2MH5y3TNg==

GET
H2 200 92fe4328fa246e3427b58ce9155ab52e@300x.jpg
cdn.airbit.com/artwork/ 14 KB
15 KB 505ms
505ms Image
image/jpeg 2600:9000:275d:be00:1e:7b69:edc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.airbit.com/artwork/92fe4328fa246e3427b58ce9155ab52e@300x.jpg
Requested by: Host: www.onfootmoney.com
URL: https://www.onfootmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:be00:1e:7b69:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 77dc3afe9d08b83592bfa106196785a4b9da8ea6de0c3c3eae91363a7071e1b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:31:02 GMT
x-amz-version-id: BSQQrUh_GL3XxGZ_xILYFO2.2oKN8gPN
via: 1.1 717c15467a10d8501ae3f6716e2421d8.cloudfront.net (CloudFront)
last-modified: Sat, 24 Feb 2024 23:32:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
etag: "ff7c395854f9001a5d11240a8a30dc52"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 14770
x-amz-cf-id: cujXgKp2MCTkTX3vyJtwMVTy001R6Sz2vlAmpz-9sceECeq6HRCAXw==

GET
H2 200 38b216b0106193359ad5189810ba7551@300x.jpg
cdn.airbit.com/artwork/ 14 KB
14 KB 519ms
519ms Image
image/jpeg 2600:9000:275d:be00:1e:7b69:edc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.airbit.com/artwork/38b216b0106193359ad5189810ba7551@300x.jpg
Requested by: Host: www.onfootmoney.com
URL: https://www.onfootmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:be00:1e:7b69:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 374fd394d388264a8f2ae3205ba83eb3bc78aa11b01a3609a0190dceed13d9d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:31:02 GMT
x-amz-version-id: RGs2Wcel7l6TAyf8ase6Metf_avJ5lee
via: 1.1 717c15467a10d8501ae3f6716e2421d8.cloudfront.net (CloudFront)
last-modified: Sat, 24 Feb 2024 20:00:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
etag: "10a011690d854abd1134327ccca689fc"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 14107
x-amz-cf-id: zHBAytRgk2LJKJ3IhyFF-VZnftNQp7oyQsDXknVaAT8D1m_xuBfp2Q==

GET
H2 200 7b035c4dd67d2186b30f8dc16693f97f@300x.jpg
cdn.airbit.com/artwork/ 11 KB
12 KB 575ms
575ms Image
image/jpeg 2600:9000:275d:be00:1e:7b69:edc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.airbit.com/artwork/7b035c4dd67d2186b30f8dc16693f97f@300x.jpg
Requested by: Host: www.onfootmoney.com
URL: https://www.onfootmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:be00:1e:7b69:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 17c8270099242c6fbe85227f87402258ff4403c7ae976b91aa2298f7f1256938

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:31:02 GMT
x-amz-version-id: s5XwzBvp9w0GZ3Hpj_hmylRtJSAG415Q
via: 1.1 717c15467a10d8501ae3f6716e2421d8.cloudfront.net (CloudFront)
last-modified: Thu, 22 Feb 2024 15:19:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
etag: "d0e8adf6807d81f3b286735e33135432"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 11573
x-amz-cf-id: w3qcH_QwaBsJlAncgTxW_CHaN7Jc7KnqFDK7GmEB3yzsTiW62lhXDA==

GET
H2 200 7e06f8620b12658bdaaf3b25ac65a804@300x.jpg
cdn.airbit.com/artwork/ 11 KB
11 KB 559ms
559ms Image
image/jpeg 2600:9000:275d:be00:1e:7b69:edc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.airbit.com/artwork/7e06f8620b12658bdaaf3b25ac65a804@300x.jpg
Requested by: Host: www.onfootmoney.com
URL: https://www.onfootmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:be00:1e:7b69:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9c522058abbf12e3b488eca97899a5511d5a146797104c8fc0f566ab69dff92f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:31:02 GMT
x-amz-version-id: pv5._XvRIgHtbmssT2zwfCad3JU0QG1t
via: 1.1 717c15467a10d8501ae3f6716e2421d8.cloudfront.net (CloudFront)
last-modified: Sat, 17 Feb 2024 22:18:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
etag: "515bbce70a9294161763e0c65ceef8ac"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 11307
x-amz-cf-id: BTWfuzX8VIVmiX089vuAGQJGd0BDu4kZYSvPfVF_7ndwv5IzDKbuhA==

