GET
H2
|
200
|
Primary Request
canadamexicousa2026
Show response
www.fifa.com/fifaplus/en/tournaments/mens/worldcup/
|
12 KB
10 KB
|
90ms
15ms
|
Document
text/html |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/en/tournaments/mens/worldcup/canadamexicousa2026
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/4893) /
- Resource Hash
- b6860ece5a05ef72ad19fdeaa0ea9b6a0c096ea7b48ad226578c835fbf5a556e
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
noto-sans-700.5f31d84a.woff2
www.fifa.com/fifaplus/static/media/
|
152 KB
156 KB
|
61ms
58ms
|
Font
font/woff2 |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/static/media/noto-sans-700.5f31d84a.woff2
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/en/tournaments/mens/worldcup/canadamexicousa2026
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/48DD) /
- Resource Hash
- 6a2f4003a98a3d8b367702823291c5e43078623288deff831d9d83c8f2db9b16
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com blob: *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.2mdn.net api.pingone.eu *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.fifa.com *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.onetrust.com mycujoo-static.imgix.net wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.2mdn.net api.pingone.eu;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
noto-sans-italic.ac006f14.woff2
www.fifa.com/fifaplus/static/media/
|
116 KB
121 KB
|
72ms
69ms
|
Font
font/woff2 |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/static/media/noto-sans-italic.ac006f14.woff2
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/en/tournaments/mens/worldcup/canadamexicousa2026
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/4890) /
- Resource Hash
- a954c0a79c10d3b1bc92da8061a74c4bf99ade39a5f0b385de63e14e569a23db
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com blob: *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.2mdn.net api.pingone.eu *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.fifa.com *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.onetrust.com mycujoo-static.imgix.net wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.2mdn.net api.pingone.eu;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
noto-sans-regular.bfa96228.woff2
www.fifa.com/fifaplus/static/media/
|
153 KB
158 KB
|
46ms
43ms
|
Font
font/woff2 |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/static/media/noto-sans-regular.bfa96228.woff2
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/en/tournaments/mens/worldcup/canadamexicousa2026
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/48EF) /
- Resource Hash
- 16bb3d8fb5c371c9e4fa6b5f313c0a5e2edd911c0ce6d0f9c3cee01e9560a2b3
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
poppins-500.323014b9.woff2
www.fifa.com/fifaplus/static/media/
|
48 KB
52 KB
|
73ms
70ms
|
Font
font/woff2 |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/static/media/poppins-500.323014b9.woff2
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/en/tournaments/mens/worldcup/canadamexicousa2026
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/4894) /
- Resource Hash
- c293b3aeb4898d08cc511c812408a728d6c707c464078342d9af91adcb3adc8a
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com blob: *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.2mdn.net api.pingone.eu *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.fifa.com *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.onetrust.com mycujoo-static.imgix.net wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.2mdn.net api.pingone.eu;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
poppins-600.427f7037.woff2
www.fifa.com/fifaplus/static/media/
|
49 KB
53 KB
|
57ms
55ms
|
Font
font/woff2 |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/static/media/poppins-600.427f7037.woff2
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/en/tournaments/mens/worldcup/canadamexicousa2026
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/48B4) /
- Resource Hash
- f9947515ada0af97c9f138a55bf4b733905d3cd11010e806a501c32d20b18ecb
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
poppins-italic.c232e615.woff2
www.fifa.com/fifaplus/static/media/
|
56 KB
60 KB
|
59ms
57ms
|
Font
font/woff2 |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/static/media/poppins-italic.c232e615.woff2
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/en/tournaments/mens/worldcup/canadamexicousa2026
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/488F) /
- Resource Hash
- 48eb74a45169ea3d83367b03ba9fcfaa84db06cc587da680c6e9b864a15b4e5b
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com blob: *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.2mdn.net api.pingone.eu *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.fifa.com *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.onetrust.com mycujoo-static.imgix.net wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.2mdn.net api.pingone.eu;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
poppins-regular.80ad975e.woff2
www.fifa.com/fifaplus/static/media/
|
49 KB
53 KB
|
73ms
71ms
|
Font
font/woff2 |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/static/media/poppins-regular.80ad975e.woff2
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/en/tournaments/mens/worldcup/canadamexicousa2026
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/48FC) /
- Resource Hash
- bca0cbef4d9a1480419d2e87f92f86f2b04237f91c1a36800ff4929370b931a4
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com blob: *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.2mdn.net api.pingone.eu *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.fifa.com *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.onetrust.com mycujoo-static.imgix.net wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.2mdn.net api.pingone.eu;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
launch-ENf264c4ce0fad4ce4bf7503fd7be51245.min.js
Show response
assets.adobedtm.com/7db34e84caae/759763b5faef/
|
344 KB
94 KB
|
64ms
14ms
|
Script
application/x-javascript |
2a02:26f0:3500:2b9::1e80
AKAMAI-ASN1
|
|
|
GET
H2
|
200
|
main.bundle.js
Show response
play.fifa.com/components/
|
127 KB
42 KB
|
73ms
65ms
|
Script
application/javascript |
152.199.19.82
EDGECAST
|
|
|
GET
H2
|
200
|
OtAutoBlock.js
Show response
cdn.cookielaw.org/consent/996debe1-708b-4ebc-95c8-5b7ee0d77d76/
|
68 KB
10 KB
|
52ms
28ms
|
Script
application/x-javascript |
2606:4700::6812:82ec
CLOUDFLARENET
|
|
General
- Full URL
- https://cdn.cookielaw.org/consent/996debe1-708b-4ebc-95c8-5b7ee0d77d76/OtAutoBlock.js
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/en/tournaments/mens/worldcup/canadamexicousa2026
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700::6812:82ec
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 4f873e0ae2deece45b4c18cb7cdccfb66995c45d3b60a42311a5713f5e3cc26d
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
otSDKStub.js
Show response
cdn.cookielaw.org/scripttemplates/
|
21 KB
7 KB
|
43ms
19ms
|
Script
application/javascript |
2606:4700::6812:82ec
CLOUDFLARENET
|
|
General
- Full URL
- https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/en/tournaments/mens/worldcup/canadamexicousa2026
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700::6812:82ec
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 6b1fc966c38b12c845f9fd8bdb76027106b776783fd44eeed917663942b5fd16
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
|
77 B
254 B
|
69ms
34ms
|
Other
text/javascript |
2606:4700:4400::ac40:9b77
CLOUDFLARENET
|
|
|
GET
H/1.1
|
403
Forbidden
|
conviva-4.0.12.js
cdn.theoplayer.com/conviva/
|
0
0
|
88ms
41ms
|
Script
application/xml |
52.222.236.63
AMAZON-02
|
|
General
- Full URL
- https://cdn.theoplayer.com/conviva/conviva-4.0.12.js
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/en/tournaments/mens/worldcup/canadamexicousa2026
- Protocol
- HTTP/1.1
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
52.222.236.63
, United States,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- server-52-222-236-63.fra56.r.cloudfront.net
- Software
-
/
- Resource Hash
|
GET
H2
|
200
|
52.66843683.chunk.css
www.fifa.com/fifaplus/static/css/
|
264 KB
58 KB
|
17ms
16ms
|
Stylesheet
text/css |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/static/css/52.66843683.chunk.css
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/en/tournaments/mens/worldcup/canadamexicousa2026
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/4887) /
- Resource Hash
- 55655f7d2dbe6228d02546899765814fd90185d3f0123f449a5917cd791071fb
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
main.bfbc643a.chunk.css
www.fifa.com/fifaplus/static/css/
|
413 KB
57 KB
|
31ms
30ms
|
Stylesheet
text/css |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/static/css/main.bfbc643a.chunk.css
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/en/tournaments/mens/worldcup/canadamexicousa2026
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/48F2) /
- Resource Hash
- 922d422cc7f78323238e157f51f78e49dfc385b4b1c8c9f0b719be67c905f7be
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
52.11c22246.chunk.js
Show response
www.fifa.com/fifaplus/static/js/
|
504 KB
149 KB
|
72ms
72ms
|
Script
application/javascript |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/en/tournaments/mens/worldcup/canadamexicousa2026
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/48BD) /
- Resource Hash
- 9f2ae35186533ec1f6743dcd1c982b5d15b8c707ab307a2c680b7e9c72a4cab6
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
main.ce754781.chunk.js
Show response
www.fifa.com/fifaplus/static/js/
|
325 KB
92 KB
|
73ms
72ms
|
Script
application/javascript |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/static/js/main.ce754781.chunk.js
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/en/tournaments/mens/worldcup/canadamexicousa2026
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/48A0) /
- Resource Hash
- b1a1133dde1484cb603096ac9c16973cb451376428334e1e4540b2d50f2977dd
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
996debe1-708b-4ebc-95c8-5b7ee0d77d76.json
Show response
