www.fifacm.com Open in urlscan Pro
2606:4700::6812:1a44 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.fifacm.com/
Effective URL:
https://www.fifacm.com/
Submission: On June 08 via api (June 8th 2024, 9:45:37 am UTC) from US — Scanned from DE

Summary HTTP 83 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 38 IPs in 6 countries across 30 domains to perform 83 HTTP transactions. The main IP is 2606:4700::6812:1a44, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.fifacm.com.
TLS certificate: Issued by E1 on May 18th 2024. Valid for: 3 months.

This is the only time www.fifacm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 19	2606:4700::68... 2606:4700::6812:1a44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	18.173.187.125 18.173.187.125	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
5	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
3	151.101.3.42 151.101.3.42	54113 (FASTLY) (FASTLY)
2	104.20.94.138 104.20.94.138	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:2f8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.65.194 151.101.65.194	54113 (FASTLY) (FASTLY)
1	54.230.228.94 54.230.228.94	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::ac43:4513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.138.36.89 108.138.36.89	16509 (AMAZON-02) (AMAZON-02)
1	151.101.131.42 151.101.131.42	54113 (FASTLY) (FASTLY)
2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
3	52.84.198.126 52.84.198.126	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	18.173.154.29 18.173.154.29	16509 (AMAZON-02) (AMAZON-02)
4	184.30.211.26 184.30.211.26	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.120.253.250 34.120.253.250	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:10:... 2606:4700:10::ac43:246e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
4	34.98.72.95 34.98.72.95	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:10:... 2606:4700:10::6816:545	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2100	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	142.250.74.202 142.250.74.202	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:445	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.185.238 142.250.185.238	15169 (GOOGLE) (GOOGLE)
2	141.95.33.120 141.95.33.120	16276 (OVH) (OVH)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1	2606:4700::68... 2606:4700::6812:1791	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.120.111.33 34.120.111.33	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.50.171.95 52.50.171.95	16509 (AMAZON-02) (AMAZON-02)
83	38

19 2606:4700::6812:1a44 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.fifacm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.fifacm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.173.187.125 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-125.muc50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.3.42 (San Francisco, United States)

ASN54113 (FASTLY, US)

hb.vntsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.94.138 (None, )

ASN13335 (CLOUDFLARENET, US)

www.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:2f8e (United States)

ASN13335 (CLOUDFLARENET, US)

hb.vntsm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.194 (San Francisco, United States)

ASN54113 (FASTLY, US)

hb-vntsm-com.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.228.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-94.muc50.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-89.muc50.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.131.42 (San Francisco, United States)

ASN54113 (FASTLY, US)

hb.vntsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.84.198.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-198-126.muc50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.154.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-29.muc50.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com

tag.wknd.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:246e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com

assets.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2100 (Singapore)

ASN41041 (VCLK-EU-SE, US)

proc.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.202 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.33.120 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203256.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1791 (United States)

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.111.33 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 33.111.120.34.bc.googleusercontent.com

cdn.edkt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.171.95 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-171-95.eu-west-1.compute.amazonaws.com

track.venatusmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	fifacm.com 1 redirects www.fifacm.com cdn.fifacm.com	1 MB
7	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 174	214 KB
5	gstatic.com fonts.gstatic.com	204 KB
4	bounceexchange.com assets.bounceexchange.com — Cisco Umbrella Rank: 2804	153 KB
4	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 716	150 KB
4	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1359	106 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 356 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 731	83 KB
4	vntsm.com hb.vntsm.com — Cisco Umbrella Rank: 37152	370 KB
3	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 1830 a.ad.gt — Cisco Umbrella Rank: 2050	5 KB
3	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1091 id5-sync.com — Cisco Umbrella Rank: 573	28 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 194	3 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 1356	104 B
2	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 236	174 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2406	298 B
2	statcounter.com www.statcounter.com — Cisco Umbrella Rank: 20981 c.statcounter.com — Cisco Umbrella Rank: 12548	13 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 70	7 KB
1	venatusmedia.com track.venatusmedia.com — Cisco Umbrella Rank: 34982	164 B
1	edkt.io cdn.edkt.io — Cisco Umbrella Rank: 25313	8 KB
1	script.ac cadmus.script.ac — Cisco Umbrella Rank: 1641	45 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 974	274 B
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 94	6 KB
1	dotomi.com proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3002	462 B
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 2128	12 KB
1	wknd.ai tag.wknd.ai — Cisco Umbrella Rank: 3987	2 KB
1	privacymanager.io geo.privacymanager.io — Cisco Umbrella Rank: 2164	625 B
1	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1095	918 B
1	rlcdn.com ats.rlcdn.com — Cisco Umbrella Rank: 7308	35 KB
1	fastly.net hb-vntsm-com.global.ssl.fastly.net — Cisco Umbrella Rank: 54933
1	vntsm.io hb.vntsm.io — Cisco Umbrella Rank: 46876	645 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	93 KB
83	30

	Domain	Requested by
11	cdn.fifacm.com	www.fifacm.com cdn.fifacm.com
8	www.fifacm.com	1 redirects www.fifacm.com
5	fonts.gstatic.com	fonts.googleapis.com
5	pagead2.googlesyndication.com	www.fifacm.com pagead2.googlesyndication.com
4	assets.bounceexchange.com	tag.wknd.ai assets.bounceexchange.com
4	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net hb.vntsm.com
4	secure.cdn.fastclick.net	www.fifacm.com secure.cdn.fastclick.net
4	hb.vntsm.com	www.fifacm.com hb.vntsm.com
3	c.amazon-adsystem.com	hb.vntsm.com
3	sb.scorecardresearch.com	1 redirects www.fifacm.com
2	i.clean.gg	hb.vntsm.com
2	id5-sync.com	cdn.id5-sync.com hb.vntsm.com
2	id.hadron.ad.gt	hb.vntsm.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	securepubads.g.doubleclick.net	hb.vntsm.com securepubads.g.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
2	fonts.googleapis.com	www.fifacm.com
1	track.venatusmedia.com	hb.vntsm.com
1	cdn.edkt.io	cadmus.script.ac
1	cadmus.script.ac	hb.vntsm.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	a.ad.gt	cdn.hadronid.net
1	lh3.googleusercontent.com
1	proc.ad.cpe.dotomi.com	hb.vntsm.com
1	cdn.id5-sync.com	www.fifacm.com
1	cdn.hadronid.net	www.fifacm.com
1	tag.wknd.ai	www.fifacm.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	geo.privacymanager.io	ats.rlcdn.com
1	ad-delivery.net	hb.vntsm.com
1	ats.rlcdn.com	hb.vntsm.com
1	hb-vntsm-com.global.ssl.fastly.net	hb.vntsm.com
1	hb.vntsm.io	hb.vntsm.com
1	c.statcounter.com	www.statcounter.com
1	www.statcounter.com	www.fifacm.com
1	www.googletagmanager.com	www.fifacm.com
83	36

This site contains links to these domains. Also see Links.

Domain
play.google.com
apps.apple.com
twitter.com
www.instagram.com
www.youtube.com
www.tiktok.com

Subject Issuer	Validity	Valid
fifacm.com E1	`2024-05-18` - `2024-08-16`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.vntsm.com R3	`2024-03-22` - `2024-06-20`	3 months	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-05` - `2025-01-03`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-08-07` - `2024-08-06`	a year	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-11-09` - `2024-12-10`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-06` - `2025-03-05`	a year	crt.sh
ad-delivery.net GTS CA 1P5	`2024-05-17` - `2024-08-15`	3 months	crt.sh
*.privacymanager.io Amazon RSA 2048 M01	`2023-07-27` - `2024-08-24`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
tpc.googlesyndication.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
tag.wknd.ai R3	`2024-05-18` - `2024-08-16`	3 months	crt.sh
hadronid.net GTS CA 1P5	`2024-05-29` - `2024-08-27`	3 months	crt.sh
id5-sync.com E1	`2024-06-04` - `2024-09-02`	3 months	crt.sh
*.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
assets.bounceexchange.com WR3	`2024-05-18` - `2024-08-16`	3 months	crt.sh
id.hadron.ad.gt E1	`2024-05-25` - `2024-08-23`	3 months	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-06-09` - `2024-07-10`	a year	crt.sh
*.googleusercontent.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
a.ad.gt E1	`2024-04-11` - `2024-07-10`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.id5-sync.com R3	`2024-05-01` - `2024-07-30`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2024-05-01` - `2024-07-30`	3 months	crt.sh
script.ac E1	`2024-04-25` - `2024-07-24`	3 months	crt.sh
i.clean.gg GTS CA 1D4	`2024-05-06` - `2024-08-04`	3 months	crt.sh
edkt.io GTS CA 1D4	`2024-06-06` - `2024-09-04`	3 months	crt.sh
*.venatusmedia.com Amazon RSA 2048 M02	`2023-12-25` - `2025-01-22`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.fifacm.com/
Frame ID: 5454BD35A36DF135826E3D0220335062
Requests: 75 HTTP requests in this frame