GET
H2 200 bdf498c9c76a81f49524c5a1f450ccc9@300x.jpg
cdn.airbit.com/artwork/ 16 KB
16 KB 512ms
512ms Image
image/jpeg 2600:9000:275d:be00:1e:7b69:edc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.airbit.com/artwork/bdf498c9c76a81f49524c5a1f450ccc9@300x.jpg
Requested by: Host: www.onfootmoney.com
URL: https://www.onfootmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:be00:1e:7b69:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e762c7e3115074ee51ab2fefd0e61c0b1b6d92219297e34428057963e624f776

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:31:02 GMT
x-amz-version-id: T1pONqoV1z9mJJPcgk2NF971g68M3fcb
via: 1.1 717c15467a10d8501ae3f6716e2421d8.cloudfront.net (CloudFront)
last-modified: Sat, 17 Feb 2024 04:27:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
etag: "b6c43c967a8f2ad1ce29c5ee18fcaef6"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 16316
x-amz-cf-id: D6hiY66Te1xX7hGmu-lWCEtPLsN9G522L1JWacoj6HjWEW8GWpmSdA==

GET
H2 200 f7d512b06f729e8eae5e59319b16a9c5@300x.jpg
cdn.airbit.com/artwork/ 11 KB
12 KB 529ms
529ms Image
image/jpeg 2600:9000:275d:be00:1e:7b69:edc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.airbit.com/artwork/f7d512b06f729e8eae5e59319b16a9c5@300x.jpg
Requested by: Host: www.onfootmoney.com
URL: https://www.onfootmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:be00:1e:7b69:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b655fabf9febb21b7c17d92a0a693f07f412bb86643a02941d57604f0fee469

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:31:02 GMT
x-amz-version-id: aqHZ641uw5u.BSuwNpDBUwYN.emUbHdl
via: 1.1 717c15467a10d8501ae3f6716e2421d8.cloudfront.net (CloudFront)
last-modified: Fri, 16 Feb 2024 01:29:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
etag: "8a25236b46386d709ce018fa8c3cf533"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 11687
x-amz-cf-id: pCP9idywSpLibCpf-Pe-ZFyRnFj0RlKokd_iPpIlH3gAYb7xI5E_eQ==

GET
H2 200 a2fbed83ffb2e73590a9ca8c0d2871e2@300x.jpg
cdn.airbit.com/artwork/ 14 KB
15 KB 544ms
543ms Image
image/jpeg 2600:9000:275d:be00:1e:7b69:edc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.airbit.com/artwork/a2fbed83ffb2e73590a9ca8c0d2871e2@300x.jpg
Requested by: Host: www.onfootmoney.com
URL: https://www.onfootmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:be00:1e:7b69:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0424cac8e707a96b40c39486a5d8fffb929510088a68f4c60218bc293b62ae8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:31:02 GMT
x-amz-version-id: 8p9eMxhdL98XyIpjTDn6Www7qhE9060W
via: 1.1 717c15467a10d8501ae3f6716e2421d8.cloudfront.net (CloudFront)
last-modified: Thu, 15 Feb 2024 13:31:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
etag: "8136599c67456adb090344d5f171d6dd"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 14686
x-amz-cf-id: gjEgC_dTsUJn7CAhV63j_eebksPVnSAKVGxLBBn2dzwJscMOLL-rmQ==

