www.fmfu.org Open in urlscan Pro
99.80.159.202 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.fmfu.org/
Submission: On December 12 via api (December 12th 2023, 2:46:19 pm UTC) from US — Scanned from DE

Summary HTTP 117 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 38 IPs in 4 countries across 31 domains to perform 117 HTTP transactions. The main IP is 99.80.159.202, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.fmfu.org.

This is the only time www.fmfu.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	99.80.159.202 99.80.159.202	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	16.182.96.8 16.182.96.8	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
3 3	2606:4700:20:... 2606:4700:20::681a:8f0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	92.205.88.213 92.205.88.213	21499 (GODADDY-SXB) (GODADDY-SXB)
1	13.32.121.62 13.32.121.62	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
18	2606:4700:20:... 2606:4700:20::ac43:4789	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	75.2.86.201 75.2.86.201	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
8	13.32.121.31 13.32.121.31	16509 (AMAZON-02) (AMAZON-02)
2	3.33.193.16 3.33.193.16	16509 (AMAZON-02) (AMAZON-02)
1 4	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::282 2a04:4e42::282	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:bd59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.97.49 18.66.97.49	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::6812:22e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:50ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.156.2.20 108.156.2.20	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3038::6815:eb22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
117	38

12 99.80.159.202 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-159-202.eu-west-1.compute.amazonaws.com

www.fmfu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rsportz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 16.182.96.8 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:8f0 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

picua.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 92.205.88.213 (Strasbourg, France)

ASN21499 (GODADDY-SXB, DE)

luca-asia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-62.fra60.r.cloudfront.net

static.liqpay.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:20::ac43:4789 (United States)

ASN13335 (CLOUDFLARENET, US)

sport.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 75.2.86.201 (United States)

ASN16509 (AMAZON-02, US)
PTR: a8d9cbce969696280.awsglobalaccelerator.com

www.liqpay.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.32.121.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-31.fra60.r.cloudfront.net

static.liqpay.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.193.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: a5eaf579d8d33784e.awsglobalaccelerator.com

ppcalc.privatbank.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::282 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:bd59 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-49.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:22e5 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:50ba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.2.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-2-20.mxp63.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:eb22 (United States)

ASN13335 (CLOUDFLARENET, US)

video.sportvideos365.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	sport.video sport.video	1 MB
12	liqpay.ua static.liqpay.ua — Cisco Umbrella Rank: 684319 www.liqpay.ua — Cisco Umbrella Rank: 713770	928 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com	431 KB
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 imasdk.googleapis.com — Cisco Umbrella Rank: 487	374 KB
8	google.com cse.google.com — Cisco Umbrella Rank: 3119 www.google.com — Cisco Umbrella Rank: 2 clients1.google.com — Cisco Umbrella Rank: 411	175 KB
6	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	264 KB
6	rsportz.com rsportz.com — Cisco Umbrella Rank: 838024	1 MB
6	fmfu.org www.fmfu.org	26 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	377 KB
5	amazonaws.com s3.amazonaws.com	15 MB
4	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 98	333 B
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1230 syndication.twitter.com — Cisco Umbrella Rank: 1549	132 KB
3	luca-asia.com luca-asia.com
3	picua.org 3 redirects picua.org	1009 B
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 700 script.hotjar.com — Cisco Umbrella Rank: 933	59 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189 www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	privatbank.ua ppcalc.privatbank.ua — Cisco Umbrella Rank: 876500	4 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 988 stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2842	86 KB
1	sportvideos365.com video.sportvideos365.com	5 MB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102	14 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	17 KB
1	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2246	1 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2128	21 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2129	20 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2326	1 KB
1	polyfill.io cdn.polyfill.io — Cisco Umbrella Rank: 2659	761 B
1	google.de www.google.de — Cisco Umbrella Rank: 6765	455 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	2 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138	20 KB
1	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1544
1	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 1291	1 KB
117	31

	Domain	Requested by
18	sport.video	www.fmfu.org sport.video
10	fonts.gstatic.com	fonts.googleapis.com
9	static.liqpay.ua	www.fmfu.org www.liqpay.ua
8	fonts.googleapis.com	www.fmfu.org rsportz.com www.liqpay.ua sport.video
6	connect.facebook.net	www.fmfu.org connect.facebook.net
6	rsportz.com	www.fmfu.org rsportz.com
6	www.fmfu.org	rsportz.com
5	www.google.com	cse.google.com www.fmfu.org www.google.com
5	www.googletagmanager.com	www.fmfu.org sport.video www.googletagmanager.com
5	s3.amazonaws.com	www.fmfu.org
4	www.facebook.com	1 redirects www.fmfu.org sport.video connect.facebook.net
3	www.liqpay.ua	static.liqpay.ua
3	luca-asia.com	www.fmfu.org
3	picua.org	3 redirects
2	imasdk.googleapis.com	sport.video imasdk.googleapis.com
2	ppcalc.privatbank.ua	www.liqpay.ua
2	platform.twitter.com	rsportz.com platform.twitter.com
2	cse.google.com	www.fmfu.org www.google.com
1	video.sportvideos365.com
1	pagead2.googlesyndication.com	imasdk.googleapis.com
1	s0.2mdn.net	imasdk.googleapis.com
1	track.hubspot.com	www.fmfu.org
1	www.google-analytics.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	static.hotjar.com	www.googletagmanager.com
1	js.hs-scripts.com	sport.video
1	cdn.polyfill.io	sport.video
1	clients1.google.com	www.fmfu.org
1	region1.google-analytics.com	www.googletagmanager.com
1	www.google.de	www.fmfu.org
1	syndication.twitter.com	platform.twitter.com
1	stackpath.bootstrapcdn.com	rsportz.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.gstatic.com	www.recaptcha.net
1	www.googleadservices.com	www.fmfu.org
1	kit.fontawesome.com	www.fmfu.org
1	maxcdn.bootstrapcdn.com	www.fmfu.org
1	www.recaptcha.net	www.fmfu.org
117	40