Frame: https://www.fifacm.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
Frame ID: A795798B6EA86AABE6744B7CD4C4E76F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240605/r20110914/zrt_lookup_fy2021.html
Frame ID: AD4B0CF2425722F46CD674C1BBC438B3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1184080919266052&output=html&adk=1812271804&adf=3025194257&abgtt=5&lmt=1717839931&plat=3%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x675_r&format=0x0&url=https%3A%2F%2Fwww.fifacm.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=30_23~27_15~29_11&aiixl=30_6~27_3~29_5&aslmct=0.7&asamct=0.7&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717839931256&bpp=2&bdt=426&idt=210&shv=r20240605&mjsv=m202406030101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=1499223639712&frm=20&pv=2&ga_vid=1369105401.1717839931&ga_sid=1717839931&ga_hid=84044238&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42532761%2C95334510%2C95334525%2C95334571%2C95335263%2C95334053%2C95334158%2C31078668&oid=2&pvsid=994444522467790&tmod=992090822&uas=0&nvt=1&fsapi=1&fc=1920&brdim=750%2C750%2C750%2C750%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=225
Frame ID: 17A193425C7C7EA5655EE0B63EC04F08
Requests: 1 HTTP requests in this frame

Frame: https://hb.vntsm.com/ab/live/3pcookie/cookieTest.html
Frame ID: 06ED75CDD676C59F2083F27110CED8E2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3640B5B5EB4A9CAF93420C7C868FCE71
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

EA FC 24 Career Mode Potential and Ratings - Career Mode | FIFACM

Page URL History Show full URLs

http://www.fifacm.com/ HTTP 307
https://www.fifacm.com/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Statcounter (Analytics) Expand

Overall confidence: 100%
Detected patterns

statcounter\.com/counter/counter

Page Statistics

83
Requests

96 %
HTTPS

43 %
IPv6

30
Domains

36
Subdomains

38
IPs

6
Countries

2806 kB
Transfer

8768 kB
Size

11
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=com.fcm
Title: App

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/fcm-career-mode-21-potential/id1550440364#?platform=iphone
Title: App

Search URL Search Domain Scan URL

URL: https://twitter.com/fifacmcom

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fifacmcom/?hl=en

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@FC_CareerMode

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@fifacm_com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.fifacm.com/ HTTP 307
https://www.fifacm.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://sb.scorecardresearch.com/cs/7161055/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 21

https://www.fifacm.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.fifacm.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js

83 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.fifacm.com/
Redirect Chain

http://www.fifacm.com/
https://www.fifacm.com/

38 KB
10 KB

241ms
143ms

Document
text/html

2606:4700::6812:1a44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fifacm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85593c11ab99cd10cae10bc8ac2d314190da5ba0f877ff7bbdf53c3387c1c82b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8907f30eea329736-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 08 Jun 2024 09:45:30 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Location: https://www.fifacm.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/7161055/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

40ms
40ms

Script
application/javascript

18.173.187.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol: H2
Server: 18.173.187.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-125.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.fifacm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Sat, 08 Jun 2024 04:06:59 GMT
content-encoding: gzip
via: 1.1 db2b666889c24cb2eb0398e459e4aa92.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:02:23 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 20313
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: kJ3rFZ1T9rW163qkPAP7dQl-PlzuOoVNUZHA9ZTr_nT0KH_9dfiWvg==

Redirect headers

date: Sat, 08 Jun 2024 09:45:30 GMT
via: 1.1 db2b666889c24cb2eb0398e459e4aa92.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: MUC50-P4
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: iIIC51nDp_NRIAu3TWHb0FiH7_Vot7kgCDlZBVq1jF4Sy9VMUZ8x7A==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
93 KB 160ms
71ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PYJED2YZLP

Requested by

Host: www.fifacm.com
URL: https://www.fifacm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

82958ef343e65ca8ed9b343e89dca4e8118578f3724dc5bcbc352ea3b0b2d0d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95331
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 08 Jun 2024 09:45:30 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 157 KB
51 KB 163ms
81ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.fifacm.com
URL: https://www.fifacm.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

42450b778ab1d7a9223a23a0c7f2c46abc6ddaedd415d8b2c676c613316738f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52256
x-xss-protection: 0
server: cafe
etag: 15192591019496625657
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 08 Jun 2024 09:45:31 GMT

GET
H2 200 fa-duotone-900.woff2
cdn.fifacm.com/static/site/fontawesome-pro-5.14.0-web/webfonts/ 183 KB
183 KB 210ms
102ms Font
font/woff2 2606:4700::6812:1a44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fifacm.com/static/site/fontawesome-pro-5.14.0-web/webfonts/fa-duotone-900.woff2
Requested by: Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20ec55e764f09d132a679b2aa4ef98a9256b58b7a1a79f70dfec5e901160de75

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Origin: https://www.fifacm.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:31 GMT
cf-cache-status: HIT
last-modified: Sun, 20 Sep 2020 19:16:04 GMT
server: cloudflare
age: 1876270
etag: "5f67aa74-2da54"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8907f310ab33366f-FRA
content-length: 186964
expires: Sat, 17 May 2025 16:34:06 GMT

GET
H2 200 fa-solid-900.woff2
cdn.fifacm.com/static/site/fontawesome-pro-5.14.0-web/webfonts/ 137 KB
138 KB 171ms
63ms Font
font/woff2 2606:4700::6812:1a44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fifacm.com/static/site/fontawesome-pro-5.14.0-web/webfonts/fa-solid-900.woff2
Requested by: Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a2399d510fe0bb91bf136a84c8f186c5bd3a57a2aac94a39bf167850588717f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Origin: https://www.fifacm.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:31 GMT
cf-cache-status: HIT
last-modified: Sun, 20 Sep 2020 19:16:04 GMT
server: cloudflare
age: 7486880
etag: "5f67aa74-225a0"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8907f310ab2e366f-FRA
content-length: 140704
expires: Thu, 13 Mar 2025 18:06:09 GMT

GET
H2 200 all.min.css
cdn.fifacm.com/static/site/fontawesome-pro-5.14.0-web/css/ 170 KB
39 KB 72ms
59ms Stylesheet
text/css 2606:4700::6812:1a44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fifacm.com/static/site/fontawesome-pro-5.14.0-web/css/all.min.css
Requested by: Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7de3b4b49089f8cdd8267eda652f35806cb2b70f7c5cec0351f6d129263e52b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 20 Sep 2020 19:16:04 GMT
server: cloudflare
age: 7491720
etag: W/"5f67aa74-2a712"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 8907f3100bd29736-FRA
expires: Thu, 13 Mar 2025 16:43:26 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 135ms
48ms Font
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap

Requested by

Host: www.fifacm.com
URL: https://www.fifacm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Origin: https://www.fifacm.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sat, 08 Jun 2024 09:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 08 Jun 2024 08:25:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 08 Jun 2024 09:45:30 GMT

GET
H2 200 mdb.min.css
cdn.fifacm.com/static/site/css/ 310 KB
58 KB 112ms
98ms Stylesheet
text/css 2606:4700::6812:1a44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fifacm.com/static/site/css/mdb.min.css?v=181220154231
Requested by: Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc4197a5237e119910c737169b941a97cbeadc4c0e84ff85ae2ca85929860bac

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 18 Dec 2020 15:42:31 GMT
server: cloudflare
age: 7491720
etag: W/"5fdccde7-4d661"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 8907f3100bd09736-FRA
expires: Thu, 13 Mar 2025 16:43:26 GMT

GET
H2 200 site.min.css
cdn.fifacm.com/static/dist/css/ 184 KB
32 KB 73ms
60ms Stylesheet
text/css 2606:4700::6812:1a44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fifacm.com/static/dist/css/site.min.css?v=250622190319
Requested by: Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1769ecd8421a1aedbacaa73602e8a5ed87f45de0430bfd80c487cb7441e4bf61

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 25 Jun 2022 18:03:19 GMT
server: cloudflare
age: 7491720
etag: W/"62b74de7-2e1f3"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 8907f3100bd69736-FRA
expires: Thu, 13 Mar 2025 16:45:28 GMT

GET
H2 200 ad-manager.min.js Show response
hb.vntsm.com/v3/live/ 143 KB
41 KB 152ms
39ms Script
application/javascript 151.101.3.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v3/live/ad-manager.min.js

Requested by

Host: www.fifacm.com
URL: https://www.fifacm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

270501ddb81cc28677584264e4305f88426bcf5173863d8fbb22cc59c255ed20

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:31 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
venatus-cdn-hb-rule-version: 1.1
strict-transport-security: max-age=300
age: 3358
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-ip: 80.255.7.105
geo-sub: BY
x-amz-id-2: KhlPFIiJIO7hlzhTeOLa9/Bs/Fvj3cPBllb3Y1aV2WL7xamKGkq4mFLTeZx2zc7uvEV2kAWACcGU4Z0udLrqOA==
x-served-by: cache-dub4325-DUB, cache-fra-etou8220101-FRA
content-length: 40911
last-modified: Tue, 28 May 2024 12:24:10 GMT
x-timer: S1717839931.135467,VS0,VE0
etag: "44b77a4c46c156353657af37fc807434"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
accept-ranges: bytes
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-geo: DE
x-cache-hits: 28, 21