GET
H2 200 41560913ef19246b63bb5daabe2b4507@300x.jpg
cdn.airbit.com/artwork/ 10 KB
10 KB 560ms
560ms Image
image/jpeg 2600:9000:275d:be00:1e:7b69:edc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.airbit.com/artwork/41560913ef19246b63bb5daabe2b4507@300x.jpg
Requested by: Host: www.onfootmoney.com
URL: https://www.onfootmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:be00:1e:7b69:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6529bc3edc8e901642d8403af879ef48da7b07ff7efc0e63798705898f6e2a27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:31:02 GMT
x-amz-version-id: vtI28Ql9rpxIWvYOV0vvkpBHHdoCxI.9
via: 1.1 717c15467a10d8501ae3f6716e2421d8.cloudfront.net (CloudFront)
last-modified: Sun, 28 Jan 2024 17:19:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
etag: "4789568701ae5d0e0c50e1502fd7aacb"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 9883
x-amz-cf-id: z9GnuNAMVfzoMaazJ_wKwPx-rHI1HJ2KL5GkjRnDOzNufoEVN_3Atg==

GET
H2 200 0b1e5e46ceaf100205367a1606ed2894@300x.jpg
cdn.airbit.com/artwork/ 18 KB
18 KB 620ms
620ms Image
image/jpeg 2600:9000:275d:be00:1e:7b69:edc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.airbit.com/artwork/0b1e5e46ceaf100205367a1606ed2894@300x.jpg
Requested by: Host: www.onfootmoney.com
URL: https://www.onfootmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:be00:1e:7b69:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 41b779f5b794ce931f06c8755b186cb8e6eed89d12e37d7b2d4a70a7987b5f6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:31:02 GMT
x-amz-version-id: JpoMFUSfU8VgGpl17IDL6BdUiiEd7_XT
via: 1.1 717c15467a10d8501ae3f6716e2421d8.cloudfront.net (CloudFront)
last-modified: Wed, 24 Jan 2024 02:22:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
etag: "108594cbef12fb312a867544dc9353b0"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 18485
x-amz-cf-id: tpA449wPFyx42JYi-x2Dj5Ka3PLrbpTRdNcoLL6UdlYnvNrC3B3ROQ==

GET
H2 200 72333c4d2989a66efe52e15f82c08360@300x.jpg
cdn.airbit.com/artwork/ 8 KB
8 KB 575ms
575ms Image
image/jpeg 2600:9000:275d:be00:1e:7b69:edc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.airbit.com/artwork/72333c4d2989a66efe52e15f82c08360@300x.jpg
Requested by: Host: www.onfootmoney.com
URL: https://www.onfootmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:be00:1e:7b69:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b644e4d56b42fe4f33bfa1ce16a44c1e02de6c9c863e67c94f46db3f10aa5133

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:31:02 GMT
x-amz-version-id: tiPmk5OT6F8QjptvI6.zrzZKrfYEISUg
via: 1.1 717c15467a10d8501ae3f6716e2421d8.cloudfront.net (CloudFront)
last-modified: Wed, 17 Jan 2024 20:01:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
etag: "1f674321f4925dce5c878fcd8d108689"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 7697
x-amz-cf-id: OUNDYmOzuLz8RSv1Jjy_8_pUOug66PIhiBrBC8CtKp3QoWW9SZ3GvA==

GET
H2 200 eb6bbb87b69703442eb688c4e7d2795f@300x.jpg
cdn.airbit.com/artwork/ 12 KB
13 KB 570ms
570ms Image
image/jpeg 2600:9000:275d:be00:1e:7b69:edc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.airbit.com/artwork/eb6bbb87b69703442eb688c4e7d2795f@300x.jpg
Requested by: Host: www.onfootmoney.com
URL: https://www.onfootmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:be00:1e:7b69:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3d2aceaca5334a00a9a439dc5ea48d63e621beead9d26f04f4e7e37ad2389578

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:31:02 GMT
x-amz-version-id: mX5TxS8SGaIw8I788ocFNjq4w8a3qplp
via: 1.1 717c15467a10d8501ae3f6716e2421d8.cloudfront.net (CloudFront)
last-modified: Sat, 13 Jan 2024 23:10:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
etag: "d35941fce552c6da1f86f994d632feeb"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 12782
x-amz-cf-id: u57NLednF4pTt21fQenkwvA_YEPcZo2xIrGilbZD3OM2FtjCBckh5w==