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
shorturl.at
www.viber.com
www.linkedin.com
wmf-wc2019.rsportz.com
ukrainemf.rsportz.com

Subject Issuer	Validity	Valid
*.rsportz.com GlobeSSL DV CA	`2023-11-28` - `2024-12-11`	a year	crt.sh
misc.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-10`	9 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-15` - `2024-04-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-20` - `2023-12-19`	3 months	crt.sh
www.liqpay.ua Thawte EV RSA CA G2	`2023-09-08` - `2024-09-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
syndication.twitter.com R3	`2023-12-11` - `2024-03-10`	3 months	crt.sh
static.liqpay.ua Amazon RSA 2048 M01	`2023-02-24` - `2024-03-24`	a year	crt.sh
*.privatbank.ua Amazon RSA 2048 M02	`2023-04-17` - `2024-05-15`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
polyfill.io Certainly Intermediate R1	`2023-12-02` - `2024-01-01`	a month	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sportvideos365.com E1	`2023-10-26` - `2024-01-24`	3 months	crt.sh

This page contains 7 frames:

Primary Page: http://www.fmfu.org/
Frame ID: 87979A4994A1BA2B5A15AFB60BB7D8FA
Requests: 53 HTTP requests in this frame

Frame: https://sport.video/embed-game/ukraine-vs-romania-904012484/ff223f7b-1e51-4032-ae33-17043259e01c
Frame ID: 1402ADFBB893A058C21DD4463BC31547
Requests: 43 HTTP requests in this frame

Frame: https://www.liqpay.ua/uk/checkoutjs?hostname=www.fmfu.org&port=&protocol=http%3A&uid=1702392369816&data=eyAidmVyc2lvbiIgOiAzLCAicHVibGljX2tleSIgOiAieW91cl9wdWJsaWNfa2V5IiwgImFjdGlvbiIgOiAicGF5IiwgImFtb3VudCIgOiAxLCAiY3VycmVuY3kiIDogIlVTRCIsICJkZXNjcmlwdGlvbiIgOiAiZGVzY3JpcHRpb24gdGV4dCIsICJvcmRlcl9pZCIgOiAib3JkZXJfaWRfMSIgfQ%3D%3D&signature=QvJD5u9Fg55PCx%2FHdz6lzWtYwcI%3D&embedTo=%23liqpay_checkout&language=ru&mode=embed
Frame ID: E8A345FA37B67DC2F229CF0F3A81757B
Requests: 18 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=http%3A%2F%2Fwww.fmfu.org
Frame ID: 7659E172BCA1757C2BBA44F279FF71F4
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2081373cd08cc8%2526domain%253Dwww.fmfu.org%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Fwww.fmfu.org%25252Ff2551bf3377d5e8%2526relation%253Dparent.parent%26container_width%3D329%26height%3D600%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fukraineminifootball%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D500
Frame ID: C8A33AD413A2F3A17EB6F7464D2518A8
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Frame ID: 25641D6619418E728E87FBFA319B6E07
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 9B8181021404A642D44BF7A7BF414862
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome - Федерація мініфутболу Українишукатишукати

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

117
Requests

88 %
HTTPS

71 %
IPv6

31
Domains

40
Subdomains

38
IPs

4
Countries

25390 kB
Transfer

36471 kB
Size

12
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/ukraineminifootball

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ukraineminifootball

Search URL Search Domain Scan URL

URL: https://shorturl.at/ptzOW

Search URL Search Domain Scan URL

URL: https://www.viber.com/ukraineminifootball
Title: 

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/fmfu/

Search URL Search Domain Scan URL

URL: https://wmf-wc2019.rsportz.com/divisions/49481/teams/88568/statistics
Title: WMF WORLD CUP 2019

Search URL Search Domain Scan URL

URL: https://ukrainemf.rsportz.com/pages/Mykola-Ishchenko-Minifootball-cykaviy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://picua.org/images/2020/06/19/a7c92c45ee41c21033ddd2122fbb2c15.jpg HTTP 301
https://luca-asia.com/

Request Chain 11

https://picua.org/images/2020/06/19/1d289053ec877c07668b646e6e38b28d.jpg HTTP 301
https://luca-asia.com/