GET
H2 200 fcm-logo-short.png
www.fifacm.com/static/img/ 13 KB
13 KB 58ms
58ms Image
image/png 2606:4700::6812:1a44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fifacm.com/static/img/fcm-logo-short.png
Requested by: Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 820868a72698a1f360003a8ae37a0155431839d57f68b1d064611aea0ea74c15

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:30 GMT
cf-cache-status: HIT
age: 7486879
cf-polished: origSize=13917
content-length: 13042
cf-bgj: imgq:100,h2pri
last-modified: Sun, 20 Sep 2020 19:16:04 GMT
server: cloudflare
etag: "5f67aa74-365d"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8907f30ffbb99736-FRA
expires: Thu, 13 Mar 2025 18:06:09 GMT

GET
H2 200 fifacm-logo-700-w.webp
www.fifacm.com/static/img/ 12 KB
12 KB 71ms
70ms Image
image/webp 2606:4700::6812:1a44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fifacm.com/static/img/fifacm-logo-700-w.webp?v=2
Requested by: Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f896dae27179e8a749c5fbe696085236d5237e8adf87cf205914fa4711c6123

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:30 GMT
cf-cache-status: HIT
last-modified: Mon, 11 Mar 2024 08:08:29 GMT
server: cloudflare
age: 536
etag: "65eebbfd-2e42"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 8907f30ffbbb9736-FRA
content-length: 11842

GET
H2 200 site-p.min.js Show response
cdn.fifacm.com/static/site/js/ 767 KB
203 KB 79ms
79ms Script
application/javascript 2606:4700::6812:1a44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fifacm.com/static/site/js/site-p.min.js?v=240923121503
Requested by: Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6ff9dbdd68bab5e0490dfacbc533d5959d85788525cacb7054b3dc226b2d356

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 24 Sep 2023 11:15:03 GMT
server: cloudflare
age: 6243534
etag: W/"65101a37-bfd6d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 8907f3105c5d9736-FRA
expires: Fri, 28 Mar 2025 03:28:32 GMT

GET
H2 200 mdb.min.js Show response
cdn.fifacm.com/static/site/js/ 1 MB
261 KB 68ms
67ms Script
application/javascript 2606:4700::6812:1a44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fifacm.com/static/site/js/mdb.min.js?v=2250920004713
Requested by: Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd366675108a3fbad3f0b6a030675da79a09f8f49bebb5b36017302075dde3c0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 24 Sep 2020 23:47:13 GMT
server: cloudflare
age: 7486880
etag: W/"5f6d3001-1017e2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 8907f310aceb9736-FRA
expires: Thu, 13 Mar 2025 18:04:07 GMT

GET
H2 200 home.min.js Show response
cdn.fifacm.com/static/site/js/pages/ 1 KB
911 B 63ms
62ms Script
application/javascript 2606:4700::6812:1a44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fifacm.com/static/site/js/pages/home.min.js?v=170121120100
Requested by: Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47445201ce2aaaa33279bdac8547cf68e163f0b6cbc779d4f2fda48410869495

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 17 Jan 2021 12:01:00 GMT
server: cloudflare
age: 7491721
etag: W/"600426fc-599"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 8907f310ed4a9736-FRA
expires: Thu, 13 Mar 2025 16:43:26 GMT

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 35 KB
13 KB 146ms
52ms Script
application/javascript 104.20.94.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.94.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6b293451a19dfb0f68649e5ceabac93b2d4155e64fe7f3e3af21a19984e2368

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 07 Jun 2024 15:19:11 GMT
server: cloudflare
age: 27032
etag: W/"666324ef-8c17"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 8907f3117f384d8a-FRA
expires: Sat, 08 Jun 2024 14:14:59 GMT

GET
H2 200 fcm-logo-short.png
www.fifacm.com/static/img/ 13 KB
0 0ms
0ms Image
image/png 2606:4700::6812:1a44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fifacm.com/static/img/fcm-logo-short.png
Requested by: Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 820868a72698a1f360003a8ae37a0155431839d57f68b1d064611aea0ea74c15

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:30 GMT
cf-cache-status: HIT
age: 7486879
cf-polished: origSize=13917
content-length: 13042
cf-bgj: imgq:100,h2pri
last-modified: Sun, 20 Sep 2020 19:16:04 GMT
server: cloudflare
etag: "5f67aa74-365d"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8907f30ffbb99736-FRA
expires: Thu, 13 Mar 2025 18:06:09 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
226 B 48ms
47ms Image
text/plain 18.173.187.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=7161055&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1717839931057&ns_c=UTF-8&c7=https%3A%2F%2Fwww.fifacm.com%2F&c8=EA%20FC%2024%20Career%20Mode%20Potential%20and%20Ratings%20-%20Career%20Mode%20%7C%20FIFACM&c9=
Requested by: Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-125.muc50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:31 GMT
via: 1.1 db2b666889c24cb2eb0398e459e4aa92.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: MUC50-P4
x-amz-cf-id: vtB-XtHyjrEfBqjn-S08NwZRgbk5qPeKvrW7QbT_nXi-AhBlwbG9OA==
x-cache: Miss from cloudfront

GET
H2 200 fifa21_bg.webp
cdn.fifacm.com/static/img/ 35 KB
35 KB 76ms
75ms Image
image/webp 2606:4700::6812:1a44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.fifacm.com/static/img/fifa21_bg.webp
Requested by: Host: cdn.fifacm.com
URL: https://cdn.fifacm.com/static/dist/css/site.min.css?v=250622190319
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ba0c9c5ff3857ca6e5751ec4d85530dda482586380f6a3a6527233b07b5b017

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdn.fifacm.com/static/dist/css/site.min.css?v=250622190319
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:31 GMT
cf-cache-status: HIT
last-modified: Sun, 06 Dec 2020 09:50:59 GMT
server: cloudflare
age: 811
etag: "5fcca983-8bd2"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 8907f3118e569736-FRA
content-length: 35794

GET
H2 200 flags.png
cdn.fifacm.com/static/img/ 27 KB
27 KB 58ms
58ms Image
image/png 2606:4700::6812:1a44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.fifacm.com/static/img/flags.png
Requested by: Host: cdn.fifacm.com
URL: https://cdn.fifacm.com/static/site/css/mdb.min.css?v=181220154231
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 006af77d5c7dd0c094d2106813437d970d3396e5d98d52b6bedec949d12e2f06

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdn.fifacm.com/static/site/css/mdb.min.css?v=181220154231
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:31 GMT
cf-cache-status: HIT
age: 7482208
cf-polished: origSize=28123
content-length: 27955
cf-bgj: imgq:100,h2pri
last-modified: Sun, 20 Sep 2020 19:16:04 GMT
server: cloudflare
etag: "5f67aa74-6ddb"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8907f3118e5c9736-FRA
expires: Thu, 13 Mar 2025 19:24:01 GMT

GET
H2 200 fa-brands-400.woff2
cdn.fifacm.com/static/site/fontawesome-pro-5.14.0-web/webfonts/ 76 KB
76 KB 57ms
56ms Font
font/woff2 2606:4700::6812:1a44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fifacm.com/static/site/fontawesome-pro-5.14.0-web/webfonts/fa-brands-400.woff2
Requested by: Host: cdn.fifacm.com
URL: https://cdn.fifacm.com/static/site/fontawesome-pro-5.14.0-web/css/all.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 485ef94c52a4c62277533950ca70e9c4b13f97eed65cc868b22bd8c37e3ada11

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdn.fifacm.com/static/site/fontawesome-pro-5.14.0-web/css/all.min.css
Origin: https://www.fifacm.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:31 GMT
cf-cache-status: HIT
last-modified: Sun, 20 Sep 2020 19:16:04 GMT
server: cloudflare
age: 7486880
etag: "5f67aa74-12e40"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8907f311cd4a366f-FRA
content-length: 77376
expires: Thu, 13 Mar 2025 18:04:07 GMT

GET
H2

200

main.js Show response
www.fifacm.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/ Frame A795
Redirect Chain

https://www.fifacm.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.fifacm.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js

8 KB
4 KB

49ms
49ms

Script
application/javascript

2606:4700::6812:1a44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fifacm.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js

Requested by

Host: www.fifacm.com
URL: https://www.fifacm.com/

Protocol

Server

2606:4700::6812:1a44 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bfc05c517f9141b1be8486405379350c37adab3a6b6c4421296a51468d713cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Sat, 08 Jun 2024 09:45:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8907f3127fc69736-FRA

Redirect headers

date: Sat, 08 Jun 2024 09:45:31 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
cache-control: max-age=300, public
cf-ray: 8907f311feff9736-FRA
content-length: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 132ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-PYJED2YZLP&gtm=45je4650v879232614za200&_p=1717839930851&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1369105401.1717839931&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717839931&sct=1&seg=0&dl=https%3A%2F%2Fwww.fifacm.com%2F&dt=EA%20FC%2024%20Career%20Mode%20Potential%20and%20Ratings%20-%20Career%20Mode%20%7C%20FIFACM&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=601
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PYJED2YZLP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 08 Jun 2024 09:45:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fifacm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5fae867aa82c70232bb5be5b.enc Show response
hb.vntsm.com/v2/live/ 70 KB
9 KB 119ms
40ms XHR
text/plain 151.101.3.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v2/live/5fae867aa82c70232bb5be5b.enc