cdn.cookielaw.org/consent/996debe1-708b-4ebc-95c8-5b7ee0d77d76/
|
5 KB
2 KB
|
44ms
25ms
|
XHR
application/x-javascript |
2606:4700::6812:82ec
CLOUDFLARENET
|
|
General
- Full URL
- https://cdn.cookielaw.org/consent/996debe1-708b-4ebc-95c8-5b7ee0d77d76/996debe1-708b-4ebc-95c8-5b7ee0d77d76.json
- Requested by
- Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700::6812:82ec
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- b575a13da5add896dc78801934494f5a4d0be7540e205b0d072350a21b5d941d
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
location
Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/
|
66 B
312 B
|
47ms
30ms
|
XHR
application/json |
2606:4700:4400::ac40:9b77
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
151.dca61043.chunk.js
Show response
www.fifa.com/fifaplus/static/js/
|
23 KB
12 KB
|
16ms
16ms
|
Script
application/javascript |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/static/js/151.dca61043.chunk.js
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/en/tournaments/mens/worldcup/canadamexicousa2026
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/48A2) /
- Resource Hash
- 0caf083abe0fb4a17be0611b0326c019b2c1ec8ccdff61dff1c83677a76cbc69
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
otBannerSdk.js
Show response
cdn.cookielaw.org/scripttemplates/202308.1.0/
|
411 KB
99 KB
|
18ms
17ms
|
Script
application/javascript |
2606:4700::6812:82ec
CLOUDFLARENET
|
|
General
- Full URL
- https://cdn.cookielaw.org/scripttemplates/202308.1.0/otBannerSdk.js
- Requested by
- Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700::6812:82ec
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 27ff6f8b30f633a9e1954d6cc94756127292aa99560255e414bbb75b37416594
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
71.07af1fb2.chunk.css
www.fifa.com/fifaplus/static/css/
|
8 KB
6 KB
|
17ms
17ms
|
Stylesheet
text/css |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/static/css/71.07af1fb2.chunk.css
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/en/tournaments/mens/worldcup/canadamexicousa2026
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/4889) /
- Resource Hash
- 7309bcbd99734b911c7941eaf77fec0f75f3acf9ec43ec88122f18314a1bd96c
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
71.16a1a9a9.chunk.js
Show response
www.fifa.com/fifaplus/static/js/
|
63 KB
24 KB
|
19ms
18ms
|
Script
application/javascript |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/static/js/71.16a1a9a9.chunk.js
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/en/tournaments/mens/worldcup/canadamexicousa2026
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/48C2) /
- Resource Hash
- 0cc8c44d9179fe1950427627e0abc1bba6a8fe021da9b026527c390ab7f248d7
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
headerManagement
cxm-api.fifa.com/fifaplusweb/api/
|
583 KB
61 KB
|
94ms
17ms
|
Other
application/json |
68.232.34.143
EDGECAST
|
|
General
- Full URL
- https://cxm-api.fifa.com/fifaplusweb/api/headerManagement?locale=en
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
68.232.34.143
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (amb/6B33) /
- Resource Hash
- 3f62440665ea91af25a506564d85a4b575ee0adc0b13d0f14cdaf8feb71895fb
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
sameorigin |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
en.json
Show response
cdn.cookielaw.org/consent/996debe1-708b-4ebc-95c8-5b7ee0d77d76/f41245b9-3cfe-4a28-8bf5-6202205d0917/
|
104 KB
21 KB
|
24ms
24ms
|
Fetch
application/x-javascript |
2606:4700::6812:82ec
CLOUDFLARENET
|
|
General
- Full URL
- https://cdn.cookielaw.org/consent/996debe1-708b-4ebc-95c8-5b7ee0d77d76/f41245b9-3cfe-4a28-8bf5-6202205d0917/en.json
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700::6812:82ec
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- a9f2cdd47b16f357da22995fbcdd7225a8b3979bd00feb1c3c1c8d8cc04f6ff4
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
canadamexicousa2026
Show response
cxm-api.fifa.com/fifaplusweb/api/pages/en/tournaments/mens/worldcup/
|
3 KB
2 KB
|
61ms
14ms
|
XHR
application/json |
68.232.34.143
EDGECAST
|
|
General
- Full URL
- https://cxm-api.fifa.com/fifaplusweb/api/pages/en/tournaments/mens/worldcup/canadamexicousa2026
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
68.232.34.143
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (amb/6B66) /
- Resource Hash
- a937bbda84a8810f74a2e43dec08ec5d1c0e906dc0fbb95fe3f61244119baf37
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
sameorigin |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
otFlat.json
Show response
cdn.cookielaw.org/scripttemplates/202308.1.0/assets/
|
13 KB
3 KB
|
18ms
17ms
|
Fetch
application/json |
2606:4700::6812:82ec
CLOUDFLARENET
|
|
General
- Full URL
- https://cdn.cookielaw.org/scripttemplates/202308.1.0/assets/otFlat.json
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700::6812:82ec
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
otPcTab.json
Show response
cdn.cookielaw.org/scripttemplates/202308.1.0/assets/v2/
|
62 KB
13 KB
|
16ms
16ms
|
Fetch
application/json |
2606:4700::6812:82ec
CLOUDFLARENET
|
|
General
- Full URL
- https://cdn.cookielaw.org/scripttemplates/202308.1.0/assets/v2/otPcTab.json
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700::6812:82ec
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- ef692caebb708b665def2aad3beab4eca949689636103edd74069a60d6da5d59
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
otCommonStyles.css
Show response
cdn.cookielaw.org/scripttemplates/202308.1.0/assets/
|
21 KB
4 KB
|
16ms
16ms
|
Fetch
text/css |
2606:4700::6812:82ec
CLOUDFLARENET
|
|
General
- Full URL
- https://cdn.cookielaw.org/scripttemplates/202308.1.0/assets/otCommonStyles.css
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700::6812:82ec
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
ot_guard_logo.svg
Show response
cdn.cookielaw.org/logos/static/
|
497 B
494 B
|
16ms
16ms
|
Fetch
image/svg+xml |
2606:4700::6812:82ec
CLOUDFLARENET
|
|
General
- Full URL
- https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700::6812:82ec
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
fcm_rgbf_s.png
cdn.cookielaw.org/logos/a22264f8-9d14-4ab8-ab4b-a61925d0e901/6b589592-a31b-4ede-9440-c6368b1eb13b/d0426540-ceee-4ccb-b321-ac2656d493bb/
|
4 KB
4 KB
|
18ms
18ms
|
Image
image/png |
2606:4700::6812:82ec
CLOUDFLARENET
|
|
General
- Full URL
- https://cdn.cookielaw.org/logos/a22264f8-9d14-4ab8-ab4b-a61925d0e901/6b589592-a31b-4ede-9440-c6368b1eb13b/d0426540-ceee-4ccb-b321-ac2656d493bb/fcm_rgbf_s.png
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700::6812:82ec
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- bb5b84b03e2b10ce084ddccd3f8787dd0a436d1c39600c882a4f162b8a2ec161
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
powered_by_logo.svg
cdn.cookielaw.org/logos/static/
|
5 KB
2 KB
|
25ms
25ms
|
Image
image/svg+xml |
2606:4700::6812:82ec
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
118.5ef2953c.chunk.css
www.fifa.com/fifaplus/static/css/
|
2 KB
5 KB
|
16ms
14ms
|
Stylesheet
text/css |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/static/css/118.5ef2953c.chunk.css
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/en/tournaments/mens/worldcup/canadamexicousa2026
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/48B3) /
- Resource Hash
- 6dd4dd11dddd320c1266a210e1b9255498306c46fc3dcff737bb3e5131b49127
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
118.baac5bc3.chunk.js
Show response
www.fifa.com/fifaplus/static/js/
|
2 KB
5 KB
|
19ms
17ms
|
Script
application/javascript |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/static/js/118.baac5bc3.chunk.js
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/en/tournaments/mens/worldcup/canadamexicousa2026
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/48F7) /
- Resource Hash
- 9891ed64b6dd995d02415efbbfb879bbab806bc8ebd1d94993b610fd1e2b00b5
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
cast_sender.js
Show response
www.gstatic.com/cv/js/sender/v1/
|
4 KB
2 KB
|
43ms
15ms
|
Script
text/javascript |
2a00:1450:4001:801::2003
GOOGLE
|
|
|
GET
H2
|
200
|
AppMeasurement.min.js
Show response
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/
|
33 KB
12 KB
|
28ms
27ms
|
Script
application/x-javascript |
2a02:26f0:3500:2b9::1e80
AKAMAI-ASN1
|
|
|
GET
H2
|
200
|
AppMeasurement_Module_ActivityMap.min.js
Show response
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/
|
3 KB
2 KB
|
15ms
15ms
|
Script
application/x-javascript |
2a02:26f0:3500:2b9::1e80
AKAMAI-ASN1
|
|
|
GET
H2
|
200
|
FIFA_Logo_White_Generic
digitalhub.fifa.com/transform/befe3a64-328b-453c-8b58-0faeb9103684/
|
6 KB
7 KB
|
166ms
11ms
|
Image
image/webp |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
|
GET
H2
|
200
|
WC26_Logo
digitalhub.fifa.com/transform/157d23bf-7e13-4d7b-949e-5d27d340987e/
|
2 KB
3 KB
|
166ms
12ms
|
Image
image/webp |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
|
GET
H2
|
200
|
1.ecddba40.chunk.js
Show response
www.fifa.com/fifaplus/static/js/
|
22 KB
11 KB
|
17ms
17ms
|
Script
application/javascript |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/static/js/1.ecddba40.chunk.js
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/en/tournaments/mens/worldcup/canadamexicousa2026
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/48ED) /
- Resource Hash
- 9d31a588154aab60ea524a567d1142504cd0e17d208c3ce7806a9fdff8f3d8d7
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
2.483001fd.chunk.js
Show response
www.fifa.com/fifaplus/static/js/
|
2 MB
614 KB
|
18ms
16ms
|
Script
application/javascript |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/static/js/2.483001fd.chunk.js
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/en/tournaments/mens/worldcup/canadamexicousa2026
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/48EE) /
- Resource Hash
- d0063e363dc8253812def2c681552405f7dd27809ae710800a6f116d4b56e075
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
21.ef0f936a.chunk.css
www.fifa.com/fifaplus/static/css/
|
14 KB
7 KB
|
22ms
21ms
|
Stylesheet
text/css |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/static/css/21.ef0f936a.chunk.css