Request Chain 12

https://picua.org/images/2020/06/19/0918cb3d294aad22fbfaac4962b00eb8.jpg HTTP 301
https://luca-asia.com/

Request Chain 30

http://connect.facebook.net/en_US/sdk.js HTTP 307
https://connect.facebook.net/en_US/sdk.js

Request Chain 102

https://www.facebook.com/v2.8/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2081373cd08cc8%26domain%3Dwww.fmfu.org%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.fmfu.org%252Ff2551bf3377d5e8%26relation%3Dparent.parent&container_width=329&height=600&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fukraineminifootball&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=500 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2081373cd08cc8%2526domain%253Dwww.fmfu.org%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Fwww.fmfu.org%25252Ff2551bf3377d5e8%2526relation%253Dparent.parent%26container_width%3D329%26height%3D600%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fukraineminifootball%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D500

117 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.fmfu.org/ 55 KB
17 KB 1563ms
874ms Document
text/html 99.80.159.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://www.fmfu.org/

Protocol

HTTP/1.1

Server

99.80.159.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-159-202.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

0e25908553614eb28deac58b782f209534da7b8d74fc65217e1eb6d2d8bc002d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 12 Dec 2023 14:46:09 GMT
ETag: W/"5f826df7e72dc793f25c2fe01b4ccfcf"
Server: nginx
Transfer-Encoding: chunked
Vary: Origin
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Request-Id: aa553188-a4f8-4e82-a7c7-4fe1a9295e0d
X-Runtime: 0.844673
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.min-9cb0f463f19758437948bdeafd5559f116fd214dc058534e18831475361eb4ca.js Show response
rsportz.com/assets/ 95 KB
96 KB 138ms
57ms Script
application/javascript 99.80.159.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rsportz.com/assets/jquery.min-9cb0f463f19758437948bdeafd5559f116fd214dc058534e18831475361eb4ca.js

Requested by

Host: www.fmfu.org
URL: http://www.fmfu.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.159.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-159-202.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

9cb0f463f19758437948bdeafd5559f116fd214dc058534e18831475361eb4ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fmfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

X-Runtime: 0.003495
Date: Tue, 12 Dec 2023 14:46:09 GMT
X-Content-Type-Options: nosniff
Server: nginx
ETag: "9cb0f463f19758437948bdeafd5559f116fd214dc058534e18831475361eb4ca"
Vary: Origin
Content-Type: application/javascript
Cache-Control: public, max-age=31536000
Content-Length: 97768
X-Request-Id: 99eee3a2-b00c-416b-a26f-6f9cdcff5553

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 1 KB
1 KB 193ms
73ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js

Requested by

Host: www.fmfu.org
URL: http://www.fmfu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d4615c0510337a49be29bb6e897b10478c2e2cec142aefaa401e78aa69dc554b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fmfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 12 Dec 2023 14:46:09 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/ 36 KB
10 KB 76ms
39ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js

Requested by

Host: www.fmfu.org
URL: http://www.fmfu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fmfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:46:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 864
age: 1244271
cdn-cachedat: 09/20/2023 03:55:30
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"4becdc9104623e891fbb9d38bba01be4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 185c788f79e12bd6c42492d7ec314b03
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8346c1551d261e53-FRA
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 187ms
72ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto|Roboto+Condensed:700

Requested by

Host: www.fmfu.org
URL: http://www.fmfu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b69184be212bad696ea45206e86fa3927e1a9ee89a32d619321dedbdcca7880b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fmfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Dec 2023 14:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 14:34:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Dec 2023 14:46:09 GMT

GET
H2 403 a076d05399.js
kit.fontawesome.com/ 0
0 34ms
15ms Script
text/html 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/a076d05399.js
Requested by: Host: www.fmfu.org
URL: http://www.fmfu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fmfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H/1.1 200
OK logo-xl-transparent.png
s3.amazonaws.com/rsportz-production/file_assets/attachments/000/019/475/original/ 56 KB
57 KB 352ms
140ms Image
image/png 16.182.96.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/rsportz-production/file_assets/attachments/000/019/475/original/logo-xl-transparent.png
Requested by: Host: www.fmfu.org
URL: http://www.fmfu.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.182.96.8 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: cf6a7b907df6ae05528faa73129cc73cd039d8ed6e08db3d40f94a3fc7a57a86

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fmfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 14:46:10 GMT
x-amz-version-id: CbwnTnBWJxKMC7E1K2eLtnpOqzMtfRkE
Last-Modified: Thu, 30 Apr 2020 16:19:49 GMT
Server: AmazonS3
x-amz-request-id: NB3C299D90HE8QWX
ETag: "0639e92264ea3f5d6d8e551a0960eb1f"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 57806
x-amz-id-2: d5yGVBgePFPsgi+dGtxcT9O0SmxVy8KMXw/ma6AvO3eTlbtv9GqF0RWUiYJBEGEx3/d/y0SNhpQ=