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

45298344b4728d47835c5930b62308dc1edce7cc14e369991982c0441814efe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:31 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
venatus-cdn-hb-rule-version: 1.1
strict-transport-security: max-age=300
age: 2386
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-ip: 80.255.7.105
geo-sub: BY
x-amz-id-2: UCOLIUYB64easH0ubJnS7pKgaYqRmQIEbGt3YlER215v0bcjz/G1IdYkyAERHpz+msNY5Wa9L6o=
x-served-by: cache-dub4359-DUB, cache-fra-etou8220106-FRA
content-length: 9010
last-modified: Wed, 05 Jun 2024 10:50:39 GMT
x-timer: S1717839931.314427,VS0,VE1
etag: "0b22d8557ecd4b10bad1cc9b88ffa807"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/plain
access-control-allow-origin: *
access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-geo: DE
x-cache-hits: 6, 1

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
572 B 252ms
243ms XHR
application/json 104.20.94.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=12435742&u1=54CCDA04B4754F0A26FA120D98BFD5B8&java=1&security=16a1dcac&sc_snum=1&sess=99b877&p=0&pv=10&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.fifacm.com/&t=EA%20FC%2024%20Career%20Mode%20Potential%20and%20Ratings%20-%20Career%20Mode%20%7C%20FIFACM&invisible=1&sc_rum_e_s=616&sc_rum_e_e=662&sc_rum_f_s=0&sc_rum_f_e=562&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.94.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:31 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: https://www.fifacm.com
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials: true
cf-ray: 8907f31278844d8a-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/ 425 KB
144 KB 93ms
93ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1184080919266052&plah=www.fifacm.com&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

6484ca65f696167e63c3779d1a40536ae31d7c1ec5dd61a3ba60d3392f1a75b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147244
x-xss-protection: 0
server: cafe
etag: 13537927521624505110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 08 Jun 2024 09:45:31 GMT

POST
H2 200 8907f30eea329736 Show response
www.fifacm.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame A795 0
358 B 95ms
95ms XHR
text/plain 2606:4700::6812:1a44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fifacm.com/cdn-cgi/challenge-platform/h/g/jsd/r/8907f30eea329736
Requested by: Host: www.fifacm.com
URL: https://www.fifacm.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 08 Jun 2024 09:45:31 GMT
server: cloudflare
cf-ray: 8907f31318ab9736-FRA
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 content.html Show response
hb.vntsm.io/ 32 B
645 B 166ms
56ms Fetch
text/html 2606:4700:10::6816:2f8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.io/content.html
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2f8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:31 GMT
cf-cache-status: HIT
x-amz-request-id: 5GNZZEFM2B78C5E3
age: 4041
content-length: 32
x-amz-id-2: /8qy2iBFMLsGu93kSeGsJe146sNHa+oLTalGAOs4TTcAg/V9EGFS6FXRGktB7AXt4fYHbzkJLzw=
geo: DE
last-modified: Thu, 14 Oct 2021 10:47:47 GMT
server: cloudflare
etag: "2f58b9ff601fd509249a9e7628a21c33"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8907f313da6135f7-FRA

GET
H/1.1 200
OK g.txt
hb-vntsm-com.global.ssl.fastly.net/v4/srv/ 0
0 131ms
42ms Fetch
text/plain 151.101.65.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-vntsm-com.global.ssl.fastly.net/v4/srv/g.txt

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.194 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 08 Jun 2024 09:45:31 GMT
Via: 1.1 varnish, 1.1 varnish
Venatus-CDN-HB-Rule-Version: 1.1
Strict-Transport-Security: max-age=300
Age: 6948
x-amz-server-side-encryption: AES256
X-Cache: HIT, HIT
Connection: keep-alive
X-IP: 80.255.7.105
Content-Length: 0
x-amz-id-2: 2lsuUw0pGsgPTMCu9TarsQzl3kBW4Y+8XvXaauN1FmTStEu9GR0lAcENtpdFTBtfvpvA7UnRLUPpPw44U4wWRA==
X-Served-By: cache-dub4362-DUB, cache-fra-etou8220142-FRA
Geo-Sub: BY
Last-Modified: Tue, 02 Apr 2024 15:20:36 GMT
X-Timer: S1717839931.470782,VS0,VE0
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
X-Geo: DE
X-Cache-Hits: 35, 77

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240605/r20110914/ Frame AD4B 0
0 122ms
39ms Document
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20240605/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1184080919266052&plah=www.fifacm.com&aplac=true

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.fifacm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 2297
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4165
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jun 2024 09:07:14 GMT
etag: 3711839061170457607
expires: Sat, 22 Jun 2024 09:07:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 17A1 0
0 189ms
118ms Document
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1184080919266052&output=html&adk=1812271804&adf=3025194257&abgtt=5&lmt=1717839931&plat=3%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x675_r&format=0x0&url=https%3A%2F%2Fwww.fifacm.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=30_23~27_15~29_11&aiixl=30_6~27_3~29_5&aslmct=0.7&asamct=0.7&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717839931256&bpp=2&bdt=426&idt=210&shv=r20240605&mjsv=m202406030101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=1499223639712&frm=20&pv=2&ga_vid=1369105401.1717839931&ga_sid=1717839931&ga_hid=84044238&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42532761%2C95334510%2C95334525%2C95334571%2C95335263%2C95334053%2C95334158%2C31078668&oid=2&pvsid=994444522467790&tmod=992090822&uas=0&nvt=1&fsapi=1&fc=1920&brdim=750%2C750%2C750%2C750%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=225

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.fifacm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jun 2024 09:45:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad-manager-bundle.min.js Show response
hb.vntsm.com/v3/live/ 1 MB
320 KB 46ms
45ms Script
application/javascript 151.101.3.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v3/live/ad-manager-bundle.min.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5a90e93a72f2c01ae90c9523cdb0d4a9431bf622b25947356475dd58e331de71

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:31 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
venatus-cdn-hb-rule-version: 1.1
strict-transport-security: max-age=300
age: 6945
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-ip: 80.255.7.105
geo-sub: BY
x-amz-id-2: ZSHnc3AZmocdjYAZ7bCDBXmHooA/4ldBYJp91UqxF33dfCwEORlj2GNK9jXt0DETpPMo8le9CPqqX5oSLyMytA==
x-served-by: cache-dub4339-DUB, cache-fra-etou8220101-FRA
content-length: 327421
last-modified: Tue, 28 May 2024 12:24:10 GMT
x-timer: S1717839932.535219,VS0,VE2
etag: "e70e64b58c142c69447a330342ba1567"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
accept-ranges: bytes
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-geo: DE
x-cache-hits: 31, 1

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 110 KB
35 KB 133ms
45ms Script
text/javascript 54.230.228.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager-bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-94.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: F5G4x7igSyEInzmeTLVI9fM7V7EmySpG
content-encoding: br
via: 1.1 89855bc668c2d62d2715c482773d5732.cloudfront.net (CloudFront)
date: Fri, 07 Jun 2024 12:03:28 GMT
last-modified: Wed, 13 Mar 2024 08:09:48 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P5
age: 78151
x-amz-server-side-encryption: AES256
etag: W/"b248cc9d0fdeb36bdeb7efabad1132ee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: eRE6bcnoRF6XZZaPLlg20dQHPkQYhfd-DDsIOGpqvO5f__-CFU5NsQ==

GET
H2 200 px.gif Show response
ad-delivery.net/ 43 B
918 B 138ms
54ms Fetch
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager-bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1073070
x-guploader-uploadid: ABPtcPoLbuQxY31rmHs8vSbk4rwXXzwM351mFCwTp3TeQ0U33LMMOQSrtKknT2jOKXXGPpXspWptbN1wPA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xEeqsD9bjKEVkKUtYjTe2zPtwgQQzd9gwgT9LkIf7XfChsK9OCY1Ursvx8T1yF8YJGxPJCzWtwAeJROMbd7RNUp9XWJmCf0vQB1pPjCX9CRdPWgkQP79LRqe65Lo6rM9qBT95ICZVjoQH7x5xw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8907f315deb0a06d-FRA
expires: Mon, 27 May 2024 00:03:40 GMT

GET
H2 200 / Show response
geo.privacymanager.io/ 28 B
625 B 137ms
38ms Fetch
application/json 108.138.36.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-89.muc50.r.cloudfront.net
Software: /
Resource Hash: 3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 02:32:42 GMT
via: 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront), 1.1 ef6c1b0d6b04f2b7f81eb00fa448b890.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, MUC50-P2
age: 25969
x-amzn-requestid: f6ce771a-a166-429f-9aec-421fd50965f7
x-amzn-trace-id: Root=1-6663c2ca-55dc3f1a3b4c1b7c77754b47;Parent=1765c81568f3083c;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: ZBtfpHYyDoEEYFA=
content-length: 28
x-amz-cf-id: 0PTLIDpL0FJpW4tsMAlOrWmuQ6LMpZs3qIBSl6tmco6mmxLAPUMArQ==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 165ms
85ms XHR
application/json 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240605&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

ed8ab5526d4ac08a251cf6258d68e0908bd57ee66e5fb1955b683ec9855241ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12597
x-xss-protection: 0