GET
H2 200 df4b33df999479ea8ffda8ca492fff16@300x.jpg
cdn.airbit.com/artwork/ 9 KB
9 KB 548ms
548ms Image
image/jpeg 2600:9000:275d:be00:1e:7b69:edc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.airbit.com/artwork/df4b33df999479ea8ffda8ca492fff16@300x.jpg
Requested by: Host: www.onfootmoney.com
URL: https://www.onfootmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:be00:1e:7b69:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 574de0b374ee4b3fe43932788222de0eb7426e15cfdce8d7ac53c8bb39e10994

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:31:02 GMT
x-amz-version-id: crX89TqPDNg4f6Iy0prT.uuzyIp9HGu2
via: 1.1 717c15467a10d8501ae3f6716e2421d8.cloudfront.net (CloudFront)
last-modified: Sun, 07 Jan 2024 23:18:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
etag: "f725c2503a09b0728c5676a02c481bb6"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 8761
x-amz-cf-id: dUKTJsfD76gvkuIAwsT_s-4rumo8XlT1cOXdAMh_Nt0uAu9331Iueg==

GET
H2 200 00dfbb56ff2b37241319c08cb787ff23@300x.jpg
cdn.airbit.com/artwork/ 11 KB
12 KB 565ms
565ms Image
image/jpeg 2600:9000:275d:be00:1e:7b69:edc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.airbit.com/artwork/00dfbb56ff2b37241319c08cb787ff23@300x.jpg
Requested by: Host: www.onfootmoney.com
URL: https://www.onfootmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:be00:1e:7b69:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e523e06c0417435deb86e875bbb2b6cbbb825bcb1d122912b2dbc8971394283e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:31:02 GMT
x-amz-version-id: ThjYjUyU8Wrl9Ii1o3YbWb_Zu1WanGo8
via: 1.1 717c15467a10d8501ae3f6716e2421d8.cloudfront.net (CloudFront)
last-modified: Thu, 04 Jan 2024 18:06:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
etag: "393d1a88218b0981f9e38a2273f53ca0"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 11544
x-amz-cf-id: 91bKI5VHitzBpIV5RovLPGqQrhq-jJ-an9UubUlGymJRAjcqdhY6wQ==

GET
H2 200 268b5d7378d5779bf42c0ab2cb2471ba@300x.jpg
cdn.airbit.com/artwork/ 13 KB
14 KB 563ms
562ms Image
image/jpeg 2600:9000:275d:be00:1e:7b69:edc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.airbit.com/artwork/268b5d7378d5779bf42c0ab2cb2471ba@300x.jpg
Requested by: Host: www.onfootmoney.com
URL: https://www.onfootmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:be00:1e:7b69:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 26749066e30d4773f68a0bb9d8242d7e3a6fe020c6d8fb76af9877981b8d3159

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:31:02 GMT
x-amz-version-id: lvlHn.KHnUIWmcQAJTip7zKuAbAnM9SF
via: 1.1 717c15467a10d8501ae3f6716e2421d8.cloudfront.net (CloudFront)
last-modified: Tue, 02 Jan 2024 00:31:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
etag: "8faa3299452f2d75be6277f53a446c21"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 13533
x-amz-cf-id: sMthtOA_hLc7fkeqzru8FhcNbKbLDGoBcJUvTejskyaYhTjRrIsK5g==

GET
H2 200 6f468484707bc484805d290a8e2f3688@300x.jpg
cdn.airbit.com/artwork/ 9 KB
9 KB 96ms
95ms Image
image/jpeg 2600:9000:275d:be00:1e:7b69:edc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.airbit.com/artwork/6f468484707bc484805d290a8e2f3688@300x.jpg
Requested by: Host: www.onfootmoney.com
URL: https://www.onfootmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:be00:1e:7b69:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87b732b4969c8e1046bb71f568d45b3e6548ad6952ad0df112a304ef2c5b7b21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 15:32:34 GMT
x-amz-version-id: BISGLGgXMKlrnLJnZuPbSWir8nbSRav8
via: 1.1 717c15467a10d8501ae3f6716e2421d8.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 02:50:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 194308
etag: "d37821782f66b47a157d7d9477e7e277"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 9043
x-amz-cf-id: morB5Ue0PYmeK-HdMqvqYfy6-5AUs6-JRfCteaRk5tvjJcP33Qhi6A==