GET
H/1.1 200
OK Minifootball_Federation_of_Ukraine-logo200px-01.png
s3.amazonaws.com/rsportz-production/organizations/logos/000/002/289/large/ 9 KB
9 KB 428ms
209ms Image
image/png 16.182.96.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/rsportz-production/organizations/logos/000/002/289/large/Minifootball_Federation_of_Ukraine-logo200px-01.png
Requested by: Host: www.fmfu.org
URL: http://www.fmfu.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.182.96.8 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d7f2d0a47fdf905825cc214c922e4996950aaed9d5f9b5653e75d6aea66f09c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fmfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 14:46:10 GMT
x-amz-version-id: Plr6XOVTORAx75ElOtNQk1QZhqQ1JW50
Last-Modified: Fri, 12 Jun 2020 12:16:38 GMT
Server: AmazonS3
x-amz-request-id: NB39A7EJR1ZE889K
ETag: "310e0334b8aeb8489ca71499bf457762"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 9246
x-amz-id-2: dCKt8t+YXUVRoo68P2XyOgE53gUfdx9OTqtElQzBkIq2lnulvuq6NYVodj+8lM2KNOL4m1atIxo=

GET
H2 200 cse.js Show response
cse.google.com/ 9 KB
4 KB 218ms
90ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=009437417012040449883:qcqxr0j7y00

Requested by

Host: www.fmfu.org
URL: http://www.fmfu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

d8c3ac3d285f3208da1ecf9d526cf4fd9c38e5ca66a5f721b0d363557aa21b7e

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-_9vPDbC8lONx4-v0TXUYuQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fmfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-_9vPDbC8lONx4-v0TXUYuQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding: br
date: Tue, 12 Dec 2023 14:46:09 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3010
x-xss-protection: 0
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires: Tue, 12 Dec 2023 14:46:09 GMT

GET
H2

200

/
luca-asia.com/
Redirect Chain

https://picua.org/images/2020/06/19/a7c92c45ee41c21033ddd2122fbb2c15.jpg
https://luca-asia.com/

0
0

531ms
426ms

Image
text/html

92.205.88.213
GODADDY-SXB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://luca-asia.com/
Requested by: Host: www.fmfu.org
URL: http://www.fmfu.org/
Protocol: H2
Server: 92.205.88.213 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fmfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Redirect headers

date: Tue, 12 Dec 2023 14:46:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/plain
location: https://luca-asia.com/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PkQmmjPIPS2Friamq2cVoEczUvWObf1TwspZaiwv3K9gGJZVAx5KbQAs7napGet7KccccCh8SBWg3B8g3%2FsRi4sDszVbltEnV3rv%2B2v6tdxXgv6%2FRl%2FgX52KJ76%2Bwlv3MDYYt6hcww%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-ray: 8346c1568c3b3829-FRA
content-length: 24

GET
H/1.1 200
OK 39161551_1561141247325628_1163716677272076288_o.jpg
s3.amazonaws.com/rsportz-production/file_assets/attachments/000/015/508/original/ 576 KB
577 KB 407ms
204ms Image
image/jpeg 16.182.96.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/rsportz-production/file_assets/attachments/000/015/508/original/39161551_1561141247325628_1163716677272076288_o.jpg
Requested by: Host: www.fmfu.org
URL: http://www.fmfu.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.182.96.8 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e10526306fa90999a7f3ff310b8d9126588d9a1b9f11fca77dc2aa069145eaaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fmfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 14:46:10 GMT
x-amz-version-id: d3LSpl7vhBqdtffOvp8iqLYpx68FCu7Y
Last-Modified: Thu, 23 May 2019 07:41:05 GMT
Server: AmazonS3
x-amz-request-id: NB3509NVQC125X6K
ETag: "96451457b6aba1b8556b5027a2f17ca2"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 589991
x-amz-id-2: 2KlUiZ/TAbyM9vJNUuetHfErR4Y1rMP8X7SqBO/2GoDAAGEgy+H+8w9t34IPuwJXdW1R8jaLCls=

GET
H/1.1 200
OK DSC_9503.jpg
s3.amazonaws.com/rsportz-production/file_assets/attachments/000/015/513/original/ 865 KB
866 KB 379ms
176ms Image
image/jpeg 16.182.96.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/rsportz-production/file_assets/attachments/000/015/513/original/DSC_9503.jpg
Requested by: Host: www.fmfu.org
URL: http://www.fmfu.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.182.96.8 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: dd7ef3d24149a66c59a60d1c152191f352a5632c3ce0960fd949d0cb12f0ea0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fmfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 14:46:10 GMT
x-amz-version-id: RN8emnIjYcs6czhiCf.gBNaGcSYC5SDt
Last-Modified: Thu, 23 May 2019 07:41:09 GMT
Server: AmazonS3
x-amz-request-id: NB3CBMQM4GADEE15
ETag: "f3f99c7df6dca8dda02667fd87eb3556"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 886160
x-amz-id-2: iJhTGIa7Uref9LtgjMBwibKmL0gU5xK04UnYEN7Le9HD7bfsmTeMqGC+6xND+rPmylNed+lFbEM=