GET
H2 200 cookieTest.html
hb.vntsm.com/ab/live/3pcookie/ Frame 06ED 0
0 116ms
39ms Document
text/html 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/ab/live/3pcookie/cookieTest.html

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager-bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.fifacm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
age: 3352
content-encoding: gzip
content-length: 420
content-type: text/html
date: Sat, 08 Jun 2024 09:45:31 GMT
etag: "d80b9831e6e7896aa97e84d70f49e545"
geo-sub: BY
last-modified: Sun, 10 Sep 2023 14:04:21 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
venatus-cdn-hb-rule-version: 1.1
via: 1.1 varnish, 1.1 varnish
x-amz-id-2: RBmb0oLDdtVrc4QlhiqHvj3zHOqBvsy5YPZko/PI9j6adRFsTEXFnGRQ3vBgEgR67L0M/CqWWZc=
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-cache-hits: 31, 13
x-geo: DE
x-ip: 80.255.7.105
x-served-by: cache-dub4354-DUB, cache-fra-etou8220036-FRA
x-timer: S1717839932.924818,VS0,VE0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 95 KB
30 KB 174ms
80ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager-bundle.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

070629fa4c8e46471726cb0c25b17cf4eaad34bfa0494686d318961c7eba7510

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30869
x-xss-protection: 0
server: cafe
etag: 430 / 19882 / m202406040101 / config-hash: 14353985682650205947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 08 Jun 2024 09:45:32 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 305 KB
76 KB 145ms
44ms Script
application/javascript 52.84.198.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager-bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.198.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-198-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 38ddbe47a6c50552223935c9c5553c3cb17292cfc08b33d4d2c40c45baf2174c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:15:52 GMT
content-encoding: gzip
via: 1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront), 1.1 48bff6f682dda533442f6a9ed653d630.cloudfront.net (CloudFront)
last-modified: Tue, 28 May 2024 21:30:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, MUC50-P5
age: 1781
x-amz-server-side-encryption: AES256
etag: W/"7e37c61c24c4f874b286570f1eebc0ea"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: 3MSvNAv9-WeiMyHC1qSp3iSXdN5SPW0udU-evxDNhacXnDTNCZRWJA==

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 195ms
93ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 08 Jun 2024 09:45:32 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406040101/ 463 KB
144 KB 45ms
45ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406040101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

b1ff229d7cf6c2eb168c41b99ce4081f4ed5d4cbbfbd94a3450066f89c9d54b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 08:29:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4588
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147735
x-xss-protection: 0
server: cafe
etag: 15837355652058665441
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 08 Jun 2025 08:29:04 GMT

GET
H2 200 70247b00-ff8f-4016-b3ab-8344daf96e09 Show response
config.aps.amazon-adsystem.com/configs/ 563 B
838 B 131ms
41ms Script
application/javascript 18.173.154.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/70247b00-ff8f-4016-b3ab-8344daf96e09
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.154.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-29.muc50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 1777ef5f2613e35015a34031cba4dcb7d5275bbc9cf1109a52b37a6b88cfa12f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:41:12 GMT
via: 1.1 ca623c10f2a669c8a9af30362937ebac.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MUC50-P3
age: 260
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 563
x-amz-cf-id: vMUUPN0xpSJS-o3xFi8zfULQZx_DG8QPaTRihLIZzMYu2A8xYHGoCw==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 3 KB
3 KB 40ms
39ms XHR
application/json 52.84.198.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.fifacm.com&pubid=70247b00-ff8f-4016-b3ab-8344daf96e09
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager-bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.198.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-198-126.muc50.r.cloudfront.net
Software: Server /
Resource Hash: 329407c996da48fa755a572cda47d32f8d5623676d5b82093ae6761337aee02b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:00:40 GMT
via: 1.1 48bff6f682dda533442f6a9ed653d630.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MUC50-P5
age: 2692
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.fifacm.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 2796
x-amz-cf-id: bS7LuqeQJnQzAZkANxGgWVzAAvQjHXoRjlreMZe9lPsGSb-s3YHN8Q==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 117ms
39ms XHR
application/javascript 52.84.198.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager-bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.198.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-198-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 7b7e33ce27dedf9c28b39ecc0309b556.cloudfront.net (CloudFront)
date: Sat, 08 Jun 2024 02:44:47 GMT
x-amz-cf-pop: MUC50-P5
age: 25246
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: FuI15omrDwfTs4QsEBOkc3UKC_gvN2uUeK7ljU_ebcqVqAAGx6E1Vw==

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3640 0
0 124ms
39ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.fifacm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 14286
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jun 2024 05:47:26 GMT
expires: Sun, 08 Jun 2025 05:47:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 134ms
40ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:32 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Sat, 08 Jun 2024 10:00:32 GMT

GET
H2 200 i.js Show response
tag.wknd.ai/7083/ 4 KB
2 KB 134ms
40ms Script
text/plain 34.120.253.250
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.wknd.ai/7083/i.js
Requested by: Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 250.253.120.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 529a5d5be411c17271bbfcbb01e7b9affa41f00b3ee65d1f03c7574caf1e9e46

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:44:30 GMT
content-encoding: gzip
x-envoy-decorator-operation: tag-router.tag-router.svc.cluster.local:80/*
via: 1.1 google
age: 62
x-envoy-upstream-service-time: 0
x-region: us-central1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1921
server: istio-envoy
etag: d166bd3b01d9f
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=60
timing-allow-origin: *
link: <https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 56 KB
12 KB 153ms
59ms Script
application/javascript 2606:4700:10::ac43:246e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.fifacm.com%2F&ref=&_it=amazon&partner_id=288
Requested by: Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:32 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 04 Jun 2024 15:30:02 GMT
server: cloudflare
x-amz-request-id: 4GNMNHQXA94JVW78
age: 878
etag: W/"1e77f38a1df1490d4175e3c4878bd150"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=432000
cf-ray: 8907f319183c71be-FRA
x-amz-id-2: FNS8Lc8R9Qji432eQyZbGDDgvyWHvIXmOzDykwh9qe1J2fX8u6aO0aANuFN3vxu6aVi9rB6lRRQ=

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 93 KB
27 KB 152ms
57ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.fifacm.com
URL: https://www.fifacm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d830a998066b3e15644d716280d1e6bdcef4dcb2c463da234743b7acb8416ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 May 2024 12:31:06 GMT
server: cloudflare
x-amz-request-id: Y1WNHRZJC8ZPNPNK
age: 911
etag: W/"975872beea6fa436507d8a74321584b7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8907f3191f489142-FRA
x-amz-id-2: xGCyjisIGNuxa24ZBbubhAFnoNtEUl4RYLrxS1L4jjDpUUxl1x2o9idNnewui62TvtYoxzdHhzI=

GET
H2 200 launcher-stub.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 14 KB
5 KB 172ms
78ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by: Host: www.fifacm.com
URL: https://www.fifacm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:32 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "38c0-5e92054540ea5-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 5252
expires: Sat, 08 Jun 2024 10:00:32 GMT

GET
H2 200 21726375739 Show response
fundingchoicesmessages.google.com/i/ 192 KB
64 KB 181ms
69ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/21726375739?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b8c94eecd0e4e53dcfccad24cde8caf5f0ce5d29d1544d9c183121f146f91f4

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ldqmSYTE7kXotB9NzgxBuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ldqmSYTE7kXotB9NzgxBuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjCtDikmII0pBiOO90h-k6EBtoPGeyAGKJry-Z1IDYKX0GawAQ-9TPYI0C4tab51gnA3HSv_OsBUDc_vkC61QgXhJxkfVA4kVWIR6OPRcmbGYTOLDkwXlGJY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDIxMDMwNTPQPT-AIDAOPJNvI"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runtime_6459738026535cda4232dc813c61447d.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 3 KB
2 KB 155ms
42ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_6459738026535cda4232dc813c61447d.br.js
Requested by: Host: tag.wknd.ai
URL: https://tag.wknd.ai/7083/i.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 59f1b7d93f47fcc926143154888aa471910eaf81c3c41270b61cfe012dda08df

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 03:41:43 GMT
content-encoding: br
age: 1145029
x-guploader-uploadid: ABPtcPqt--ineYOP0INs4_CkAXxGfNZ8Odyj04WkcyK0_RGMEDJZwcK21uAiqxzYKSmqSvD1oAZstnjRKA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1316
last-modified: Thu, 23 May 2024 19:16:48 GMT
server: UploadServer
etag: "09512239cb2a22728ca9f8608dfc2181"
x-goog-generation: 1713883050962681
x-goog-hash: crc32c=BS9gKg==, md5=CVEiOcsqInKMqfhgjfwhgQ==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 1316
accept-ranges: bytes
content-type: text/javascript