GET
H2 200 41879f0082ed786940c81fda82f431dd@300x.jpg
cdn.airbit.com/artwork/ 12 KB
12 KB 552ms
552ms Image
image/jpeg 2600:9000:275d:be00:1e:7b69:edc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.airbit.com/artwork/41879f0082ed786940c81fda82f431dd@300x.jpg
Requested by: Host: www.onfootmoney.com
URL: https://www.onfootmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:be00:1e:7b69:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 969ed10467b4c896fd041a1f0018d35c8cc8fa68e223e30e5d2c9329a138416c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:31:02 GMT
x-amz-version-id: kUqBcXLvDv1fwcLQyJPFbHGxYGLrA.u4
via: 1.1 717c15467a10d8501ae3f6716e2421d8.cloudfront.net (CloudFront)
last-modified: Wed, 27 Dec 2023 15:15:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
etag: "32f5c78136af61ca663f609f95efc609"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 11979
x-amz-cf-id: 5Jfqy28TZlOXIDGw8qPigxLVhqVF_sgja1E-Hg_qVZcR8Uls-sLSww==

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 4E87 87 KB
15 KB 54ms
54ms Script
text/javascript 2600:9000:25e8:fa00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25e8:fa00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:28:20 GMT
content-encoding: br
via: 1.1 316c3f6f9514dc45c45cd1b2385757cc.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
age: 162
x-content-type-options: nosniff
etag: W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop: AMS1-P3
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: OwuBo0jzoFe-adpw5qHS1jGsXx2Ltqkem7YY1ICHLC9FZKYA4z2riw==

POST
H2 200 6 Show response
m.stripe.com/ Frame 4E87 156 B
668 B 650ms
235ms XHR
application/json 44.236.167.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.236.167.79 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-236-167-79.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

51eacbc783434b864b1ae15dd0f140ad979b2a5ba157b800e1bc7412d78b86b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Thu, 07 Mar 2024 21:31:02 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1709847062009902
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1709847062009663
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 85ms
84ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240306&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

067754b1cf2b64dc52bbd3f3f4a84d8d179ca524cb56dfeb1b6ee0649ae62ec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12238
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 228ms
129ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:31:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 21:31:02 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 138D 13 KB
5 KB 41ms
39ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onfootmoney.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2907
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Mar 2024 20:42:35 GMT
expires: Fri, 07 Mar 2025 20:42:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6C65 829 B
1 KB 140ms
49ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