GET
H2

200

/
luca-asia.com/
Redirect Chain

https://picua.org/images/2020/06/19/1d289053ec877c07668b646e6e38b28d.jpg
https://luca-asia.com/

0
0

502ms
390ms

Image
text/html

92.205.88.213
GODADDY-SXB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://luca-asia.com/
Requested by: Host: www.fmfu.org
URL: http://www.fmfu.org/
Protocol: H2
Server: 92.205.88.213 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fmfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Redirect headers

date: Tue, 12 Dec 2023 14:46:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/plain
location: https://luca-asia.com/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mA4qgOzk488YTi0eHk9chG3gYfOGVDR%2FJ9NVHCmqBhi1F2Q7%2FAQMGamKqJUbnEwFOmz4ZfxwOmUyak9n%2BED6XQoYUfqZZLiHee8SScJarmOF%2FcQz0ogGzw6dTRWROlwpoqX5zEdclQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-ray: 8346c1568c403829-FRA
content-length: 24

GET
H2

200

/
luca-asia.com/
Redirect Chain

https://picua.org/images/2020/06/19/0918cb3d294aad22fbfaac4962b00eb8.jpg
https://luca-asia.com/

0
0

493ms
413ms

Image
text/html

92.205.88.213
GODADDY-SXB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://luca-asia.com/
Requested by: Host: www.fmfu.org
URL: http://www.fmfu.org/
Protocol: H2
Server: 92.205.88.213 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fmfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Redirect headers

date: Tue, 12 Dec 2023 14:46:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/plain
location: https://luca-asia.com/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ol9ZwLd5MjY3Q2Y3ueDjwpD%2Fbr%2BI841H%2Fj7jTICqNSbNuc8A7Vo3uruG%2FSF%2Fp9r%2BZBSPTz7ulBv%2FaB3ylKnVkE%2FlKfj8lMwK2xiEHqg5ajSxDJw1rt2jwgCe0m1PMuT%2BEV4t0kZbvg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-ray: 8346c156ac693829-FRA
content-length: 24

GET
H/1.1 200
OK checkout.js Show response
static.liqpay.ua/libjs/ 4 KB
2 KB 52ms
7ms Script
application/javascript 13.32.121.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://static.liqpay.ua/libjs/checkout.js

Requested by

Host: www.fmfu.org
URL: http://www.fmfu.org/

Protocol

HTTP/1.1

Server

13.32.121.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-62.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

70c769ceeabaa1caf851c29d5f6018eab003646a7676cafc237e33265ee32cc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fmfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 24 Nov 2023 19:24:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Via: 1.1 df3b3b9f4fa0f79195c56a91cf242364.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P1
Age: 1538515
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 08 Nov 2023 14:30:32 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
X-Amz-Cf-Id: CyrpEwg5C0bDBhT4Q-DG3WYfmLsHtCvHFD0KZ9z0sj0Bhv-5AD_CIQ==
Expires: Sun, 24 Dec 2023 19:24:14 GMT

GET
H/1.1 200
OK application-63b5e197fdd9d1746408a5af0ab1bacf1c63375c8070d4b72d8f1a7cd455cc54.js Show response
rsportz.com/assets/application/ 2 MB
705 KB 29ms
28ms Script
application/x-javascript 99.80.159.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rsportz.com/assets/application/application-63b5e197fdd9d1746408a5af0ab1bacf1c63375c8070d4b72d8f1a7cd455cc54.js
Requested by: Host: www.fmfu.org
URL: http://www.fmfu.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.159.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-159-202.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 63b5e197fdd9d1746408a5af0ab1bacf1c63375c8070d4b72d8f1a7cd455cc54

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fmfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 14:46:09 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Nov 2023 10:29:53 GMT
Server: nginx
ETag: W/"6565c121-210e35"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=315360000
Expires: Fri, 09 Dec 2033 14:46:09 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
91 KB 181ms
72ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-G6R3H6YCR9

Requested by

Host: www.fmfu.org
URL: http://www.fmfu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

61f631c90fc08c6305c0f6a6a881017b1d4fa87f40dcc43a97fbbd42e13cb2b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fmfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:46:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93286
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 12 Dec 2023 14:46:09 GMT

GET
H/1.1 200
OK conversion.js Show response
www.googleadservices.com/pagead/ 50 KB
20 KB 111ms
73ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.fmfu.org
URL: http://www.fmfu.org/

Protocol

HTTP/1.1

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

756cca29e306e66f94e7b705c45bb0bc0315d7e745c159971cbecc65e62e7d3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fmfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 14:46:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 14511532860437540159
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 19393
X-XSS-Protection: 0
Expires: Tue, 12 Dec 2023 14:46:09 GMT