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 95 B
260 B 145ms
145ms XHR
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=288&sync=0&domain=www.fifacm.com&url=https://www.fifacm.com/
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager-bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ad41099efbcafc4cdebc10081a16c7b134447e58a971556bfc8f456addc8d7b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 08 Jun 2024 09:45:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private,max-age=30
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization
cf-ray: 8907f31b3b874d6d-FRA

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 275ms
159ms Preflight
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=288&sync=0&domain=www.fifacm.com&url=https://www.fifacm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.fifacm.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 8907f31a39f54d6d-FRA
content-length: 0
content-type: application/json
date: Sat, 08 Jun 2024 09:45:32 GMT
debug: OPTIONS block
expires: Sun, 08 Jun 2025 09:45:32 GMT
server: cloudflare

GET
H2 200 launcher.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 49 KB
17 KB 40ms
39ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:32 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "c4b6-5e920545406d3-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17042
expires: Sat, 08 Jun 2024 10:00:32 GMT

GET
H2 200 launcher Show response
proc.ad.cpe.dotomi.com/cvx/client/direct/ 190 B
462 B 165ms
41ms XHR
application/json 2a02:fa8:8806:20::2100
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager-bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:32 GMT
server: nginx
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.fifacm.com
cache-control: max-age=1800
access-control-allow-credentials: true
content-length: 190
expires: Sat, 08 Jun 2024 10:15:32 GMT

GET
H2 200 main-v2_ab418a901277e9b2f51bda6e9239b784.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 494 KB
108 KB 43ms
42ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_ab418a901277e9b2f51bda6e9239b784.br.js
Requested by: Host: tag.wknd.ai
URL: https://tag.wknd.ai/7083/i.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2d0a44d43eca801842f159ec84dfbf30522713b7a51dea0d6cafa3084cc77d9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:53:44 GMT
content-encoding: br
age: 139908
x-guploader-uploadid: ABPtcPpXUl41I167ITDz_yBPNIs01crX-JrRnQ7dK2PoYOUqykw77sgFLsfxe3gS8lnXzdb4RsedbDg0hA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110463
last-modified: Thu, 06 Jun 2024 18:53:34 GMT
server: UploadServer
etag: "4231ac34765394841202292cac4f1921"
x-goog-generation: 1717700014203942
x-goog-hash: crc32c=fzAt4Q==, md5=QjGsNHZTlIQSAiksrE8ZIQ==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 110463
accept-ranges: bytes
content-type: text/javascript

GET
H2 200 AGSKWxUop1OCCwygkjo8kWmJnukNfaiKWMXdmV7pMxG2zpT9wyl5yZOvqXKheNGFW5v3eO1pBZ62vviWrfddPoJTwthSE5HR_HDlW-9JfjKkrkPXuFAbOqENtm6wo8y67rvC2Ah20R7czQ== Show response
fundingchoicesmessages.google.com/f/ 626 KB
86 KB 180ms
179ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUop1OCCwygkjo8kWmJnukNfaiKWMXdmV7pMxG2zpT9wyl5yZOvqXKheNGFW5v3eO1pBZ62vviWrfddPoJTwthSE5HR_HDlW-9JfjKkrkPXuFAbOqENtm6wo8y67rvC2Ah20R7czQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE3ODM5OTMyLDU1NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuZmlmYWNtLmNvbS8iLG51bGwsW1s4LCJrYnZERWFRTUVqZyJdLFs5LCJkZSJdLFsyMCwiW251bGwsbnVsbCxbOTUzMjk4NDJdLG51bGwsOF0iXSxbMTksIjEiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.kbvDEaQMEjg.es5.O/am=AAM/d=1/rs=AJlcJMzUlNz2DY9EraZd75vr3cAzSgFrbw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e27e115f14e5153e17515f6fbe1c737b3d17b4a64937576e365567fcaaae5e34

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aYAkyUoTARsLij-pGpvZEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-aYAkyUoTARsLij-pGpvZEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmLw1JBiOHHrNtMFID7vdIfpOhAbaDxnsgBiia8vmdSA2Cl9BmsAEPvUz2CNAuLWm-dYJwNx0r_zrAVA3P75AutUIF4ScZH1QOJFViEejj0XJmxmE9hx8-YlJiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTAzMDUz0D0_gCAwCQ5Dwh"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 coreid.min.js Show response
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 229 KB
66 KB 42ms
41ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:32 GMT
content-encoding: gzip
last-modified: Mon, 23 Oct 2023 16:23:46 GMT
server: Apache
etag: "394d0-60864a57eaadc-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 67550
expires: Sat, 08 Jun 2024 10:00:32 GMT

GET
H3 200 onsite-v2_0e56ab6ba004ee080ce3deb3edae35e9.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 16 KB
5 KB 40ms
40ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite-v2_0e56ab6ba004ee080ce3deb3edae35e9.br.js
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_ab418a901277e9b2f51bda6e9239b784.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f10699f59e4285b87af5097e4ba9e470ee29b4f3487fa767f2818bdbbdd6bb14

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 19:07:08 GMT
content-encoding: br
age: 1435104
x-guploader-uploadid: ABPtcPp8uENBKODCzCPMPkq8FpZTrMkcmUKxn8dLa9rILRsW32lbRDZgu8rSiFjY_0xPKe7qTQk
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5003
last-modified: Wed, 22 May 2024 14:28:46 GMT
server: UploadServer
etag: "7ff99b6f1cea743cef749de91009e764"
x-goog-generation: 1716388126551860
x-goog-hash: crc32c=qFvE1Q==, md5=f/mbbxzqdDzvdJ3pEAnnZA==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 5003
accept-ranges: bytes
content-type: text/javascript

GET
H3 200 ads-v2_7520a52945aef5105bec4608bab1718f.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 172 KB
38 KB 41ms
41ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ads-v2_7520a52945aef5105bec4608bab1718f.br.js
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_ab418a901277e9b2f51bda6e9239b784.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9401f4d75d39bc153d1273639e533678fe2e3527ad38914b2b9033ac490e6b31

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:53:33 GMT
content-encoding: br
age: 139919
x-guploader-uploadid: ABPtcPqo0VfddCQvJrJoi31OY5L7dBMkTpT9UksB1XiHat6RXwgOeH-hwP_wmHdsxyIgdX54GJ0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39051
last-modified: Thu, 06 Jun 2024 18:53:22 GMT
server: UploadServer
etag: "026ebd7f5429a1a64561ca52cfbfed88"
x-goog-generation: 1717700002314816
x-goog-hash: crc32c=j+7NoQ==, md5=Am69f1QpoaZFYcpSz7/tiA==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 39051
accept-ranges: bytes
content-type: text/javascript

GET
H3 200 css
fonts.googleapis.com/ 109 KB
6 KB 137ms
55ms Stylesheet
text/css 142.250.74.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.kbvDEaQMEjg.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwW8luPEY0PG3GT4IAsFgauSkRkJA/m=web_iab_tcf_v2_wall_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.202 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f10.1e100.net

Software

ESF /

Resource Hash

70cd563322458bcd8eb0c45ffe72323df7c74b281cdbd01cc8b15de133b576a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sat, 08 Jun 2024 09:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 08 Jun 2024 09:45:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 08 Jun 2024 09:45:32 GMT

GET
H2 200 ZR--2R-iP2YMKRbhJzawIsdN7L8-J0oRt_aF5tdzP6l9WeVrmBk4kKWpgm5-MreQbvaBZ9iRYluKjHtKNp7jgnXPFvJVJsFo_B_1AUPkFj76usXFvx3E=h60
lh3.googleusercontent.com/ 6 KB
6 KB 127ms
39ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/ZR--2R-iP2YMKRbhJzawIsdN7L8-J0oRt_aF5tdzP6l9WeVrmBk4kKWpgm5-MreQbvaBZ9iRYluKjHtKNp7jgnXPFvJVJsFo_B_1AUPkFj76usXFvx3E=h60

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1f4a429310ff371af8b0a9045a949a6605f28e951bd42c41a8ca2e699815c160

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:33:40 GMT
x-content-type-options: nosniff
age: 712
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6022
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 09 Jun 2024 09:33:40 GMT

GET
H2 200 288 Show response
a.ad.gt/api/v1/u/matches/ 13 KB
4 KB 155ms
52ms Script
application/javascript 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/288?_it=amazon
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.fifacm.com%2F&ref=&_it=amazon&partner_id=288
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36f6de8213e3c46c26658359a8fd71c69eacd37da791a92dbfea09a39a766062

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 08 Jun 2024 09:39:20 GMT
server: cloudflare
age: 92
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 8907f31ce944911f-FRA

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 233ms
147ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Origin: https://www.fifacm.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 19:47:36 GMT
x-content-type-options: nosniff
age: 50276
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 19:47:36 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 125 KB
126 KB 126ms
40ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Origin: https://www.fifacm.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 08:00:53 GMT
x-content-type-options: nosniff
age: 92679
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 08:00:53 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
0 233ms
233ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Origin: https://www.fifacm.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 19:47:36 GMT
x-content-type-options: nosniff
age: 50276
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 19:47:36 GMT