906f8466d38b64dcd737357d047d023c84849b3b8f3d0c1adc4e4b03f6c64f9d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-votAlAvTYw3zWY2y76f5bg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onfootmoney.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-votAlAvTYw3zWY2y76f5bg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 07 Mar 2024 21:31:02 GMT
expires: Thu, 07 Mar 2024 21:31:02 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js Show response
pagead2.googlesyndication.com/bg/ Frame 138D 39 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 20:42:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15541
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Mar 2025 20:42:35 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 138D 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?wUDHEA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 21:31:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6C65 0
0 70ms
70ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240306&jk=4136832470353738&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 219ms
219ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240306&jk=4136832470353738&bg=!k5ClkN_NAAZsmiNCTJo7ADQBe5WfOHQ3gDKS4BV32CC0BnM8FKtVB2PNBcFAPoImX-GLtoKKp0wPem_jJXZ3D-pV8BDMAgAAAChSAAAAAWgBBwoAyF-qXgBXdG1lv5d2IdzMPPvVnlqttE2tYFw1E3pc4YRyFy67rRS1EkXbrrtENlW9R4Q_1HhEOLXF4UbEKcP3mD7rGbNDI_1wxLtWtTBEU_pKahwNHapqPS7JYAImkhm-eG5qFOoNIBRKNtZ-JFwlmUMGrMmErrG5TlNzBco6bKuktNyeogCSc4EGqFGTWHDr9wfhS1XEQirCIujBgzNjoCHLc0xOrD8StCkiTRJfI1FZs73APSzeg92Ean8bYc4GYC5-piRvcgf1mQLAGnenpRd27KQFknFkEI3BxxqVkh044lapk_2yu4IQwnJbu0sOVh5tclJPvSUwgAWd3LEp4FlzcyBMsiUdJqQ3Ttu0Fhby4meVQ2e1EdGVTbZXsosHxiieXNWGwj47m6Nk-Y_tHU0GNs-dakR_vdEiDooGQGAIQrUXFjMiE1wmYkUkNXfJwl6OSMiNnFbv2BdY9Gh4RVotf2DhFD4lmAaLfGNY2Rt4oi-s__ymPgwuHASXbD01NUD27kqZ4EiYgLf57Tdu5Z4Zsac-h9bIsjAoylc91K8YQYTbZ4sS8ztvwS0IVGv4U7WOdB7Dxoxlahm-hdXZpWV2l2n2TXOnevsnaIruLH_e2zhO0itK2ybNqzOeJAEY1x7fPuq__MP_-F0kOwW6SBDfyCy8D5NpvT_S7s_QkyeXTmU6CbTN3I5JMiJKF2rd7u4d6sneuA-mQA5M_QhpVWpjARMHTc3-DtHNJkF8S4t5MW2sXlwv2g3PD2JMcMh-OdJtIdXpzME2EuCJ2Cm1QozOF4eGfT_TRLMfEOel_pa6mNxruUZSdCMcwGrTcOTJsm0TYdCPFK7bx70Wl62Ade7FyJ_aj8rA-WjkB0vJSSddvJ11w-sHr_QOYCQIbnitsBKUvoXSbogswZXNf7iSu0mFs41TME2A68f14F9_3ib