GET
H/1.1 200
OK application-4b7c376e2b2502c7d3e17a058de3fc17d8356469d63569237a630c35c985a5a6.css
rsportz.com/assets/application/ 892 KB
193 KB 86ms
30ms Stylesheet
text/css 99.80.159.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rsportz.com/assets/application/application-4b7c376e2b2502c7d3e17a058de3fc17d8356469d63569237a630c35c985a5a6.css
Requested by: Host: www.fmfu.org
URL: http://www.fmfu.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.159.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-159-202.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 97c5d9b4c0b1ba551303ea93f021e1132c602bcdb7367c270d083b4240fea8d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fmfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 14:46:09 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Dec 2023 10:33:41 GMT
Server: nginx
ETag: W/"6576e585-dee91"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=315360000
Expires: Fri, 09 Dec 2033 14:46:09 GMT

GET
H/1.1 200
OK public-746dc44a8ba8a1283a1bd78aace6759f43d765b8c8ac7030a550dee750921513.js Show response
rsportz.com/assets/ 171 KB
171 KB 88ms
32ms Script
application/javascript 99.80.159.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rsportz.com/assets/public-746dc44a8ba8a1283a1bd78aace6759f43d765b8c8ac7030a550dee750921513.js

Requested by

Host: www.fmfu.org
URL: http://www.fmfu.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.159.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-159-202.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

746dc44a8ba8a1283a1bd78aace6759f43d765b8c8ac7030a550dee750921513

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fmfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

X-Runtime: 0.003225
Date: Tue, 12 Dec 2023 14:46:09 GMT
X-Content-Type-Options: nosniff
Server: nginx
ETag: "746dc44a8ba8a1283a1bd78aace6759f43d765b8c8ac7030a550dee750921513"
Vary: Origin
Content-Type: application/javascript
Cache-Control: public, max-age=31536000
Content-Length: 174613
X-Request-Id: 63e5b96a-fe8c-46ad-9546-3885a0c73f81

GET
H2 200 ff223f7b-1e51-4032-ae33-17043259e01c Show response
sport.video/embed-game/ukraine-vs-romania-904012484/ Frame 1402 172 KB
35 KB 612ms
567ms Document
text/html 2606:4700:20::ac43:4789
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sport.video/embed-game/ukraine-vs-romania-904012484/ff223f7b-1e51-4032-ae33-17043259e01c

Requested by

Host: www.fmfu.org
URL: http://www.fmfu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4789 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8989b2225575c9729a39174fbafc4046533256260726bc07a890328acbcc9aeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.fmfu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: https://sport.video
cache-control: max-age=0, no-cache
cf-cache-status: DYNAMIC
cf-railgun: direct (starting new WAN connection)
cf-ray: 8346c1566f6b8ff8-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Tue, 12 Dec 2023 14:46:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21ABNoJ%2F8XwbYE4g3wPADBfzdp3c410ULrfXEXsBuU4Harblx%2Ft50yaI%2FwxbkXZ9X3iQqLkEggoLZWeUlaQdMlh6mOuB8ruRXm5jhC9EK5%2BoT3pdn1FN%2BGEJePi%2FCX6spIyMbpD7VPUF"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Language, Authorization, Cookie
x-content-type-options: nosniff
x-page-speed: 1.13.35.2-0

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ 505 KB
203 KB 167ms
53ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.fmfu.org/
Origin: http://www.fmfu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207437
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 14:24:54 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 59ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: rsportz.com
URL: https://rsportz.com/assets/application/application-63b5e197fdd9d1746408a5af0ab1bacf1c63375c8070d4b72d8f1a7cd455cc54.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668B) /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fmfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 14:46:09 GMT
Content-Encoding: gzip
Age: 276
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27597
Last-Modified: Mon, 11 Dec 2023 17:20:28 GMT
Server: ECS (frb/668B)
Etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/868611982/ 3 KB
2 KB 210ms
96ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/868611982/?random=1702392369807&cv=9&fst=1702392369807&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fwww.fmfu.org%2F&tiba=Welcome%20-%20%D0%A4%D0%B5%D0%B4%D0%B5%D1%80%D0%B0%D1%86%D1%96%D1%8F%20%D0%BC%D1%96%D0%BD%D1%96%D1%84%D1%83%D1%82%D0%B1%D0%BE%D0%BB%D1%83%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5ef063f6733681e8b902f775c02455c69d9086725889adb70549fa2ed8696e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fmfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 14:46:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1363
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 32ms
10ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.fmfu.org
URL: http://www.fmfu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fmfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 12 Dec 2023 14:46:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 2Un0oEYRC1PrUvXPIPsznJcAvTLOIN/YALvF8JIJQRKuyL/P7sCZ6VMTkIlpjFJY03a5qKJUxYSq9cZZH50K1A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
653 B 64ms
64ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@300;500

Requested by

Host: rsportz.com
URL: https://rsportz.com/assets/application/application-4b7c376e2b2502c7d3e17a058de3fc17d8356469d63569237a630c35c985a5a6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d17552a2dd58d4da4549092664fae6ac8c8f715282d9a3af826caa2a8ebedfd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rsportz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Dec 2023 14:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 14:46:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Dec 2023 14:46:09 GMT