POST
H3 204 AGSKWxXOT5s6Q6k6uPsMCWvWN0MWQU-FYK5HYcG1h-riUNqI47xqyasGc4nj-z5RKTu9ZPip_EaR8yOkoknUvjjEhPW1dJwmIgIEPv44lj20A8IoMt48O684DtY2Z54vbhjtwwzWct9BOg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 139ms
50ms XHR
text/html 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXOT5s6Q6k6uPsMCWvWN0MWQU-FYK5HYcG1h-riUNqI47xqyasGc4nj-z5RKTu9ZPip_EaR8yOkoknUvjjEhPW1dJwmIgIEPv44lj20A8IoMt48O684DtY2Z54vbhjtwwzWct9BOg==

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager-bundle.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6hBiKqn7CIxcT3sl91Sy4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 08 Jun 2024 09:45:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6hBiKqn7CIxcT3sl91Sy4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw15BicEqfwRoCxEI8HHsuTNjMJvBg0cfjzEouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxMDMwFTPwCy-wAAA1e8i9w"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.fifacm.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXOT5s6Q6k6uPsMCWvWN0MWQU-FYK5HYcG1h-riUNqI47xqyasGc4nj-z5RKTu9ZPip_EaR8yOkoknUvjjEhPW1dJwmIgIEPv44lj20A8IoMt48O684DtY2Z54vbhjtwwzWct9BOg==

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager-bundle.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-7ESsLnmMR7VHtfflfg5UGQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 08 Jun 2024 09:45:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-7ESsLnmMR7VHtfflfg5UGQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw0gDi9BmsIUAsxMOx58KEzWwCHXe_HmdWcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiYGZgamegZm8QUGAMx5Itk"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.fifacm.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 123ms
123ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.fifacm.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 03:17:52 GMT
x-content-type-options: nosniff
age: 109660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 03:17:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 118ms
118ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.fifacm.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 18:30:08 GMT
x-content-type-options: nosniff
age: 400524
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Jun 2025 18:30:08 GMT

GET
H2 200 favicon-32x32.png
www.fifacm.com/static/img/favicon/ 1 KB
1 KB 58ms
58ms Other
image/png 2606:4700::6812:1a44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fifacm.com/static/img/favicon/favicon-32x32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2699a4e9cdd052adb92f8b3003bce83eb92447eb1fda3d55199380a632263dc

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:33 GMT
cf-cache-status: HIT
age: 6666774
cf-polished: origSize=1659
content-length: 1227
cf-bgj: imgq:100,h2pri
last-modified: Mon, 28 Sep 2020 01:00:16 GMT
server: cloudflare
etag: "5f7135a0-67b"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8907f31e1b3a9736-FRA
expires: Sun, 23 Mar 2025 05:52:34 GMT

GET
H2 200 bounce Show response
id5-sync.com/ 29 B
451 B 128ms
40ms Fetch
text/plain 141.95.33.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/bounce

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.120 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203256.ip-141-95-33.eu

Software

Resource Hash

aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://www.fifacm.com
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
274 B 130ms
40ms Fetch
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

75e32c0a3f24d951b777a8147bc8ba05290f30ee43eb81794d3b8a22c043e773

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.fifacm.com
date: Sat, 08 Jun 2024 09:45:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 200 v3 Show response
id5-sync.com/gm/ 319 B
513 B 40ms
40ms XHR
application/json 141.95.33.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager-bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.120 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203256.ip-141-95-33.eu

Software

Resource Hash

92661049802aec27fe550644f330c721790a2fd5fa8e18c89400d73d44b71ca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.fifacm.com
date: Sat, 08 Jun 2024 09:45:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin
content-type: application/json

GET
H2 200 script.js Show response
cadmus.script.ac/d1oykxszdrgjgl/ 128 KB
45 KB 153ms
58ms Script
application/javascript 2606:4700::6812:1791
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager-bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 044db91bd89a07632f081b1629722c1b4a7f94875097e5b197283054ab6de0bb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:45:36 GMT
content-encoding: gzip
last-modified: Fri, 07 Jun 2024 17:50:56 GMT
server: cloudflare
age: 0
etag: W/"733794a493438803b2e4e24c624f06612a98dde6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray: 8907f330ecc83688-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 48ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-PYJED2YZLP&gtm=45je4650v879232614za200&_p=1717839930851&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1369105401.1717839931&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1717839931&sct=1&seg=0&dl=https%3A%2F%2Fwww.fifacm.com%2F&dt=EA%20FC%2024%20Career%20Mode%20Potential%20and%20Ratings%20-%20Career%20Mode%20%7C%20FIFACM&en=scroll&epn.percent_scrolled=90&_et=12&tfd=5615
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PYJED2YZLP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 08 Jun 2024 09:45:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fifacm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 129ms
129ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager-bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 08 Jun 2024 09:45:36 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 215ms
128ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.fifacm.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Sat, 08 Jun 2024 09:45:36 GMT
server: nginx/1.21.6
via: 1.1 google

GET
H2 200 edgekit.min.js Show response
cdn.edkt.io/rNn9xk/ 23 KB
8 KB 128ms
41ms Script
text/javascript 34.120.111.33
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.edkt.io/rNn9xk/edgekit.min.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 33.111.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 77ea16cd40f591471d64f4954eafd3d3f6674b93f839e0f2390f8150766af154

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 19:21:50 GMT
content-encoding: gzip
age: 51826
x-guploader-uploadid: ABPtcPrk0bbIdO3J9K8XHQ5HVoX3owtaeEE-uzJ_nYyxQjFx0LAE_3GI2glfgMdiUNZ7OBMF_sU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7643
last-modified: Thu, 06 Jun 2024 06:38:39 GMT
server: UploadServer
etag: "88ffe2c4952c7a0527bf45b8bb456e80"
x-goog-generation: 1717655919472738
x-goog-hash: crc32c=2rqeUA==, md5=iP/ixJUsegUnv0W4u0VugA==
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 7643
accept-ranges: bytes
expires: Sat, 08 Jun 2024 19:21:50 GMT

POST
H2 200 track_enc Show response
track.venatusmedia.com/dual/ 16 B
164 B 178ms
56ms XHR
application/json 52.50.171.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.venatusmedia.com/dual/track_enc
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager-bundle.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.171.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-171-95.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.fifacm.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.fifacm.com
date: Sat, 08 Jun 2024 09:45:36 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240605&jk=994444522467790&bg=!KSqlKmXNAAb64txl2uI7ADQBe5WfOG3cj-zECBe8UAnWlmysWGvUKUpMacGGJ0A0WBIcsWKQ7C7Q-6TQbxfLYeXOAw-FAgAAADNSAAAAAmgBB34ANaWyvw7EYeSnDzxwHiPScZ8Q7QGtiukgnMgDOWlkGg6rnNCJI1CZ3UPzAl4o6fjBUld0OjxKmQKZ5fADq0a01L_50pN-d1PHxNZmVOcy6Gz2U0LjuHrmjM8-0rJZlqGQ1YMmgI90CtPZT5tkYh2-5fsHpPPKOZ3MgIJomZHAu58ndub0sLqiNRIugoklt10zprLxQh6ycig5ku6gMsnUym1kLsf5XQQnHfoUqDUZBiL2GvcmNOjp6Zn0an46KPxTTyCN6ocFrSO2Srldq53uwAjx5Ak0Te7mO3a-RHJVxDxd-3pjVevDw4bok8HPuwbUeG4BpOFZoQfyBjtEQ0BuKwreuYaA8T5g7YtEDpzeKVGXmsgtYgVxlheno7eovew4uQaD2c5hIkZqjcAzgYBfA7pj8NZK4LXj_0dDT1zWzbHGZZgiJ7O9XL5mm2GjQaPdQRKQR8eXmPq65Aqv-b0vVMj-mtU2p0C-PdOgQFeje245EIutmUxMelx78EAUASOkiz4huoR08cwTxmHiT22EJN6WLOeTQ3Ek16Lf7_YeApEUwFfnyt74c8UHwOt-HHY4eek0VCSnAN3P2UGUy197Mt_nT50T723PqWc3b439xuGQeQsfZFK8fD95qy8GcyCEs4e1JcGV7ah3efqCa0Zc-lCUUCLvQfykmSmyS36yJNgUQ64qg6gLq-LEqoDM9iEtxOcBMA-Qszz_OM2nJoWhnPzVWgAOMj-GA1hoSj4YmpgjK0tOZd11NeC2L3YcNPEGjmyKh1_0bDJJDafmZrd3ekl-mVIxxYteJ_X2b-h_moaBO2nFy7N1p1fh6eMJs9yGpT_deT2pTroVKkzEvkMxek7ZVN1yj3vfUxu_QFsQcuvTmHspOEDaEtYVp5sANbPXhGv723VSCHVOZ8XJjk_z4yfJMttZlBu3PFDdXIrf-atxn9ctbkeJV2e3V3uYk2kxrxo