-Mv_MzVzlEFs9Vne9mGu3UAkzQXHjcbqRLY_0scBh2OEYg9alt__cgH0Y9x8QQ7qJXYsubirJXGUNhJvFMZKtgLs4QeJzw7UixBu5cRu6r_6Ma5c0pOZGRHH7d8Lvq7viYvuDD7ae629u_w7Ao0j5IU7OeRw8pQ-PVVrzOaCaeZWwtqIji-VN_mv0D1K0-I9aVj2XuJfo5IsA_UQJ-M4z_FYMC8j8PmdjuOotXkw4vI6zXehQlevZWsBJVd0L-t3OZVkje1WPu0VjttY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onfootmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.onfootmoney.com/	1970-01-20 19:01:46	Name: XSRF-TOKEN Value: eyJpdiI6ImFqY1RtWkhsdjJoUkZ1T3lta3ZQRVE9PSIsInZhbHVlIjoiNmJpUU02c2tvYzc0WUJNS3kwKzJFbzMrTkxZSlVDd3djYXlpazJ6SU55TGcvL0ZrZEdPd081bWpraXZyYVJRMC9XWnFaaWNoaDRvSWhwbnUxQnNaSTlkb3ZTTUlzVDRDTDhsSjN3L0dhS0RwZGRMZXd3dzlGVEFtTnVoVDRWZFYiLCJtYWMiOiI3MTlmOWU2YmZhNTA0ZGVkYmE5NWVjNWE1ZWRkYjU1NTNiOGQwODc2ZGZkN2FkZDE1NjkzOTFiOWM0M2Y4MmY0IiwidGFnIjoiIn0%3D
.onfootmoney.com/	1970-01-21 04:33:27	Name: cart_id Value: eyJpdiI6IlRBWE1CUktrWGxHNk5kUU83OGxHZmc9PSIsInZhbHVlIjoiNU9XMisxcHhQbTZtSHJRYVNEWEpZYlc3UFRTN3B3V0VuakpSb2N6cVZHV2dqWlc2VnFUR0llRGFiNkVsUzkwc1VSS3lKcTlWdHJmVlFKazAxNHdJTExRZ0c0MnlwVlBmazhFbnNwdG5nNFE9IiwibWFjIjoiOTE4NDY0Y2UzMmIxNjY4MDgyMjAwZjJkYzgzZDU2ZTdhN2Q1ZDQ4ZjQwNGI1OWVjMzIzNzM3OTI4MzdmMWZjNiIsInRhZyI6IiJ9
.onfootmoney.com/	1970-01-20 19:01:46	Name: airbit_session Value: eyJpdiI6InhGZmlKcEhsc052QzIzUEJJdm1OQVE9PSIsInZhbHVlIjoiUjBQK0ZoUUlQek1KT0x0UzRCNW5zRGVtYks1RXVKalJGTmZac1pZenRjQ2pURVdaNnRBMXhSY0pWQm90RHdXSnRFUDFnUHN5Y3c5OHNUUGJnWEZuU29vdmpuL2o2K1FYZlVZbzV5dE4wcUdhNlNiaG1BcTlLKzBZcE5FOHkyTTMiLCJtYWMiOiI1ZWNiYjY0NjhjYTZkMGYyNGUzMzUwMDk5ODg1YWE1MDNkNDY0ZWQ4ZmIxY2I1NGM5MTZhMDA5NmE3ZGMyZGEwIiwidGFnIjoiIn0%3D
.onfootmoney.com/	1970-01-20 18:58:53	Name: _gid Value: GA1.2.1066782967.1709847061
.onfootmoney.com/	1970-01-20 18:57:27	Name: _gat_UA-91807727-5 Value: 1
.onfootmoney.com/	1970-01-21 04:33:27	Name: _ga_7677LB9PML Value: GS1.1.1709847061.1.0.1709847061.0.0.0
.onfootmoney.com/	1970-01-21 04:33:27	Name: _ga Value: GA1.1.842547452.1709847061
m.stripe.com/	1970-01-21 04:33:27	Name: m Value: 1572e5d9-c7c6-4ecc-8ed8-980d89e7bde9698616
.www.onfootmoney.com/	1970-01-21 03:43:03	Name: __stripe_mid Value: e5cf5acb-42ec-438d-9085-4f229cd11c3709d837
.www.onfootmoney.com/	1970-01-20 18:57:28	Name: __stripe_sid Value: 81199b4b-600b-4be3-88a1-c74a3abf8cd1c9e4d9