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/en/tournaments/mens/worldcup/canadamexicousa2026
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/4890) /
- Resource Hash
- c7be0de506e52b64d9140626405bd021e576cb9d67c58104f64064bc15ef298c
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
21.9d46a193.chunk.js
Show response
www.fifa.com/fifaplus/static/js/
|
29 KB
13 KB
|
25ms
24ms
|
Script
application/javascript |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/static/js/21.9d46a193.chunk.js
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/en/tournaments/mens/worldcup/canadamexicousa2026
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/48CF) /
- Resource Hash
- 705aff5f681ae2c1fada40e9857cf07460a6cea60645a91e4da2e0160a033792
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
61.75cd61c8.chunk.css
www.fifa.com/fifaplus/static/css/
|
33 KB
9 KB
|
33ms
32ms
|
Stylesheet
text/css |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/static/css/61.75cd61c8.chunk.css
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/en/tournaments/mens/worldcup/canadamexicousa2026
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/488E) /
- Resource Hash
- 8e8a7bcc582f5a5d534582be455e19996fd14d58644bada973eca67735bfd737
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
61.7be92c3d.chunk.js
Show response
www.fifa.com/fifaplus/static/js/
|
26 KB
12 KB
|
26ms
26ms
|
Script
application/javascript |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/static/js/61.7be92c3d.chunk.js
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/en/tournaments/mens/worldcup/canadamexicousa2026
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/48E0) /
- Resource Hash
- 251012ca506df9ba49a980e8e941de727a19d77019db53bf72666d985724c516
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
cast_framework.js
Show response
www.gstatic.com/cast/sdk/libs/sender/1.0/
|
35 KB
12 KB
|
20ms
19ms
|
Script
text/javascript |
2a00:1450:4001:801::2003
GOOGLE
|
|
|
GET
H2
|
200
|
cast_sender.js
Show response
www.gstatic.com/eureka/clank/119/
|
50 KB
15 KB
|
8ms
8ms
|
Script
text/javascript |
2a00:1450:4001:801::2003
GOOGLE
|
|
|
GET
H2
|
200
|
resources
Show response
cxm-api.fifa.com/fifaplusweb/api/
|
625 B
379 B
|
23ms
22ms
|
XHR
application/json |
68.232.34.143
EDGECAST
|
|
General
- Full URL
- https://cxm-api.fifa.com/fifaplusweb/api/resources?locale=en&identifier=p26Labels
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
68.232.34.143
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (amb/6AF7) /
- Resource Hash
- e70b2f89905d77feca86ff726fc96e7aad982eec640da7dd1f01aadea8f3cff3
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
sameorigin |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
3jng80qXe2ZeGtcDxgwh6u
Show response
cxm-api.fifa.com/fifaplusweb/api/sections/heroBanner/
|
2 KB
818 B
|
22ms
21ms
|
XHR
application/json |
68.232.34.143
EDGECAST
|
|
General
- Full URL
- https://cxm-api.fifa.com/fifaplusweb/api/sections/heroBanner/3jng80qXe2ZeGtcDxgwh6u?locale=en
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
68.232.34.143
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (amb/6A95) /
- Resource Hash
- f1ce01deebc754bbf875463065f761ce8044df03bb518781a175ee5134debf44
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
sameorigin |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
689ol0WdLQZR2MoVUV1Trm
Show response
cxm-api.fifa.com/fifaplusweb/api/sections/heroBanner/
|
2 KB
853 B
|
15ms
15ms
|
XHR
application/json |
68.232.34.143
EDGECAST
|
|
General
- Full URL
- https://cxm-api.fifa.com/fifaplusweb/api/sections/heroBanner/689ol0WdLQZR2MoVUV1Trm?locale=en
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
68.232.34.143
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (amb/6B19) /
- Resource Hash
- e90609d8a027270d1f9348d07ca2d1962a10302c1bc5215038035428b1ab01c5
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
sameorigin |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
4nT7mZbHaV2tXTfKDLJaXX
Show response
cxm-api.fifa.com/fifaplusweb/api/sections/heroBanner/
|
2 KB
877 B
|
22ms
21ms
|
XHR
application/json |
68.232.34.143
EDGECAST
|
|
General
- Full URL
- https://cxm-api.fifa.com/fifaplusweb/api/sections/heroBanner/4nT7mZbHaV2tXTfKDLJaXX?locale=en
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
68.232.34.143
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (amb/6A96) /
- Resource Hash
- 7c24085bfea771346b937856c590db9d10af9e04f2b077a955bf1c6ec2c629e7
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
sameorigin |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
4hG0ib58lrZR03KDtxWi9X
Show response
cxm-api.fifa.com/fifaplusweb/api/sections/newsHeroGrid/
|
12 KB
3 KB
|
18ms
18ms
|
XHR
application/json |
68.232.34.143
EDGECAST
|
|
General
- Full URL
- https://cxm-api.fifa.com/fifaplusweb/api/sections/newsHeroGrid/4hG0ib58lrZR03KDtxWi9X?locale=en
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
68.232.34.143
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (amb/6AF8) /
- Resource Hash
- 6590aec433e277e0e0e6f9a198376ae6dd424d6ff822b8d05f7dc5f13f494101
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
sameorigin |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
5gAYgQPZeoSe9J2ngXcVxj
Show response
cxm-api.fifa.com/fifaplusweb/api/sections/smallPortraitCarousel/
|
8 KB
2 KB
|
17ms
17ms
|
XHR
application/json |
68.232.34.143
EDGECAST
|
|
General
- Full URL
- https://cxm-api.fifa.com/fifaplusweb/api/sections/smallPortraitCarousel/5gAYgQPZeoSe9J2ngXcVxj?locale=en&limit=20
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
68.232.34.143
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (amb/6B5A) /
- Resource Hash
- d494938b01297f4b819553c263ce2e91053ed5dcca7634f0ee4b7e3189d961a3
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
sameorigin |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
4Yw7kRJHvikObnYFQVmUUu
Show response
cxm-api.fifa.com/fifaplusweb/api/sections/smallPortraitCarousel/
|
11 KB
2 KB
|
22ms
22ms
|
XHR
application/json |
68.232.34.143
EDGECAST
|
|
General
- Full URL
- https://cxm-api.fifa.com/fifaplusweb/api/sections/smallPortraitCarousel/4Yw7kRJHvikObnYFQVmUUu?locale=en&limit=20
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
68.232.34.143
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (amb/6B36) /
- Resource Hash
- 2331b1edcab9cc57529eb03ea116f17dcad68257b126587e4547885a2427292f
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
sameorigin |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
2GXVjlU9b1qLOjYniP0jcK
Show response
cxm-api.fifa.com/fifaplusweb/api/sections/heroBanner/
|
1 KB
800 B
|
22ms
22ms
|
XHR
application/json |
68.232.34.143
EDGECAST
|
|
General
- Full URL
- https://cxm-api.fifa.com/fifaplusweb/api/sections/heroBanner/2GXVjlU9b1qLOjYniP0jcK?locale=en
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
68.232.34.143
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (amb/6ACE) /
- Resource Hash
- ef6f265d8764483a9556591fe9bcb52923bf4c740eb42fd95a078971de2abd79
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
sameorigin |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
718Py2ywmqXdJ6yWybyh9N
Show response
cxm-api.fifa.com/fifaplusweb/api/sections/externalIntegrationEmbed/
|
728 B
567 B
|
23ms
22ms
|
XHR
application/json |
68.232.34.143
EDGECAST
|
|
General
- Full URL
- https://cxm-api.fifa.com/fifaplusweb/api/sections/externalIntegrationEmbed/718Py2ywmqXdJ6yWybyh9N?locale=en
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
68.232.34.143
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (amb/6B08) /
- Resource Hash
- 2c94667337e1931be22f90fe384d72e8f152a6acff7150ba8e74d48688dd6a92
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
sameorigin |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
4JoS2wwGkAXjt8F94oYvzj
Show response
cxm-api.fifa.com/fifaplusweb/api/sections/smallPortraitCarousel/
|
10 KB
2 KB
|
18ms
18ms
|
XHR
application/json |
68.232.34.143
EDGECAST
|
|
General
- Full URL
- https://cxm-api.fifa.com/fifaplusweb/api/sections/smallPortraitCarousel/4JoS2wwGkAXjt8F94oYvzj?locale=en&limit=20
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
68.232.34.143
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (amb/6BDA) /
- Resource Hash
- e7809adb2b3c18b0ae795a1be695e5a40e04045e0aaee2ae8dfac1da581d690f
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
sameorigin |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
2JCM2oIf1E37uNLLLodCeH
Show response
cxm-api.fifa.com/fifaplusweb/api/sections/smallLandscapeCarousel/
|
6 KB
2 KB
|
27ms
27ms
|
XHR
application/json |
68.232.34.143
EDGECAST
|
|
General
- Full URL
- https://cxm-api.fifa.com/fifaplusweb/api/sections/smallLandscapeCarousel/2JCM2oIf1E37uNLLLodCeH?locale=en&limit=20
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
68.232.34.143
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (amb/6AEE) /
- Resource Hash
- 2ea98534300f880856ed4995819d93fd2dba8705ea9e87810acd8c9252d7fcb4
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
sameorigin |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
4eFpo6Dn3IRDhot0SVzWJi
Show response
cxm-api.fifa.com/fifaplusweb/api/sections/smallPortraitCarousel/
|
7 KB
2 KB
|
28ms
28ms
|
XHR
application/json |
68.232.34.143
EDGECAST
|
|
General
- Full URL
- https://cxm-api.fifa.com/fifaplusweb/api/sections/smallPortraitCarousel/4eFpo6Dn3IRDhot0SVzWJi?locale=en&limit=20
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
68.232.34.143
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (amb/6B0E) /
- Resource Hash
- 85227758b64a418797618aac752fca7cacc080037e894ec648764d3886faf314
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
sameorigin |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
62MVq8K46nL4BWH8sjlMAe
Show response
cxm-api.fifa.com/fifaplusweb/api/sections/externalIntegrationEmbed/
|
877 B
573 B
|
27ms
27ms
|
XHR
application/json |
68.232.34.143
EDGECAST
|
|
General
- Full URL
- https://cxm-api.fifa.com/fifaplusweb/api/sections/externalIntegrationEmbed/62MVq8K46nL4BWH8sjlMAe?locale=en
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
68.232.34.143