GET
H2 200 css2
fonts.googleapis.com/ 21 KB
979 B 62ms
62ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: rsportz.com
URL: https://rsportz.com/assets/application/application-4b7c376e2b2502c7d3e17a058de3fc17d8356469d63569237a630c35c985a5a6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2074b871b5a0cf7a87e49f1e4af7080145ebebf4e674ffda31643747d223cb30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rsportz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Dec 2023 14:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 13:41:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Dec 2023 14:46:09 GMT

GET
H2 200 checkoutjs Show response
www.liqpay.ua/ru/ Frame E8A3 1 KB
2 KB 156ms
67ms Document
text/html 75.2.86.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.liqpay.ua/ru/checkoutjs?hostname=www.fmfu.org&port=&protocol=http%3A&uid=1702392369816&data=eyAidmVyc2lvbiIgOiAzLCAicHVibGljX2tleSIgOiAieW91cl9wdWJsaWNfa2V5IiwgImFjdGlvbiIgOiAicGF5IiwgImFtb3VudCIgOiAxLCAiY3VycmVuY3kiIDogIlVTRCIsICJkZXNjcmlwdGlvbiIgOiAiZGVzY3JpcHRpb24gdGV4dCIsICJvcmRlcl9pZCIgOiAib3JkZXJfaWRfMSIgfQ%3D%3D&signature=QvJD5u9Fg55PCx%2FHdz6lzWtYwcI%3D&embedTo=%23liqpay_checkout&language=ru&mode=embed

Requested by

Host: static.liqpay.ua
URL: http://static.liqpay.ua/libjs/checkout.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.86.201 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a8d9cbce969696280.awsglobalaccelerator.com

Software

nginx /

Resource Hash

037fe41a1e5010d3606a04609554f6711734dd91ef1a0acb5bd92141e2e5275d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://static.liqpay.com https://static.liqpay.ua https://w.liqpay.ua https://cdn.liqpay.ua https://img.liqpay.ua https://www.liqpay.ua https://sentry.microaws.com https://fonts.googleapis.com https://ajax.googleapis.com https://www.google-analytics.com https://.gstatic.com https://.google.com https://www.googletagmanager.com https://www.youtube.com https://www.youtube-nocookie.com https://crm.privatbank.ua/service/Incut https://masterpass.com https://static.masterpass.com https://pin.privatbank.ua https://socauth.privatbank.ua https://discount.pb.ua/inet https://.checkout.visa.com https://.masterpassturkiye.com https://channelapi.liqpay.ua wss://channelapi.liqpay.ua https://telegram.org https://fingerprint.pb.ua https://login-widget.privat24.ua https://www.privat24.ua https://gouploader.microaws.com https://api.novaposhta.ua https://ppcalc.privatbank.ua/pp_calculator/resources/js/calculator.js https://google.com/pay;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.fmfu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://static.liqpay.com https://static.liqpay.ua https://w.liqpay.ua https://cdn.liqpay.ua https://img.liqpay.ua https://www.liqpay.ua https://sentry.microaws.com https://fonts.googleapis.com https://ajax.googleapis.com https://www.google-analytics.com https://*.gstatic.com https://*.google.com https://www.googletagmanager.com https://www.youtube.com https://www.youtube-nocookie.com https://crm.privatbank.ua/service/Incut https://masterpass.com https://static.masterpass.com https://pin.privatbank.ua https://socauth.privatbank.ua https://discount.pb.ua/inet https://*.checkout.visa.com https://*.masterpassturkiye.com https://channelapi.liqpay.ua wss://channelapi.liqpay.ua https://telegram.org https://fingerprint.pb.ua https://login-widget.privat24.ua https://www.privat24.ua https://gouploader.microaws.com https://api.novaposhta.ua https://ppcalc.privatbank.ua/pp_calculator/resources/js/calculator.js https://google.com/pay;
content-type: text/html; charset=utf-8
date: Tue, 12 Dec 2023 14:46:09 GMT
etag: W/"11598afa33df4a483f2bcbfda52e7137"
expires: Mon, 11 Dec 2023 10:59:29 GMT
last-modified: Thu, 07 Dec 2023 04:58:34 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-amz-id-2: N4T6+Ymhl51dngrkRmsfkYhXg0O9v0XqP3+tZLwBz+HRne9SvHrKiZ4jII7hr7NrzBvmMRzdNOs=
x-amz-request-id: NB3AT9B4624A8WCR
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 cse_element__uk.js Show response
www.google.com/cse/static/element/3bd4ac03c21554b3/ 319 KB
105 KB 190ms
120ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/3bd4ac03c21554b3/cse_element__uk.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=009437417012040449883:qcqxr0j7y00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1402bc42ab1bd301e1c2ee849b9a42cf99b85f23bde6552ae67d5c3294f330f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fmfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107802
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 16:53:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: private, max-age=31536000
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 12 Dec 2023 14:46:10 GMT

GET
H2 200 default+uk.css
www.google.com/cse/static/element/3bd4ac03c21554b3/ 41 KB
9 KB 197ms
87ms Stylesheet
text/css 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/3bd4ac03c21554b3/default+uk.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=009437417012040449883:qcqxr0j7y00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fmfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9068
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 16:53:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: private, max-age=31536000
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 12 Dec 2023 14:46:09 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
2 KB 160ms
51ms Stylesheet
text/css 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=009437417012040449883:qcqxr0j7y00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fmfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:07:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2338
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 12 Dec 2023 14:57:11 GMT