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.onfootmoney.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.airbit.com
app.airbit.com
cdn.airbit.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.imgur.com
js.stripe.com
m.stripe.com
m.stripe.network
pagead2.googlesyndication.com
region1.google-analytics.com
static.woopra.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.onfootmoney.com
www.woopra.com
146.75.116.193
151.101.193.91
151.101.64.176
162.55.95.216
2001:4860:4802:34::36
2600:9000:2057:7200:15:515:3740:93a1
2600:9000:236e:a800:1e:a36b:f680:93a1
2600:9000:25e8:fa00:19:7d10:bd80:93a1
2600:9000:275d:be00:1e:7b69:edc0:93a1
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:827::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::2008
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
3.230.43.178
44.236.167.79
54.208.252.81
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
027f3a466ae915adbfdbda10d134103f424108a966cf12f6bb6e7304e230f0fd
0424cac8e707a96b40c39486a5d8fffb929510088a68f4c60218bc293b62ae8b
067754b1cf2b64dc52bbd3f3f4a84d8d179ca524cb56dfeb1b6ee0649ae62ec9
0fce4538c4756f0adda0138119bab69bde5b3a12a60bf550e816a5ea9568d1c9
1431b3548cbf354d3f873a9424219256df242f198520f0f26b5ed6d93663d2b5
17c8270099242c6fbe85227f87402258ff4403c7ae976b91aa2298f7f1256938
1a2b5374122b3223bb5202ac7c57383d871fc324fe8aa42fbcebf5a2112b7257
1fdae05695fc8be43a88dc97c9a285c87b3f7d7e01f14469dc29c80cfa5e23ee
26749066e30d4773f68a0bb9d8242d7e3a6fe020c6d8fb76af9877981b8d3159
29afa58720911c7789dce468d2903946b32d24a75b13a8a39209d6f7617ec4c9
2f972159abe74120b98b4d695de27df3d8418bd96d6629bd49ab3a7efb6eb091
319d8e4ef337452006e10b4f33c66e775975d0d31772ae1a1b5c35acbecba2a6
328dd08e32c1360c9e87c0ac3c5fe9b2fd0ead59f7d011423f08bc9608d17f3f
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
374fd394d388264a8f2ae3205ba83eb3bc78aa11b01a3609a0190dceed13d9d5
3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127
3d2aceaca5334a00a9a439dc5ea48d63e621beead9d26f04f4e7e37ad2389578
41b779f5b794ce931f06c8755b186cb8e6eed89d12e37d7b2d4a70a7987b5f6b
43c65456d619775be9c5834766d4b3a683b79c256308245515a232f1600f5edc
51eacbc783434b864b1ae15dd0f140ad979b2a5ba157b800e1bc7412d78b86b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
574de0b374ee4b3fe43932788222de0eb7426e15cfdce8d7ac53c8bb39e10994
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6386d001939f7a7fcef69cd431a54b74f117a31c1951c97d1071633f1b88eaaf
63d2ed5694f124b34a302287e59fcfa2a02915256d1d74aa6b1064ecacffcba8
6529bc3edc8e901642d8403af879ef48da7b07ff7efc0e63798705898f6e2a27
6b655fabf9febb21b7c17d92a0a693f07f412bb86643a02941d57604f0fee469
77dc3afe9d08b83592bfa106196785a4b9da8ea6de0c3c3eae91363a7071e1b8
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87b732b4969c8e1046bb71f568d45b3e6548ad6952ad0df112a304ef2c5b7b21
89c46e3012d95c10dfb5ce5960d9c0db3e8e60b70712878ec23e0c3a9228b288
906f8466d38b64dcd737357d047d023c84849b3b8f3d0c1adc4e4b03f6c64f9d
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
969ed10467b4c896fd041a1f0018d35c8cc8fa68e223e30e5d2c9329a138416c
99de63f5da432e6e1703320047f01d18d721107a37db27717a0f9060d84e9039
9c522058abbf12e3b488eca97899a5511d5a146797104c8fc0f566ab69dff92f
9d9340ec0a9307ca8c2d4cefec473a56065fa3d826fd5345dee4651ccfcdc804
a049e330ff65843859bec4aea005f90863257a1efeff40ff237027c800901ff8
a7236d0e8fbfe97b2972a79e602510d5fa7f29aa3a8d3027417df95c2f22e791
b1480bef9fe96acaec4e731f183058172f0776e30632cf9cb69687159b99fdf9
b644e4d56b42fe4f33bfa1ce16a44c1e02de6c9c863e67c94f46db3f10aa5133
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
c4e97edb4a8980564138ef96147a7ae04fe9472a4eaebb77a0c00e07606b887b
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d0b350b364a9af4fadce4280eac6748d743fab9cc555cfb90cd4cb096a01435b
d1a09dcdf4c362a65eee99ae090b0e3420a13d6e5865f60dcab71ce24d9418fe
d2a2044b9c208f850133e155f9ed6be70104c0dc78367ae6d84881719ded2c60
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e523e06c0417435deb86e875bbb2b6cbbb825bcb1d122912b2dbc8971394283e
e762c7e3115074ee51ab2fefd0e61c0b1b6d92219297e34428057963e624f776
e78dc064a4075486a47b498b89f70115c95c8885086a0d286143f631a3f367c5
eb344edd44a97b3ec8293c6999c2dca57ad14732a5df4da72cb8c6d2353a71b7
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

www.onfootmoney.com Open in urlscan Pro 54.208.252.81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

65 Requests

100 %HTTPS

65 %IPv6

13 Domains

19 Subdomains

19 IPs

2 Countries

8850 kBTransfer

10697 kBSize

10 Cookies

1 Outgoing links

Page URL History

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.onfootmoney.com Open in urlscan Pro
54.208.252.81 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

100 %
HTTPS

65 %
IPv6

13
Domains

19
Subdomains

19
IPs

2
Countries

8850 kB
Transfer

10697 kB
Size

10
Cookies

65 HTTP transactions
0 data transactions