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (amb/6B38) /
- Resource Hash
- 7e9621bbe81371ac0f742df9db8788a04000c9acc534230c2700da218a25c69a
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
sameorigin |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
1CQLHotImo6OfGpHAoHjKn
Show response
cxm-api.fifa.com/fifaplusweb/api/sections/smallPortraitCarousel/
|
3 KB
1 KB
|
28ms
28ms
|
XHR
application/json |
68.232.34.143
EDGECAST
|
|
General
- Full URL
- https://cxm-api.fifa.com/fifaplusweb/api/sections/smallPortraitCarousel/1CQLHotImo6OfGpHAoHjKn?locale=en&limit=20
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
68.232.34.143
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (amb/6B04) /
- Resource Hash
- 30dd132fd066997b89c66294580ac6970d75dad0de4597417ca9c3245778cf2a
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
sameorigin |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
p26_hover_mask.svg
digitalhub.fifa.com/m/2d0a3d0e030421a3/original/
|
2 KB
2 KB
|
9ms
8ms
|
Image
image/svg+xml |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
|
GET
H2
|
200
|
26-landscape.svg
digitalhub.fifa.com/m/7cc796b2336ac059/original/
|
2 KB
2 KB
|
9ms
8ms
|
Image
image/svg+xml |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
|
GET
H2
|
200
|
S28NysX-t0ynntZoH0dfpQ
Show response
cxm-api.fifa.com/fifaplusweb/api/videoPlayerData/
|
2 KB
2 KB
|
197ms
197ms
|
XHR
application/json |
68.232.34.143
EDGECAST
|
|
General
- Full URL
- https://cxm-api.fifa.com/fifaplusweb/api/videoPlayerData/S28NysX-t0ynntZoH0dfpQ?locale=en&isPreviewVideo=true
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
68.232.34.143
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (amb/6AA5) /
- Resource Hash
- f81d3d042a87198aeb8722b7027cb5ced17d90169c55830944dfe2202d0ffe8a
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
sameorigin |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
3sAylRL5CDbaMWLqJOgBAH
Show response
cxm-api.fifa.com/fifaplusweb/api/videoPlayerData/
|
2 KB
1 KB
|
18ms
18ms
|
XHR
application/json |
68.232.34.143
EDGECAST
|
|
General
- Full URL
- https://cxm-api.fifa.com/fifaplusweb/api/videoPlayerData/3sAylRL5CDbaMWLqJOgBAH?locale=en&isPreviewVideo=true
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
68.232.34.143
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (amb/6AE2) /
- Resource Hash
- 7763027bd550caad1abb419b758bee2e7cf2ad513853ec84c421b521add5e1ab
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
sameorigin |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
p26_hover_mask.svg
digitalhub.fifa.com/m/2d0a3d0e030421a3/original/
|
2 KB
2 KB
|
10ms
10ms
|
Image
image/svg+xml |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
|
GET
H2
|
200
|
b609a81a087f44e491688db54a0bca73.json
Show response
content.uplynk.com/preplay/
|
522 B
789 B
|
185ms
45ms
|
Fetch
application/json |
2a05:d018:11d:9e04:1b1d:8758:5da7:b5c0
AMAZON-02
|
|
General
- Full URL
- https://content.uplynk.com/preplay/b609a81a087f44e491688db54a0bca73.json?v=2&tc=1%2C-1&rn=1305628405&exp=1700324314&ct=a&cid=b609a81a087f44e491688db54a0bca73&expand=Shared_Ad_Params%2CWeb_VOD_Params&ad.npa=1&ad.cust_params=npa%253D1&allow_cc_ad=1&sig=d4d30273bc5e23df3f4c808044ad9f54e7f06bed1334af6e5b29c6561e7bfea5&ad.sid=c34a8512-c1fd-4926-ac69-1755f3c0e665&ad.ppid=c34a8512-c1fd-4926-ac69-1755f3c0e665
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
2a05:d018:11d:9e04:1b1d:8758:5da7:b5c0
Dublin, Ireland,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
nginx /
- Resource Hash
- 2e429578f95b6bde47201f2899b359e9bc4055cee4230b616ea0af780f3e099e
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
26-landscape.svg
digitalhub.fifa.com/m/7cc796b2336ac059/original/
|
2 KB
2 KB
|
10ms
9ms
|
Image
image/svg+xml |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
|
GET
H2
|
200
|
p26_hover_mask.svg
digitalhub.fifa.com/m/2d0a3d0e030421a3/original/
|
2 KB
2 KB
|
10ms
10ms
|
Image
image/svg+xml |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
|
GET
H2
|
200
|
Video_fallback_LA
digitalhub.fifa.com/transform/0a072c29-74b2-4951-848c-55432925e4d9/
|
90 KB
91 KB
|
14ms
14ms
|
Image
image/webp |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
|
GET
H2
|
200
|
26-landscape.svg
digitalhub.fifa.com/m/7cc796b2336ac059/original/
|
2 KB
2 KB
|
10ms
10ms
|
Image
image/svg+xml |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
|
GET
H2
|
200
|
Video_fallback_LA
digitalhub.fifa.com/transform/0a072c29-74b2-4951-848c-55432925e4d9/
|
90 KB
91 KB
|
13ms
13ms
|
Image
image/webp |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
General
- Full URL
- https://digitalhub.fifa.com/transform/0a072c29-74b2-4951-848c-55432925e4d9/Video_fallback_LA?io=transform:fill,width:1600&quality=50
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2600:9000:223c:8e00:11:c1cc:72c0:93a1
, United States,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
nginx /
- Resource Hash
- b6731918e8554e8daa56f47bb28c04dd0b4a0e2cc0001a9d90a15be7806b0db3
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubdomains |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
p26_hover_mask.svg
digitalhub.fifa.com/m/2d0a3d0e030421a3/original/
|
2 KB
2 KB
|
17ms
17ms
|
Image
image/svg+xml |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
|
GET
H2
|
200
|
573c87f5f6b74aa8b917273f8d04e1c2.json
Show response
content.uplynk.com/preplay/
|
523 B
789 B
|
46ms
46ms
|
Fetch
application/json |
2a05:d018:11d:9e04:1b1d:8758:5da7:b5c0
AMAZON-02
|
|
General
- Full URL
- https://content.uplynk.com/preplay/573c87f5f6b74aa8b917273f8d04e1c2.json?v=2&tc=1%2C-1&rn=978906500&exp=1700324890&ct=a&cid=573c87f5f6b74aa8b917273f8d04e1c2&expand=Shared_Ad_Params%2CWeb_VOD_Params&ad.npa=1&ad.cust_params=npa%253D1&allow_cc_ad=1&sig=506e89b7f948c113df0e8855ea185e131f474e03e6eb3dd3b7a8441fc343c3b1&ad.sid=c34a8512-c1fd-4926-ac69-1755f3c0e665&ad.ppid=c34a8512-c1fd-4926-ac69-1755f3c0e665
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
2a05:d018:11d:9e04:1b1d:8758:5da7:b5c0
Dublin, Ireland,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
nginx /
- Resource Hash
- 50d402680d1b96d9883332a3e6082758c35f9533e848611b853555e74a2dcfa9
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
26-landscape.svg
digitalhub.fifa.com/m/7cc796b2336ac059/original/
|
2 KB
2 KB
|
9ms
9ms
|
Image
image/svg+xml |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
|
GET
H2
|
200
|
Video_fallback_LA
digitalhub.fifa.com/transform/0a072c29-74b2-4951-848c-55432925e4d9/
|
90 KB
91 KB
|
10ms
10ms
|
Image
image/webp |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
General
- Full URL
- https://digitalhub.fifa.com/transform/0a072c29-74b2-4951-848c-55432925e4d9/Video_fallback_LA?io=transform:fill,width:1600&quality=50
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2600:9000:223c:8e00:11:c1cc:72c0:93a1
, United States,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
nginx /
- Resource Hash
- b6731918e8554e8daa56f47bb28c04dd0b4a0e2cc0001a9d90a15be7806b0db3
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubdomains |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
p26_hover_mask.svg
digitalhub.fifa.com/m/2d0a3d0e030421a3/original/
|
2 KB
2 KB
|
10ms
10ms
|
Image
image/svg+xml |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
|
GET
H2
|
200
|
Hero_image-1
digitalhub.fifa.com/transform/278fbc25-8253-44e7-a13f-725c63acf834/
|
30 KB
32 KB
|
14ms
14ms
|
Image
image/webp |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
|
GET
H2
|
200
|
Hero_image-1
digitalhub.fifa.com/transform/278fbc25-8253-44e7-a13f-725c63acf834/
|
30 KB
32 KB
|
14ms
13ms
|
Image
image/webp |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
General
- Full URL
- https://digitalhub.fifa.com/transform/278fbc25-8253-44e7-a13f-725c63acf834/Hero_image-1?io=transform:fill,width:1600&quality=50
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2600:9000:223c:8e00:11:c1cc:72c0:93a1
, United States,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
nginx /
- Resource Hash
- f1fca6ca91d263eb28f9f19c324dd4e327288520a2229a5f7008e0fa96795e57
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubdomains |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
26-landscape.svg
digitalhub.fifa.com/m/7cc796b2336ac059/original/
|
2 KB
2 KB
|
9ms
9ms
|
Image
image/svg+xml |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
|
GET
H2
|
200
|
Video_fallback_LA
digitalhub.fifa.com/transform/0a072c29-74b2-4951-848c-55432925e4d9/
|
90 KB
91 KB
|
10ms
9ms
|
Image
image/webp |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
General
- Full URL
- https://digitalhub.fifa.com/transform/0a072c29-74b2-4951-848c-55432925e4d9/Video_fallback_LA?io=transform:fill,width:1600&quality=50
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2600:9000:223c:8e00:11:c1cc:72c0:93a1
, United States,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
nginx /
- Resource Hash
- b6731918e8554e8daa56f47bb28c04dd0b4a0e2cc0001a9d90a15be7806b0db3
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubdomains |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
p26_hover_mask.svg
digitalhub.fifa.com/m/2d0a3d0e030421a3/original/
|
2 KB
2 KB
|
12ms
12ms
|
Image
image/svg+xml |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
|
GET
H2
|
200
|
b609a81a087f44e491688db54a0bca73.json
Show response
content.uplynk.com/player/assetinfo/
|
1 KB
2 KB
|
30ms
30ms
|
Fetch
application/json |
2a05:d018:11d:9e04:1b1d:8758:5da7:b5c0
AMAZON-02
|
|
General
- Full URL
- https://content.uplynk.com/player/assetinfo/b609a81a087f44e491688db54a0bca73.json?pbs=c2f5f9556ace40e5a35e4ec532d0058e
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
2a05:d018:11d:9e04:1b1d:8758:5da7:b5c0
Dublin, Ireland,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
nginx /
- Resource Hash
- cb31f0bd21d9df05deb34d2519227c4098df659dc89f0caeb222d8851097a722
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
register_interest_background
digitalhub.fifa.com/transform/1ca6e372-c084-4190-824a-67bb66e6ae72/
|
11 KB
12 KB
|
12ms
12ms
|
Image
image/webp |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
General
- Full URL
- https://digitalhub.fifa.com/transform/1ca6e372-c084-4190-824a-67bb66e6ae72/register_interest_background?io=transform:fill,width:1455&quality=100