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.fifacm.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: mmnnd5vfte40c47e0hssalvuuq
www.fifacm.com/	1970-01-20 21:10:43	Name: currency Value: eur
www.fifacm.com/	1970-01-20 21:10:43	Name: statsui Value: cat
.fifacm.com/	1970-01-21 06:46:39	Name: _ga Value: GA1.1.1369105401.1717839931
.fifacm.com/	1970-01-21 06:46:39	Name: _ga_PYJED2YZLP Value: GS1.1.1717839931.1.0.1717839931.0.0.0
.fifacm.com/	1970-01-21 06:46:39	Name: sc_is_visitor_unique Value: rx12435742.1717839931.54CCDA04B4754F0A26FA120D98BFD5B8.1.1.1.1.1.1.1.1.1
.fifacm.com/	1970-01-21 05:56:15	Name: cf_clearance Value: aU2P2Hj1BzN9jnZmzxUC5XcoIIimY0q.Sa4QlpOBrQ8-1717839931-1.0.1.1-Yx8KEuEqayokPgpEJSP7SQE2rsosXSL622BPCHBCSlDGyG2mUJ2Xsjh8lRKcDljF3sbRI6zqCvwPNRUbBnfDCw
.statcounter.com/	1970-01-21 06:46:39	Name: is_unique Value: sc12435742.1717839931.0
.statcounter.com/	1970-01-21 06:46:39	Name: is_visitor_unique Value: 1717839931503513602
www.fifacm.com/	1970-01-20 21:12:06	Name: _lr_geo_location Value: DE
.id5-sync.com/	1970-01-20 23:20:15	Name: id5 Value: 7ea6e62a-91fd-70a0-a8d1-ac2cc4aeb5a0#1717839933494#1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.fifacm.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fifacm.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fifacm.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fifacm.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
ad-delivery.net
assets.bounceexchange.com
ats.rlcdn.com
c.amazon-adsystem.com
c.statcounter.com
cadmus.script.ac
cdn.edkt.io
cdn.fifacm.com
cdn.hadronid.net
cdn.id5-sync.com
config.aps.amazon-adsystem.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
geo.privacymanager.io
hb-vntsm-com.global.ssl.fastly.net
hb.vntsm.com
hb.vntsm.io
i.clean.gg
id.hadron.ad.gt
id5-sync.com
lb.eu-1-id5-sync.com
lh3.googleusercontent.com
pagead2.googlesyndication.com
proc.ad.cpe.dotomi.com
region1.google-analytics.com
sb.scorecardresearch.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
tag.wknd.ai
tpc.googlesyndication.com
track.venatusmedia.com
www.fifacm.com
www.googletagmanager.com
www.statcounter.com
pagead2.googlesyndication.com
104.20.94.138
108.138.36.89
141.95.33.120
141.95.98.64
142.250.185.162
142.250.185.194
142.250.185.238
142.250.74.202
151.101.131.42
151.101.3.42
151.101.65.194
18.173.154.29
18.173.187.125
184.30.211.26
2001:4860:4802:34::36
2606:4700:10::6816:2f8e
2606:4700:10::6816:445
2606:4700:10::6816:545
2606:4700:10::ac43:246e
2606:4700:10::ac43:266a
2606:4700:20::ac43:4513
2606:4700::6812:1791
2606:4700::6812:1a44
2a00:1450:4001:803::200a
2a00:1450:4001:80f::2001
2a00:1450:4001:812::2003
2a00:1450:4001:813::200e
2a00:1450:4001:829::2008
2a00:1450:4001:831::2001
2a02:fa8:8806:20::2100
34.120.111.33
34.120.253.250
34.95.69.49
34.98.72.95
52.50.171.95
52.84.198.126
54.230.228.94
006af77d5c7dd0c094d2106813437d970d3396e5d98d52b6bedec949d12e2f06
044db91bd89a07632f081b1629722c1b4a7f94875097e5b197283054ab6de0bb
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
070629fa4c8e46471726cb0c25b17cf4eaad34bfa0494686d318961c7eba7510
1769ecd8421a1aedbacaa73602e8a5ed87f45de0430bfd80c487cb7441e4bf61
1777ef5f2613e35015a34031cba4dcb7d5275bbc9cf1109a52b37a6b88cfa12f
1f4a429310ff371af8b0a9045a949a6605f28e951bd42c41a8ca2e699815c160
20ec55e764f09d132a679b2aa4ef98a9256b58b7a1a79f70dfec5e901160de75
270501ddb81cc28677584264e4305f88426bcf5173863d8fbb22cc59c255ed20
2a2399d510fe0bb91bf136a84c8f186c5bd3a57a2aac94a39bf167850588717f
2ad41099efbcafc4cdebc10081a16c7b134447e58a971556bfc8f456addc8d7b
329407c996da48fa755a572cda47d32f8d5623676d5b82093ae6761337aee02b
36f6de8213e3c46c26658359a8fd71c69eacd37da791a92dbfea09a39a766062
38ddbe47a6c50552223935c9c5553c3cb17292cfc08b33d4d2c40c45baf2174c
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
42450b778ab1d7a9223a23a0c7f2c46abc6ddaedd415d8b2c676c613316738f9
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
45298344b4728d47835c5930b62308dc1edce7cc14e369991982c0441814efe4
47445201ce2aaaa33279bdac8547cf68e163f0b6cbc779d4f2fda48410869495
485ef94c52a4c62277533950ca70e9c4b13f97eed65cc868b22bd8c37e3ada11
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586
529a5d5be411c17271bbfcbb01e7b9affa41f00b3ee65d1f03c7574caf1e9e46
59f1b7d93f47fcc926143154888aa471910eaf81c3c41270b61cfe012dda08df
5a90e93a72f2c01ae90c9523cdb0d4a9431bf622b25947356475dd58e331de71
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6484ca65f696167e63c3779d1a40536ae31d7c1ec5dd61a3ba60d3392f1a75b7
6b8c94eecd0e4e53dcfccad24cde8caf5f0ce5d29d1544d9c183121f146f91f4
6bfc05c517f9141b1be8486405379350c37adab3a6b6c4421296a51468d713cc
6d830a998066b3e15644d716280d1e6bdcef4dcb2c463da234743b7acb8416ed
70cd563322458bcd8eb0c45ffe72323df7c74b281cdbd01cc8b15de133b576a3
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
75e32c0a3f24d951b777a8147bc8ba05290f30ee43eb81794d3b8a22c043e773
77ea16cd40f591471d64f4954eafd3d3f6674b93f839e0f2390f8150766af154
7ba0c9c5ff3857ca6e5751ec4d85530dda482586380f6a3a6527233b07b5b017
820868a72698a1f360003a8ae37a0155431839d57f68b1d064611aea0ea74c15
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82958ef343e65ca8ed9b343e89dca4e8118578f3724dc5bcbc352ea3b0b2d0d1
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
85593c11ab99cd10cae10bc8ac2d314190da5ba0f877ff7bbdf53c3387c1c82b
8f896dae27179e8a749c5fbe696085236d5237e8adf87cf205914fa4711c6123
92661049802aec27fe550644f330c721790a2fd5fa8e18c89400d73d44b71ca1
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
9401f4d75d39bc153d1273639e533678fe2e3527ad38914b2b9033ac490e6b31
a2699a4e9cdd052adb92f8b3003bce83eb92447eb1fda3d55199380a632263dc
a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f
a6b293451a19dfb0f68649e5ceabac93b2d4155e64fe7f3e3af21a19984e2368
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1ff229d7cf6c2eb168c41b99ce4081f4ed5d4cbbfbd94a3450066f89c9d54b2
b2d0a44d43eca801842f159ec84dfbf30522713b7a51dea0d6cafa3084cc77d9
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cc4197a5237e119910c737169b941a97cbeadc4c0e84ff85ae2ca85929860bac
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
dd366675108a3fbad3f0b6a030675da79a09f8f49bebb5b36017302075dde3c0
e27e115f14e5153e17515f6fbe1c737b3d17b4a64937576e365567fcaaae5e34
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6ff9dbdd68bab5e0490dfacbc533d5959d85788525cacb7054b3dc226b2d356
e7de3b4b49089f8cdd8267eda652f35806cb2b70f7c5cec0351f6d129263e52b
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
ed8ab5526d4ac08a251cf6258d68e0908bd57ee66e5fb1955b683ec9855241ca
f10699f59e4285b87af5097e4ba9e470ee29b4f3487fa767f2818bdbbdd6bb14
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

www.fifacm.com Open in urlscan Pro 2606:4700::6812:1a44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

83 Requests

96 %HTTPS

43 %IPv6

30 Domains

36 Subdomains

38 IPs

6 Countries

2806 kBTransfer

8768 kBSize

11 Cookies

6 Outgoing links

Page URL History

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.fifacm.com Open in urlscan Pro
2606:4700::6812:1a44 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

96 %
HTTPS

43 %
IPv6

30
Domains

36
Subdomains

38
IPs

6
Countries

2806 kB
Transfer

8768 kB
Size

11
Cookies

83 HTTP transactions
0 data transactions