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/css/21.ef0f936a.chunk.css
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2600:9000:223c:8e00:11:c1cc:72c0:93a1
, United States,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
nginx /
- Resource Hash
- 39c4ba098195245d90c94af1664983daae71df7b15165e75c06ae138e15b8d83
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubdomains |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
Video_fallback_LA
digitalhub.fifa.com/transform/0a072c29-74b2-4951-848c-55432925e4d9/
|
408 KB
410 KB
|
10ms
10ms
|
Image
image/webp |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
|
GET
H2
|
200
|
Darwin-Nunez-celebrates-scoring-for-Uruguay-in-Argentina
digitalhub.fifa.com/transform/0a3aff38-0308-499b-8c3c-eda4e1843727/
|
192 KB
194 KB
|
18ms
18ms
|
Image
image/webp |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
General
- Full URL
- https://digitalhub.fifa.com/transform/0a3aff38-0308-499b-8c3c-eda4e1843727/Darwin-Nunez-celebrates-scoring-for-Uruguay-in-Argentina?io=transform:fill,aspectratio:16x9,width:1024&quality=100
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2600:9000:223c:8e00:11:c1cc:72c0:93a1
, United States,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
nginx /
- Resource Hash
- b27adf563a5f2ce31c11c2914dc419682a66bf145480d5ac24569e1d8a9bd1c4
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubdomains |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
World-Cup-26-Asian-Qualifying-Round-2-Japan-vs-Myanmar
digitalhub.fifa.com/transform/def33bff-ab84-4830-b2ab-979c1d4d2287/
|
80 KB
82 KB
|
21ms
21ms
|
Image
image/webp |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
General
- Full URL
- https://digitalhub.fifa.com/transform/def33bff-ab84-4830-b2ab-979c1d4d2287/World-Cup-26-Asian-Qualifying-Round-2-Japan-vs-Myanmar?io=transform:fill,aspectratio:16x9,width:468&quality=100
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2600:9000:223c:8e00:11:c1cc:72c0:93a1
, United States,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
nginx /
- Resource Hash
- 07d8c71c71a24ed0a5a0365480db3f604962d8ac2b96748d63d410ae3d841d8e
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubdomains |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
Islam-Slimani-of-Algeria-players-warm-up-before-match-during-the-FIFA-World-Cup-Qualifiers-2026-match-between-Algeria-and-Somalia-held-at-Nelson-Mandela-Stadium-in-Algiers-Algeria-on-16-November-2023
digitalhub.fifa.com/transform/9c06560d-82ae-4f02-8c94-ba883ddb2600/
|
26 KB
28 KB
|
25ms
25ms
|
Image
image/webp |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
General
- Full URL
- https://digitalhub.fifa.com/transform/9c06560d-82ae-4f02-8c94-ba883ddb2600/Islam-Slimani-of-Algeria-players-warm-up-before-match-during-the-FIFA-World-Cup-Qualifiers-2026-match-between-Algeria-and-Somalia-held-at-Nelson-Mandela-Stadium-in-Algiers-Algeria-on-16-November-2023?io=transform:fill,aspectratio:16x9,width:468&quality=100
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2600:9000:223c:8e00:11:c1cc:72c0:93a1
, United States,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
nginx /
- Resource Hash
- 2c633556b9f968fb50f39edf7f07386facd43fe98d2bd8ebf43ba53e2e71b140
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubdomains |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
Mo-Sangare-in-action-for-Liberia
digitalhub.fifa.com/transform/14c37427-0378-40e6-bb26-5ae7a947045c/
|
46 KB
47 KB
|
22ms
22ms
|
Image
image/webp |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
|
GET
H2
|
200
|
FPLS_QualifiersTemplate_CT_ThumbLandscape_CAF_N
digitalhub.fifa.com/transform/f9e577bd-df89-4ca4-b9b8-f56011bd4fa4/
|
28 KB
30 KB
|
21ms
21ms
|
Image
image/webp |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
General
- Full URL
- https://digitalhub.fifa.com/transform/f9e577bd-df89-4ca4-b9b8-f56011bd4fa4/FPLS_QualifiersTemplate_CT_ThumbLandscape_CAF_N?io=transform:fill,aspectratio:16x9,width:468&quality=100
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2600:9000:223c:8e00:11:c1cc:72c0:93a1
, United States,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
nginx /
- Resource Hash
- 2fbb5939b59b4d843cf5d499710cc0c6ab50361380a3f1751c944a2dcfbda973
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubdomains |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
1440-register-interest-hero-reduced-height
digitalhub.fifa.com/transform/f36ab960-22f1-47f8-a905-ebfaa944a361/
|
5 KB
6 KB
|
20ms
20ms
|
Image
image/webp |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
General
- Full URL
- https://digitalhub.fifa.com/transform/f36ab960-22f1-47f8-a905-ebfaa944a361/1440-register-interest-hero-reduced-height?io=transform:fill,width:1455&quality=100
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/css/21.ef0f936a.chunk.css
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2600:9000:223c:8e00:11:c1cc:72c0:93a1
, United States,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
nginx /
- Resource Hash
- 095c29e4afedcd6f145699b4fc7212e5de727d843babd70b4d118abecb6024d6
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubdomains |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
FU17WC_Indonesia2023_Thumbnail
digitalhub.fifa.com/transform/907527d7-4f33-4e70-bd35-8e61f0e33263/
|
123 KB
124 KB
|
22ms
20ms
|
Image
image/webp |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
|
GET
H2
|
200
|
FPLS_FCWC2023_Thumbnail_01
digitalhub.fifa.com/transform/c1960ccd-f89c-44d5-bdea-e319c075cfdb/
|
228 KB
230 KB
|
26ms
24ms
|
Image
image/webp |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
|
GET
H2
|
200
|
The-Best-2023-thumbnail
digitalhub.fifa.com/transform/ad8cfa3c-18a4-493a-ad24-fba68485a896/
|
92 KB
93 KB
|
30ms
29ms
|
Image
image/webp |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
|
GET
H2
|
200
|
FPLS_FBSWC2024_Thumbnail_01
digitalhub.fifa.com/transform/327117d9-d13a-471a-b40e-9fac69ac1b52/
|
75 KB
76 KB
|
20ms
19ms
|
Image
image/webp |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
|
GET
H2
|
200
|
Olympics-Paris-2024-Logo
digitalhub.fifa.com/transform/b4d0cf3d-795e-438c-9b59-753a030d2e24/
|
46 KB
48 KB
|
22ms
21ms
|
Image
image/webp |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
|
GET
H2
|
200
|
FIFA-Futsal-World-Cup-Colombia-2016-Trophies
digitalhub.fifa.com/transform/42fc69c4-13e8-490d-9fc3-9c53c1a6fb87/
|
55 KB
57 KB
|
26ms
25ms
|
Image
image/webp |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
General
- Full URL
- https://digitalhub.fifa.com/transform/42fc69c4-13e8-490d-9fc3-9c53c1a6fb87/FIFA-Futsal-World-Cup-Colombia-2016-Trophies?io=transform:fill,aspectratio:106x75,width:1440&quality=100
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2600:9000:223c:8e00:11:c1cc:72c0:93a1
, United States,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
nginx /
- Resource Hash
- 20f1a9de0facf493369c80aeb3e6649df5ee30817ae53e053ad1632f81a62d7b
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubdomains |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
FPS_FWC26_Hero_PostLaunch
digitalhub.fifa.com/transform/235ddd27-575c-405c-9568-ef6ef2d05ec4/
|
58 KB
60 KB
|
23ms
22ms
|
Image
image/webp |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
|
GET
H2
|
200
|
country_menu_bg_ca
digitalhub.fifa.com/transform/efdfee3f-ae38-4486-a7a1-3573f210ece1/
|
21 KB
22 KB
|
23ms
18ms
|
Image
image/webp |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
General
- Full URL
- https://digitalhub.fifa.com/transform/efdfee3f-ae38-4486-a7a1-3573f210ece1/country_menu_bg_ca
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/css/61.75cd61c8.chunk.css
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2600:9000:223c:8e00:11:c1cc:72c0:93a1
, United States,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
nginx /
- Resource Hash
- 20198ea05b33c2dcd1ae34d7fec2e879cbb0db8f730ce036f94310fcc3a1c2c7
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubdomains |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
country_menu_bg_mx
digitalhub.fifa.com/transform/34b4879c-2e54-45a0-9395-5a4b257714e1/
|
24 KB
25 KB
|
22ms
17ms
|
Image
image/webp |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
General
- Full URL
- https://digitalhub.fifa.com/transform/34b4879c-2e54-45a0-9395-5a4b257714e1/country_menu_bg_mx
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/css/61.75cd61c8.chunk.css
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2600:9000:223c:8e00:11:c1cc:72c0:93a1
, United States,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
nginx /
- Resource Hash
- e976974bd2385b5c15551843801864c05d8b11021fb0c5e5715300017acc83f6
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubdomains |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
country_menu_bg_us
digitalhub.fifa.com/transform/3f679848-6068-44ee-8b0e-2d290bd5970a/
|
21 KB
22 KB
|
22ms
19ms
|
Image
image/webp |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
General
- Full URL
- https://digitalhub.fifa.com/transform/3f679848-6068-44ee-8b0e-2d290bd5970a/country_menu_bg_us
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/css/61.75cd61c8.chunk.css
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2600:9000:223c:8e00:11:c1cc:72c0:93a1
, United States,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
nginx /
- Resource Hash
- ce92cf1c5f111f69ad492de0abe0a7d169cd437b7841c7c683852e7ce1bdac69
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubdomains |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
FWC2026-NormalBlack.2bd896c8.woff2
www.fifa.com/fifaplus/static/media/
|
45 KB
49 KB
|
24ms
20ms
|
Font
font/woff2 |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/static/media/FWC2026-NormalBlack.2bd896c8.woff2
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/css/118.5ef2953c.chunk.css
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/48CD) /
- Resource Hash
- b854663e83865f46900ad48b0f947a586bc35a847725abb7aadccc4fcafb6f8f
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
FWC2026-SemiExpandedBlack.e378fa1c.woff2
www.fifa.com/fifaplus/static/media/
|
45 KB
50 KB
|
26ms
22ms
|
Font
font/woff2 |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/static/media/FWC2026-SemiExpandedBlack.e378fa1c.woff2
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/css/118.5ef2953c.chunk.css
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/48F4) /
- Resource Hash
- 2d6b8f53d1e25822116c74ad810425792696f6cba8759e1f60c964c0e616a7c9
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
FWC2026-ExpandedBlack.e49451e9.woff2
www.fifa.com/fifaplus/static/media/
|
43 KB
48 KB
|
36ms
33ms
|
Font
font/woff2 |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/static/media/FWC2026-ExpandedBlack.e49451e9.woff2
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/css/118.5ef2953c.chunk.css
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/489F) /
- Resource Hash
- 04492174a44ec7cdff662765038cfd7cdef1cec8d8c83748599f7e30c2116dec
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
FWC2026-UltraCondensedBold.0e7149b5.woff2
www.fifa.com/fifaplus/static/media/
|
39 KB
43 KB
|
39ms
36ms
|
Font
font/woff2 |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/static/media/FWC2026-UltraCondensedBold.0e7149b5.woff2
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/css/118.5ef2953c.chunk.css
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/48EF) /
- Resource Hash
- 1b37c3e0644d4ef85cbc527ef0beb47586924966262a888b4e923da40219df26
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
FWC2026-CondensedLight.c11e508e.woff2
www.fifa.com/fifaplus/static/media/
|
41 KB
46 KB
|
26ms
24ms
|
Font
font/woff2 |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/static/media/FWC2026-CondensedLight.c11e508e.woff2
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/css/118.5ef2953c.chunk.css
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/48A6) /
- Resource Hash
- 1c26f0664910e31e9c4f2971cfc67c54a7a295777d7497e59b846e2d6b5e98f0
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
FWC2026-UltraCondensedBlack.8e6ba053.woff2
www.fifa.com/fifaplus/static/media/
|
37 KB
42 KB
|
37ms
35ms
|
Font
font/woff2 |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/static/media/FWC2026-UltraCondensedBlack.8e6ba053.woff2
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/css/118.5ef2953c.chunk.css
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/48A0) /
- Resource Hash
- d5cc99b66288d5ad06890ba94fe2b09ebe81ee2b133691dc34b334b35a4c0c96
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
FWC2026-CondensedBlack.adf42119.woff2
www.fifa.com/fifaplus/static/media/
|
41 KB
45 KB
|
32ms
30ms
|
Font
font/woff2 |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/static/media/FWC2026-CondensedBlack.adf42119.woff2
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/css/118.5ef2953c.chunk.css
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/48A4) /
- Resource Hash
- 372480f2a0bd04ffa56262e105c5d3d14a2912858257bbb36724a14c84a60aa7
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
NotoSans-Medium.2994073c.woff2
www.fifa.com/fifaplus/static/media/
|
167 KB
172 KB
|
28ms
26ms
|
Font
font/woff2 |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/static/media/NotoSans-Medium.2994073c.woff2
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/css/118.5ef2953c.chunk.css
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/48FD) /
- Resource Hash
- 996f52a06e4470d3cc2ab1ddf13e1051ed0c41e2c2e519274b76859e3899dc59
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
FWC2026-UltraCondensedMedium.4da29b9d.woff2
www.fifa.com/fifaplus/static/media/
|
38 KB
42 KB
|
32ms
30ms
|
Font
font/woff2 |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/static/media/FWC2026-UltraCondensedMedium.4da29b9d.woff2
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/css/118.5ef2953c.chunk.css
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/48D6) /
- Resource Hash
- 338ff6c7b6d3a5e76c68f7596d03c0b4d09aa3b73a0cca07c3548e16e3e2f9f0
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
wallsio-widget-1.2.js
Show response
walls.io/js/
|
16 KB
5 KB
|
51ms
9ms
|
Script
application/javascript |
52.57.54.153
AMAZON-02
|
|
|
GET
H2
|
200
|
Hero_image-1
digitalhub.fifa.com/transform/278fbc25-8253-44e7-a13f-725c63acf834/
|
30 KB
32 KB
|
16ms
11ms
|
Image
image/webp |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
|
GET
H2
|
200
|
26-landscape.svg
digitalhub.fifa.com/m/7cc796b2336ac059/original/
|
2 KB
2 KB
|
11ms
7ms
|
Image
image/svg+xml |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
|
GET
H2
|
200
|
Video_fallback_LA
digitalhub.fifa.com/transform/0a072c29-74b2-4951-848c-55432925e4d9/
|
90 KB
91 KB
|
14ms
9ms
|
Image
image/webp |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
|
GET
H2
|
200
|
p26_hover_mask.svg
digitalhub.fifa.com/m/2d0a3d0e030421a3/original/
|
2 KB
2 KB
|
12ms
8ms
|
Image
image/svg+xml |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
|
GET
H2
|
200
|
theoplayer.e.js
www.fifa.com/fifaplus/vendor/theoplayer.13b559657e4beee9d9d5899594caaad2/
|
157 KB
57 KB
|
19ms
17ms
|
Other
application/javascript |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/vendor/theoplayer.13b559657e4beee9d9d5899594caaad2/theoplayer.e.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/4884) /
- Resource Hash
- a801f2d1cd1a2fa11922c5b14f0d8bd072dd8954e1472847b6e00425f9deec3e
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
theoplayer.p.js
www.fifa.com/fifaplus/vendor/theoplayer.13b559657e4beee9d9d5899594caaad2/
|
99 KB
37 KB
|
17ms
15ms
|
Other
application/javascript |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/vendor/theoplayer.13b559657e4beee9d9d5899594caaad2/theoplayer.p.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/4896) /
- Resource Hash
- d2be63ad82addbd4d3e45024482d4ea32daaa8a01fb147ce3b7f797519225a4c
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
573c87f5f6b74aa8b917273f8d04e1c2.json
Show response
content.uplynk.com/player/assetinfo/
|
1 KB
2 KB
|
30ms
29ms
|
Fetch
application/json |
2a05:d018:11d:9e04:1b1d:8758:5da7:b5c0
AMAZON-02
|
|
General
- Full URL
- https://content.uplynk.com/player/assetinfo/573c87f5f6b74aa8b917273f8d04e1c2.json?pbs=5aee5911687b4df2bb6b94bba9e2689c
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
2a05:d018:11d:9e04:1b1d:8758:5da7:b5c0
Dublin, Ireland,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
nginx /
- Resource Hash
- 78417ebbea63f1b233530be6e839bb6e5e7123c2c3c6602f37fad3eb5a331fc9
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
theoplayer.e.js
www.fifa.com/fifaplus/vendor/theoplayer.13b559657e4beee9d9d5899594caaad2/
|
157 KB
57 KB
|
16ms
15ms
|
Other
application/javascript |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/vendor/theoplayer.13b559657e4beee9d9d5899594caaad2/theoplayer.e.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/4884) /
- Resource Hash
- a801f2d1cd1a2fa11922c5b14f0d8bd072dd8954e1472847b6e00425f9deec3e
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
theoplayer.p.js
www.fifa.com/fifaplus/vendor/theoplayer.13b559657e4beee9d9d5899594caaad2/
|
99 KB
37 KB
|
17ms
17ms
|
Other
application/javascript |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/vendor/theoplayer.13b559657e4beee9d9d5899594caaad2/theoplayer.p.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/4896) /
- Resource Hash
- d2be63ad82addbd4d3e45024482d4ea32daaa8a01fb147ce3b7f797519225a4c
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
Hero_image-1
digitalhub.fifa.com/transform/278fbc25-8253-44e7-a13f-725c63acf834/
|
116 KB
118 KB
|
10ms
10ms
|
Image
image/webp |
2600:9000:223c:8e00:11:c1cc:72c0:93a1
AMAZON-02
|
|
|
GET
H2
|
200
|
4xwj8Apy5R6ePt2KEvhUkgTtkejzu8MHUyD38VXexGX.m3u8
Show response
content-aeui1.uplynk.com/preplay2/b609a81a087f44e491688db54a0bca73/722e9cf44dc54ac61c3465bdfedabb2e/
|
3 KB
952 B
|
55ms
33ms
|
Fetch
application/vnd.apple.mpegurl |
2a05:d018:11d:9e04:1b1d:8758:5da7:b5c0
AMAZON-02
|
|
General
- Full URL
- https://content-aeui1.uplynk.com/preplay2/b609a81a087f44e491688db54a0bca73/722e9cf44dc54ac61c3465bdfedabb2e/4xwj8Apy5R6ePt2KEvhUkgTtkejzu8MHUyD38VXexGX.m3u8?pbs=c2f5f9556ace40e5a35e4ec532d0058e
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
2a05:d018:11d:9e04:1b1d:8758:5da7:b5c0
Dublin, Ireland,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
nginx /
- Resource Hash
- 10d1e2378c8cd385a0e3ac457dfd89f29318fce7e842b1fabd9d59cce18ff49f
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
318HD8367SgBr7oAlY6BVc40WqexeOdvRyUnCSy8oTRp.m3u8
Show response
content-aeui1.uplynk.com/preplay2/573c87f5f6b74aa8b917273f8d04e1c2/722e9cf44dc54ac61c3465bdfedabb2e/
|
3 KB
963 B
|
33ms
32ms
|
Fetch
application/vnd.apple.mpegurl |
2a05:d018:11d:9e04:1b1d:8758:5da7:b5c0
AMAZON-02
|
|
General
- Full URL
- https://content-aeui1.uplynk.com/preplay2/573c87f5f6b74aa8b917273f8d04e1c2/722e9cf44dc54ac61c3465bdfedabb2e/318HD8367SgBr7oAlY6BVc40WqexeOdvRyUnCSy8oTRp.m3u8?pbs=5aee5911687b4df2bb6b94bba9e2689c
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
2a05:d018:11d:9e04:1b1d:8758:5da7:b5c0
Dublin, Ireland,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
nginx /
- Resource Hash
- 4cf433fd89e7ce08aa91ed4c6d287926b75b03efa3af88bb381df91a08bcae71
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
a.m3u8
Show response
content-aeui1.uplynk.com/b609a81a087f44e491688db54a0bca73/
|
10 KB
1014 B
|
31ms
30ms
|
Fetch
application/vnd.apple.mpegurl |
2a05:d018:11d:9e04:1b1d:8758:5da7:b5c0
AMAZON-02
|
|
General
- Full URL
- https://content-aeui1.uplynk.com/b609a81a087f44e491688db54a0bca73/a.m3u8?pbs=c2f5f9556ace40e5a35e4ec532d0058e
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
2a05:d018:11d:9e04:1b1d:8758:5da7:b5c0
Dublin, Ireland,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
nginx /
- Resource Hash
- b6e3e167dd0290b4e8a23096c71502ca6df9721480d6d1d6c830dc69c006a0ea
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
a.m3u8
Show response
content-aeui1.uplynk.com/573c87f5f6b74aa8b917273f8d04e1c2/
|
3 KB
969 B
|
31ms
31ms
|
Fetch
application/vnd.apple.mpegurl |
2a05:d018:11d:9e04:1b1d:8758:5da7:b5c0
AMAZON-02
|
|
General
- Full URL
- https://content-aeui1.uplynk.com/573c87f5f6b74aa8b917273f8d04e1c2/a.m3u8?pbs=5aee5911687b4df2bb6b94bba9e2689c
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
2a05:d018:11d:9e04:1b1d:8758:5da7:b5c0
Dublin, Ireland,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
nginx /
- Resource Hash
- 3608741bfeea4b9fe14feedefabf7a98817133fbe88740ea16dbc397b1cea73a
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
A00000000.ts
Show response
x-default-sstgec.uplynk.com/aeuw1/slices/b60/5d8e9ef63a204d0b8cb71b50093bde7d/b609a81a087f44e491688db54a0bca73/
|
145 KB
145 KB
|
116ms
16ms
|
Fetch
application/octet-stream |
2606:2800:133:202d:cd5:25f1:103b:1d26
EDGECAST
|
|
General
- Full URL
- https://x-default-sstgec.uplynk.com/aeuw1/slices/b60/5d8e9ef63a204d0b8cb71b50093bde7d/b609a81a087f44e491688db54a0bca73/A00000000.ts?pbs=c2f5f9556ace40e5a35e4ec532d0058e&cloud=aws&cdn=eci&si=0&d=4.096&cdntoken=8OXwQ3tPxc2nT-RkQEPejSLWBB_KZokBEYDgCAgyCNsT9sgv683sKFEWsMD2VXYVcMaGFGRSO7HVCQH9WKVImT6ZWxRXVYR_-RBceNY5fjOB0ByJjLS3gsG_1N4oygfLjCLMfWiRx8MGsk20oq-WT3znR_8F6bVE6xOAgk6qW-D2x2U5ER-dDpIC0UbP5R-4QhboAnmaR7FkboZiprXEFmNJ_xvWUtFww3ha7j-kfGabpCPGaWQTDTe9
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2606:2800:133:202d:cd5:25f1:103b:1d26
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/48B7) /
- Resource Hash
- bf3367e6708664e5ab5cf7521c662b6bb9cfb239c3f6a1bc464247e49217ad9f
|
GET
H2
|
200
|
A00000000.ts
Show response
x-default-sstgec.uplynk.com/aeuw1/slices/573/5d8e9ef63a204d0b8cb71b50093bde7d/573c87f5f6b74aa8b917273f8d04e1c2/
|
124 KB
124 KB
|
112ms
42ms
|
Fetch
application/octet-stream |
2606:2800:133:202d:cd5:25f1:103b:1d26
EDGECAST
|
|
General
- Full URL
- https://x-default-sstgec.uplynk.com/aeuw1/slices/573/5d8e9ef63a204d0b8cb71b50093bde7d/573c87f5f6b74aa8b917273f8d04e1c2/A00000000.ts?pbs=5aee5911687b4df2bb6b94bba9e2689c&cloud=aws&cdn=eci&si=0&d=4.096&cdntoken=Gv46H6CUHjMFIR47qWb2kbRP0ES9PFd7_-XqJNozuT_9-4ynu-lY7sSUPGhjyoum-j6ZtSiae9alUn-zZr9cquBUzchFzA8XbSvsa4JdeKpWY1OpVD53UqkUuTWrnGmNtessexC-C0ThLU-v7CXNdlkrHjPHAT5MJipouqx4s572u3IWMaOihlc41o9_l8T97WxIn2DwwwLcrIhs2FTsxLdSxY6bAGat7eu6Hs88mdXHuqWlgGbAMd4R
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2606:2800:133:202d:cd5:25f1:103b:1d26
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/48B5) /
- Resource Hash
- 4ca514f5eb90ab8953dcc02b11f293e8931c6503ae9e4d3d6b5cbe5bf8f6cf60
|
GET
H2
|
200
|
check2
Show response
content-aeui1.uplynk.com/
|
16 B
311 B
|
31ms
30ms
|
Fetch
application/octet-stream |
2a05:d018:11d:9e04:1b1d:8758:5da7:b5c0
AMAZON-02
|
|
General
- Full URL
- https://content-aeui1.uplynk.com/check2?b=b609a81a087f44e491688db54a0bca73&v=b609a81a087f44e491688db54a0bca73&r=a&pbs=c2f5f9556ace40e5a35e4ec532d0058e
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
2a05:d018:11d:9e04:1b1d:8758:5da7:b5c0
Dublin, Ireland,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
nginx /
- Resource Hash
- 2b0c0075a033682efadba78fe375d9895f5a28a366979725040eb3772a0bb4cf
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
j.m3u8
Show response
content-aeui1.uplynk.com/b609a81a087f44e491688db54a0bca73/
|
10 KB
1013 B
|
31ms
31ms
|
Fetch
application/vnd.apple.mpegurl |
2a05:d018:11d:9e04:1b1d:8758:5da7:b5c0
AMAZON-02
|
|
General
- Full URL
- https://content-aeui1.uplynk.com/b609a81a087f44e491688db54a0bca73/j.m3u8?pbs=c2f5f9556ace40e5a35e4ec532d0058e
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
2a05:d018:11d:9e04:1b1d:8758:5da7:b5c0
Dublin, Ireland,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
nginx /
- Resource Hash
- 365c5eee4c6d3549a414eee66f920e6e73766d719474c2145837cbdf1cdf9441
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
check2
Show response
content-aeui1.uplynk.com/
|
16 B
311 B
|
31ms
30ms
|
Fetch
application/octet-stream |
2a05:d018:11d:9e04:1b1d:8758:5da7:b5c0
AMAZON-02
|
|
General
- Full URL
- https://content-aeui1.uplynk.com/check2?b=573c87f5f6b74aa8b917273f8d04e1c2&v=573c87f5f6b74aa8b917273f8d04e1c2&r=a&pbs=5aee5911687b4df2bb6b94bba9e2689c
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
2a05:d018:11d:9e04:1b1d:8758:5da7:b5c0
Dublin, Ireland,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
nginx /
- Resource Hash
- a25bc6588d5b2e1e21c5ab6e5df559abb0c03546346f21adb3e21d3aa163e8ba
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
A00000001.ts
Show response
x-default-sstgec.uplynk.com/aeuw1/slices/573/5d8e9ef63a204d0b8cb71b50093bde7d/573c87f5f6b74aa8b917273f8d04e1c2/
|
127 KB
127 KB
|
16ms
16ms
|
Fetch
application/octet-stream |
2606:2800:133:202d:cd5:25f1:103b:1d26
EDGECAST
|
|
General
- Full URL
- https://x-default-sstgec.uplynk.com/aeuw1/slices/573/5d8e9ef63a204d0b8cb71b50093bde7d/573c87f5f6b74aa8b917273f8d04e1c2/A00000001.ts?pbs=5aee5911687b4df2bb6b94bba9e2689c&cloud=aws&cdn=eci&si=0&d=4.096&cdntoken=Gv46H6CUHjMFIR47qWb2kbRP0ES9PFd7_-XqJNozuT_9-4ynu-lY7sSUPGhjyoum-j6ZtSiae9alUn-zZr9cquBUzchFzA8XbSvsa4JdeKpWY1OpVD53UqkUuTWrnGmNtessexC-C0ThLU-v7CXNdlkrHjPHAT5MJipouqx4s572u3IWMaOihlc41o9_l8T97WxIn2DwwwLcrIhs2FTsxLdSxY6bAGat7eu6Hs88mdXHuqWlgGbAMd4R
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2606:2800:133:202d:cd5:25f1:103b:1d26
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/48A5) /
- Resource Hash
- e734c6c209e6222eb5260d2fab3a5bfcc0685e6c11f18557fc670fec0f1ba140
|
GET
H2
|
200
|
theoplayer.d.js
www.fifa.com/fifaplus/vendor/theoplayer.13b559657e4beee9d9d5899594caaad2/
|
93 KB
35 KB
|
17ms
17ms
|
Other
application/javascript |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/vendor/theoplayer.13b559657e4beee9d9d5899594caaad2/theoplayer.d.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/48F8) /
- Resource Hash
- dbe20b537ed17fbff493b74a70886e185a60bf42591b65fbe9b6f1a272a8d4f4
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
j.m3u8
Show response
content-aeui1.uplynk.com/b609a81a087f44e491688db54a0bca73/
|
10 KB
1014 B
|
36ms
35ms
|
Fetch
application/vnd.apple.mpegurl |
2a05:d018:11d:9e04:1b1d:8758:5da7:b5c0
AMAZON-02
|
|
General
- Full URL
- https://content-aeui1.uplynk.com/b609a81a087f44e491688db54a0bca73/j.m3u8?pbs=c2f5f9556ace40e5a35e4ec532d0058e
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
2a05:d018:11d:9e04:1b1d:8758:5da7:b5c0
Dublin, Ireland,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
nginx /
- Resource Hash
- 9cdb29473d634b52a46120c7c6d3994fd810de015062cb6ddca894aaef1656cc
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
theoplayer.d.js
www.fifa.com/fifaplus/vendor/theoplayer.13b559657e4beee9d9d5899594caaad2/
|
93 KB
35 KB
|
15ms
15ms
|
Other
application/javascript |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/fifaplus/vendor/theoplayer.13b559657e4beee9d9d5899594caaad2/theoplayer.d.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/48F8) /
- Resource Hash
- dbe20b537ed17fbff493b74a70886e185a60bf42591b65fbe9b6f1a272a8d4f4
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
J00000000.ts
Show response
x-default-sstgec.uplynk.com/aeuw1/slices/b60/5d8e9ef63a204d0b8cb71b50093bde7d/b609a81a087f44e491688db54a0bca73/
|
3 MB
3 MB
|
17ms
17ms
|
Fetch
application/octet-stream |
2606:2800:133:202d:cd5:25f1:103b:1d26
EDGECAST
|
|
General
- Full URL
- https://x-default-sstgec.uplynk.com/aeuw1/slices/b60/5d8e9ef63a204d0b8cb71b50093bde7d/b609a81a087f44e491688db54a0bca73/J00000000.ts?pbs=c2f5f9556ace40e5a35e4ec532d0058e&cloud=aws&cdn=eci&si=0&d=4.096&cdntoken=gFiriJFL-2f47_zpKUZCjQQ3hcLGTM-RX9f71IxtF02SfNLumjcVcxU1uQsML-IxptR_l1bWOeM-38eQ9FvW97pMt-TTyQTltVKyYvWD1AttRq0L10ZzXiP0YmpGJ7_aE_7Cu0E3qZonDjwMIp4ELcqz5IYtirYt760dQ5ZDtIxSw35jtktwm9HmN43bcQI9wo7dxIydOv7sgPybCFA-_aDWV6syDWIEGdt99C2QvVXdFruMDGpoHBP5
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2606:2800:133:202d:cd5:25f1:103b:1d26
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/489B) /
- Resource Hash
- 8b8939d4dff9694971bfe9dcb5a82e48052fb7c0f24e6f55f6acc709ce06a1d6
|
GET
H2
|
200
|
j.m3u8
Show response
content-aeui1.uplynk.com/573c87f5f6b74aa8b917273f8d04e1c2/
|
3 KB
970 B
|
36ms
36ms
|
Fetch
application/vnd.apple.mpegurl |
2a05:d018:11d:9e04:1b1d:8758:5da7:b5c0
AMAZON-02
|
|
General
- Full URL
- https://content-aeui1.uplynk.com/573c87f5f6b74aa8b917273f8d04e1c2/j.m3u8?pbs=5aee5911687b4df2bb6b94bba9e2689c
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
2a05:d018:11d:9e04:1b1d:8758:5da7:b5c0
Dublin, Ireland,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
nginx /
- Resource Hash
- e8efe850a30733e3a8044909fae942685a2664c2d4253b533d4df02bef13a389
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
j.m3u8
Show response
content-aeui1.uplynk.com/573c87f5f6b74aa8b917273f8d04e1c2/
|
3 KB
972 B
|
36ms
36ms
|
Fetch
application/vnd.apple.mpegurl |
2a05:d018:11d:9e04:1b1d:8758:5da7:b5c0
AMAZON-02
|
|
General
- Full URL
- https://content-aeui1.uplynk.com/573c87f5f6b74aa8b917273f8d04e1c2/j.m3u8?pbs=5aee5911687b4df2bb6b94bba9e2689c
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
2a05:d018:11d:9e04:1b1d:8758:5da7:b5c0
Dublin, Ireland,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
nginx /
- Resource Hash
- d23ac3ab22655fef0b3a670de30bf301e6f8651edb765f82459464fae303de09
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
J00000000.ts
Show response
x-default-sstgec.uplynk.com/aeuw1/slices/573/5d8e9ef63a204d0b8cb71b50093bde7d/573c87f5f6b74aa8b917273f8d04e1c2/
|
2 MB
2 MB
|
50ms
49ms
|
Fetch
application/octet-stream |
2606:2800:133:202d:cd5:25f1:103b:1d26
EDGECAST
|
|
General
- Full URL
- https://x-default-sstgec.uplynk.com/aeuw1/slices/573/5d8e9ef63a204d0b8cb71b50093bde7d/573c87f5f6b74aa8b917273f8d04e1c2/J00000000.ts?pbs=5aee5911687b4df2bb6b94bba9e2689c&cloud=aws&cdn=eci&si=0&d=4.096&cdntoken=b9UKZpa_UfX-MN7DCSBx7nOo8NZ_6UvuXbIew553t8Tp9pBmAslQMGVHrEeS7TUYPLFtv8O8Xn8GADEuWLwvk3o9rM41Wr5lBzKErieW1RLEgSIEeS1wg5pa40sfcM9X0oJek-AC_FXK5J5wRSxz179BlivqoJjUO0I-ka-MRZVisOqFd2r3-JL-NHI4tgNbtGzYkQOfIePRfxPjIkalaIfOf4ppHVqldupuRW2VlHukHjdn-8VNL1mB
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2606:2800:133:202d:cd5:25f1:103b:1d26
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/48C9) /
- Resource Hash
- e2cfc92eac61d799e0219eecd4f31ffe471428841092750cedf707de2400038a
|
POST
H/1.1
|
200
OK
|
/
Show response
license.theoplayer.com/
|
0
176 B
|
62ms
28ms
|
Fetch
|
88.198.33.80
HETZNER-AS
|
|
|
POST
H/1.1
|
200
OK
|
/
Show response
license.theoplayer.com/
|
0
176 B
|
66ms
42ms
|
Fetch
|
88.198.33.80
HETZNER-AS
|
|
|
GET
H2
|
200
|
check2
Show response
content-aeui1.uplynk.com/
|
16 B
311 B
|
30ms
30ms
|
Fetch
application/octet-stream |
2a05:d018:11d:9e04:1b1d:8758:5da7:b5c0
AMAZON-02
|
|
General
- Full URL
- https://content-aeui1.uplynk.com/check2?b=b609a81a087f44e491688db54a0bca73&v=b609a81a087f44e491688db54a0bca73&r=j&pbs=c2f5f9556ace40e5a35e4ec532d0058e
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
2a05:d018:11d:9e04:1b1d:8758:5da7:b5c0
Dublin, Ireland,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
nginx /
- Resource Hash
- 7c32cdc1ab5835d3388537d770517d557b340c5bd1fe95ca8115e68b5a559e98
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
check2
Show response
content-aeui1.uplynk.com/
|
16 B
311 B
|
34ms
34ms
|
Fetch
application/octet-stream |
2a05:d018:11d:9e04:1b1d:8758:5da7:b5c0
AMAZON-02
|
|
General
- Full URL
- https://content-aeui1.uplynk.com/check2?b=573c87f5f6b74aa8b917273f8d04e1c2&v=573c87f5f6b74aa8b917273f8d04e1c2&r=j&pbs=5aee5911687b4df2bb6b94bba9e2689c
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
2a05:d018:11d:9e04:1b1d:8758:5da7:b5c0
Dublin, Ireland,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
nginx /
- Resource Hash
- cf24857ffe0daf1dee181dba65aa08bc61db109a67f02a3c560965dc1f198485
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
J00000001.ts
Show response
x-default-sstgec.uplynk.com/aeuw1/slices/b60/5d8e9ef63a204d0b8cb71b50093bde7d/b609a81a087f44e491688db54a0bca73/
|
3 MB
3 MB
|
15ms
15ms
|
Fetch
application/octet-stream |
2606:2800:133:202d:cd5:25f1:103b:1d26
EDGECAST
|
|
General
- Full URL
- https://x-default-sstgec.uplynk.com/aeuw1/slices/b60/5d8e9ef63a204d0b8cb71b50093bde7d/b609a81a087f44e491688db54a0bca73/J00000001.ts?pbs=c2f5f9556ace40e5a35e4ec532d0058e&cloud=aws&cdn=eci&si=0&d=4.096&cdntoken=gFiriJFL-2f47_zpKUZCjQQ3hcLGTM-RX9f71IxtF02SfNLumjcVcxU1uQsML-IxptR_l1bWOeM-38eQ9FvW97pMt-TTyQTltVKyYvWD1AttRq0L10ZzXiP0YmpGJ7_aE_7Cu0E3qZonDjwMIp4ELcqz5IYtirYt760dQ5ZDtIxSw35jtktwm9HmN43bcQI9wo7dxIydOv7sgPybCFA-_aDWV6syDWIEGdt99C2QvVXdFruMDGpoHBP5
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2606:2800:133:202d:cd5:25f1:103b:1d26
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/48B0) /
- Resource Hash
- e5f9f7c5db205a36ab8764fc900f18a897f4431db2a7526e72b2dcaee190315a
|
GET
H2
|
200
|
J00000001.ts
Show response
x-default-sstgec.uplynk.com/aeuw1/slices/573/5d8e9ef63a204d0b8cb71b50093bde7d/573c87f5f6b74aa8b917273f8d04e1c2/
|
1 MB
1 MB
|
16ms
16ms
|
Fetch
application/octet-stream |
2606:2800:133:202d:cd5:25f1:103b:1d26
EDGECAST
|
|
General
- Full URL
- https://x-default-sstgec.uplynk.com/aeuw1/slices/573/5d8e9ef63a204d0b8cb71b50093bde7d/573c87f5f6b74aa8b917273f8d04e1c2/J00000001.ts?pbs=5aee5911687b4df2bb6b94bba9e2689c&cloud=aws&cdn=eci&si=0&d=4.096&cdntoken=b9UKZpa_UfX-MN7DCSBx7nOo8NZ_6UvuXbIew553t8Tp9pBmAslQMGVHrEeS7TUYPLFtv8O8Xn8GADEuWLwvk3o9rM41Wr5lBzKErieW1RLEgSIEeS1wg5pa40sfcM9X0oJek-AC_FXK5J5wRSxz179BlivqoJjUO0I-ka-MRZVisOqFd2r3-JL-NHI4tgNbtGzYkQOfIePRfxPjIkalaIfOf4ppHVqldupuRW2VlHukHjdn-8VNL1mB
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2606:2800:133:202d:cd5:25f1:103b:1d26
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/48A4) /
- Resource Hash
- 84dfd0e54b4925642917b11cbb1e9b46e50a3acfd4f2bd2a2fd7d61cb12b36ac
|
GET
H2
|
200
|
J00000002.ts
Show response
x-default-sstgec.uplynk.com/aeuw1/slices/b60/5d8e9ef63a204d0b8cb71b50093bde7d/b609a81a087f44e491688db54a0bca73/
|
3 MB
3 MB
|
59ms
58ms
|
Fetch
application/octet-stream |
2606:2800:133:202d:cd5:25f1:103b:1d26
EDGECAST
|
|
General
- Full URL
- https://x-default-sstgec.uplynk.com/aeuw1/slices/b60/5d8e9ef63a204d0b8cb71b50093bde7d/b609a81a087f44e491688db54a0bca73/J00000002.ts?pbs=c2f5f9556ace40e5a35e4ec532d0058e&cloud=aws&cdn=eci&si=0&d=4.096&cdntoken=gFiriJFL-2f47_zpKUZCjQQ3hcLGTM-RX9f71IxtF02SfNLumjcVcxU1uQsML-IxptR_l1bWOeM-38eQ9FvW97pMt-TTyQTltVKyYvWD1AttRq0L10ZzXiP0YmpGJ7_aE_7Cu0E3qZonDjwMIp4ELcqz5IYtirYt760dQ5ZDtIxSw35jtktwm9HmN43bcQI9wo7dxIydOv7sgPybCFA-_aDWV6syDWIEGdt99C2QvVXdFruMDGpoHBP5
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2606:2800:133:202d:cd5:25f1:103b:1d26
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/48F1) /
- Resource Hash
- 7dafe263fb69eb4dc1c52574b7af06ecaff086e8be5601d35626bc0117d3f2e7
|
GET
H2
|
200
|
J00000002.ts
Show response
x-default-sstgec.uplynk.com/aeuw1/slices/573/5d8e9ef63a204d0b8cb71b50093bde7d/573c87f5f6b74aa8b917273f8d04e1c2/
|
2 MB
2 MB
|
14ms
14ms
|
Fetch
application/octet-stream |
2606:2800:133:202d:cd5:25f1:103b:1d26
EDGECAST
|
|
General
- Full URL
- https://x-default-sstgec.uplynk.com/aeuw1/slices/573/5d8e9ef63a204d0b8cb71b50093bde7d/573c87f5f6b74aa8b917273f8d04e1c2/J00000002.ts?pbs=5aee5911687b4df2bb6b94bba9e2689c&cloud=aws&cdn=eci&si=0&d=4.096&cdntoken=b9UKZpa_UfX-MN7DCSBx7nOo8NZ_6UvuXbIew553t8Tp9pBmAslQMGVHrEeS7TUYPLFtv8O8Xn8GADEuWLwvk3o9rM41Wr5lBzKErieW1RLEgSIEeS1wg5pa40sfcM9X0oJek-AC_FXK5J5wRSxz179BlivqoJjUO0I-ka-MRZVisOqFd2r3-JL-NHI4tgNbtGzYkQOfIePRfxPjIkalaIfOf4ppHVqldupuRW2VlHukHjdn-8VNL1mB
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2606:2800:133:202d:cd5:25f1:103b:1d26
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/48EC) /
- Resource Hash
- 4c6d748bdbbf02645fe9bfc54757ccdb7dd06d4104455c68a4f555332f13314b
|
GET
H2
|
200
|
J00000003.ts
Show response
x-default-sstgec.uplynk.com/aeuw1/slices/573/5d8e9ef63a204d0b8cb71b50093bde7d/573c87f5f6b74aa8b917273f8d04e1c2/
|
1 MB
1 MB
|
17ms
16ms
|
Fetch
application/octet-stream |
2606:2800:133:202d:cd5:25f1:103b:1d26
EDGECAST
|
|
General
- Full URL
- https://x-default-sstgec.uplynk.com/aeuw1/slices/573/5d8e9ef63a204d0b8cb71b50093bde7d/573c87f5f6b74aa8b917273f8d04e1c2/J00000003.ts?pbs=5aee5911687b4df2bb6b94bba9e2689c&cloud=aws&cdn=eci&si=0&d=2.816&cdntoken=b9UKZpa_UfX-MN7DCSBx7nOo8NZ_6UvuXbIew553t8Tp9pBmAslQMGVHrEeS7TUYPLFtv8O8Xn8GADEuWLwvk3o9rM41Wr5lBzKErieW1RLEgSIEeS1wg5pa40sfcM9X0oJek-AC_FXK5J5wRSxz179BlivqoJjUO0I-ka-MRZVisOqFd2r3-JL-NHI4tgNbtGzYkQOfIePRfxPjIkalaIfOf4ppHVqldupuRW2VlHukHjdn-8VNL1mB
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2606:2800:133:202d:cd5:25f1:103b:1d26
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/488B) /
- Resource Hash
- 39a186711cdddcb36b328f0a43126d935271e3ceb305b0c8b35b873e99d97534
|
GET
H2
|
200
|
J00000003.ts
Show response
x-default-sstgec.uplynk.com/aeuw1/slices/b60/5d8e9ef63a204d0b8cb71b50093bde7d/b609a81a087f44e491688db54a0bca73/
|
3 MB
3 MB
|
74ms
74ms
|
Fetch
application/octet-stream |
2606:2800:133:202d:cd5:25f1:103b:1d26
EDGECAST
|
|
General
- Full URL
- https://x-default-sstgec.uplynk.com/aeuw1/slices/b60/5d8e9ef63a204d0b8cb71b50093bde7d/b609a81a087f44e491688db54a0bca73/J00000003.ts?pbs=c2f5f9556ace40e5a35e4ec532d0058e&cloud=aws&cdn=eci&si=0&d=4.096&cdntoken=gFiriJFL-2f47_zpKUZCjQQ3hcLGTM-RX9f71IxtF02SfNLumjcVcxU1uQsML-IxptR_l1bWOeM-38eQ9FvW97pMt-TTyQTltVKyYvWD1AttRq0L10ZzXiP0YmpGJ7_aE_7Cu0E3qZonDjwMIp4ELcqz5IYtirYt760dQ5ZDtIxSw35jtktwm9HmN43bcQI9wo7dxIydOv7sgPybCFA-_aDWV6syDWIEGdt99C2QvVXdFruMDGpoHBP5
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2606:2800:133:202d:cd5:25f1:103b:1d26
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/48E3) /
- Resource Hash
- ea66dc2855e10cba179b3136c310bfd86b5dc50905b11876877405728f9c7959
|
GET
H2
|
200
|
J00000004.ts
Show response
x-default-sstgec.uplynk.com/aeuw1/slices/b60/5d8e9ef63a204d0b8cb71b50093bde7d/b609a81a087f44e491688db54a0bca73/
|
3 MB
3 MB
|
15ms
15ms
|
Fetch
application/octet-stream |
2606:2800:133:202d:cd5:25f1:103b:1d26
EDGECAST
|
|
General
- Full URL
- https://x-default-sstgec.uplynk.com/aeuw1/slices/b60/5d8e9ef63a204d0b8cb71b50093bde7d/b609a81a087f44e491688db54a0bca73/J00000004.ts?pbs=c2f5f9556ace40e5a35e4ec532d0058e&cloud=aws&cdn=eci&si=0&d=4.096&cdntoken=gFiriJFL-2f47_zpKUZCjQQ3hcLGTM-RX9f71IxtF02SfNLumjcVcxU1uQsML-IxptR_l1bWOeM-38eQ9FvW97pMt-TTyQTltVKyYvWD1AttRq0L10ZzXiP0YmpGJ7_aE_7Cu0E3qZonDjwMIp4ELcqz5IYtirYt760dQ5ZDtIxSw35jtktwm9HmN43bcQI9wo7dxIydOv7sgPybCFA-_aDWV6syDWIEGdt99C2QvVXdFruMDGpoHBP5
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2606:2800:133:202d:cd5:25f1:103b:1d26
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/489B) /
- Resource Hash
- 3740f9b30a2da2c21cb4ee739028b862dd84d60182dff02e3fff07937a2d3030
|
GET
H2
|
200
|
J00000005.ts
Show response
x-default-sstgec.uplynk.com/aeuw1/slices/b60/5d8e9ef63a204d0b8cb71b50093bde7d/b609a81a087f44e491688db54a0bca73/
|
3 MB
3 MB
|
20ms
20ms
|
Fetch
application/octet-stream |
2606:2800:133:202d:cd5:25f1:103b:1d26
EDGECAST
|
|
General
- Full URL
- https://x-default-sstgec.uplynk.com/aeuw1/slices/b60/5d8e9ef63a204d0b8cb71b50093bde7d/b609a81a087f44e491688db54a0bca73/J00000005.ts?pbs=c2f5f9556ace40e5a35e4ec532d0058e&cloud=aws&cdn=eci&si=0&d=4.096&cdntoken=gFiriJFL-2f47_zpKUZCjQQ3hcLGTM-RX9f71IxtF02SfNLumjcVcxU1uQsML-IxptR_l1bWOeM-38eQ9FvW97pMt-TTyQTltVKyYvWD1AttRq0L10ZzXiP0YmpGJ7_aE_7Cu0E3qZonDjwMIp4ELcqz5IYtirYt760dQ5ZDtIxSw35jtktwm9HmN43bcQI9wo7dxIydOv7sgPybCFA-_aDWV6syDWIEGdt99C2QvVXdFruMDGpoHBP5
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2606:2800:133:202d:cd5:25f1:103b:1d26
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/48D2) /
- Resource Hash
- 17e4f7282dedb86583a9032a3409655ba8333e3f1b8979157874f46c43f8a292
|
GET
H2
|
200
|
J00000006.ts
Show response
x-default-sstgec.uplynk.com/aeuw1/slices/b60/5d8e9ef63a204d0b8cb71b50093bde7d/b609a81a087f44e491688db54a0bca73/
|
3 MB
3 MB
|
18ms
18ms
|
Fetch
application/octet-stream |
2606:2800:133:202d:cd5:25f1:103b:1d26
EDGECAST
|
|
General
- Full URL
- https://x-default-sstgec.uplynk.com/aeuw1/slices/b60/5d8e9ef63a204d0b8cb71b50093bde7d/b609a81a087f44e491688db54a0bca73/J00000006.ts?pbs=c2f5f9556ace40e5a35e4ec532d0058e&cloud=aws&cdn=eci&si=0&d=4.096&cdntoken=gFiriJFL-2f47_zpKUZCjQQ3hcLGTM-RX9f71IxtF02SfNLumjcVcxU1uQsML-IxptR_l1bWOeM-38eQ9FvW97pMt-TTyQTltVKyYvWD1AttRq0L10ZzXiP0YmpGJ7_aE_7Cu0E3qZonDjwMIp4ELcqz5IYtirYt760dQ5ZDtIxSw35jtktwm9HmN43bcQI9wo7dxIydOv7sgPybCFA-_aDWV6syDWIEGdt99C2QvVXdFruMDGpoHBP5
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/fifaplus/static/js/52.11c22246.chunk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2606:2800:133:202d:cd5:25f1:103b:1d26
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (ama/48C4) /
- Resource Hash
- aa4b769797418c58e928703f3cc06605e1573af62ecf97a4671a9548aebad1a0
|