GET
H2

200

sdk.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/sdk.js
https://connect.facebook.net/en_US/sdk.js

3 KB
2 KB

7ms
7ms

Script
application/x-javascript

2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.fmfu.org
URL: http://www.fmfu.org/

Protocol

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8f60980bbf3cf6ed5e453168d96f5a57502867990de779bddf251810fb447cc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fmfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 12 Dec 2023 14:46:09 GMT
content-md5: hw8TRMKx0ci3EaA70vzAbw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
reporting-endpoints
x-fb-debug: 1cEXaWFLei2ZzOCSxK42YNbogy6KST8pHqxGRE9niG8BnetlS2QeeMOe1WDoVjNYveKVLfR6vf5phRTidcP1qg==
x-fb-content-md5: e9df839d166f11809f63e5720936c7f6
cross-origin-opener-policy: same-origin-allow-popups
etag: "d1b2d830a6e833f659bb1a5168cd2241"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Tue, 12 Dec 2023 14:51:43 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.8
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK 2C5A0089.JPG
s3.amazonaws.com/rsportz-production/file_assets/attachments/000/019/891/original/ 13 MB
13 MB 222ms
222ms Image
image/jpeg 16.182.96.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/rsportz-production/file_assets/attachments/000/019/891/original/2C5A0089.JPG
Requested by: Host: www.fmfu.org
URL: http://www.fmfu.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.182.96.8 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 12f0c7dba1f5ea3baa784019e07b09b83f5aa686746fc5d6355c5282befbcd37

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fmfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 14:46:10 GMT
x-amz-version-id: YIvS9Vkibl.lLR52o8e0bFEl4v28_6KL
Last-Modified: Thu, 18 Jun 2020 23:22:46 GMT
Server: AmazonS3
x-amz-request-id: NB33RB6HYMPVAZYZ
ETag: "fc8b237c605c4a4a7e7b2782b4088845"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 14033646
x-amz-id-2: 3gf7NygWyHAGvZBvrszrr8sNoQfwSSbEYR2FgRs3LJQ20g84bzPdBT9jRBIOmWQbZIWccI6gMlo=

GET
H/1.1 200
OK footer-logo-99f96f2824786dfc51cb1f254e0b5016f15e357bafec5b5277266648d54de113.png
rsportz.com/assets/ 3 KB
4 KB 29ms
29ms Image
image/png 99.80.159.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rsportz.com/assets/footer-logo-99f96f2824786dfc51cb1f254e0b5016f15e357bafec5b5277266648d54de113.png
Requested by: Host: rsportz.com
URL: https://rsportz.com/assets/application/application-4b7c376e2b2502c7d3e17a058de3fc17d8356469d63569237a630c35c985a5a6.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.159.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-159-202.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 99f96f2824786dfc51cb1f254e0b5016f15e357bafec5b5277266648d54de113

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rsportz.com/assets/application/application-4b7c376e2b2502c7d3e17a058de3fc17d8356469d63569237a630c35c985a5a6.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 14:46:09 GMT
Last-Modified: Mon, 06 Nov 2023 10:27:22 GMT
Server: nginx
ETag: "6548bf8a-d65"
Content-Type: image/png
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Content-Length: 3429
Expires: Fri, 09 Dec 2033 14:46:09 GMT

GET
H2 200 ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyVVpcBK5XxxKA.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 12 KB
12 KB 213ms
104ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyVVpcBK5XxxKA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Roboto+Condensed:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3e4b292b01c63b6330f938b78f2ce00947b1ed0708030a843fd89c639b344a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.fmfu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 21:10:19 GMT
x-content-type-options: nosniff
age: 63351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12088
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 21:10:19 GMT

GET
H2 200 fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 41ms
23ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: rsportz.com
URL: https://rsportz.com/assets/application/application-4b7c376e2b2502c7d3e17a058de3fc17d8356469d63569237a630c35c985a5a6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rsportz.com/
Origin: http://www.fmfu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:46:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 752
cdn-cachedat: 10/31/2023 19:08:24
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: bda267f91700d4f66a767b2b339e187d
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8346c157ec8d35e1-FRA
cdn-requestpullsuccess: True

GET
H2 200 ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyVVpcBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 21 KB
21 KB 225ms
116ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyVVpcBO5Xw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Roboto+Condensed:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9514372ab8ac313ea8019966fdcfe91b201c3aa69f92de8346ab34af461bbad2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.fmfu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 17:10:40 GMT
x-content-type-options: nosniff
age: 509730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21140
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:53:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 17:10:40 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 160ms
51ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Roboto+Condensed:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.fmfu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:54:09 GMT
x-content-type-options: nosniff
age: 21121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 08:54:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 169ms
64ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Roboto+Condensed:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.fmfu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 05:12:10 GMT
x-content-type-options: nosniff
age: 34440
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 05:12:10 GMT

GET
H/1.1 200
OK ajax-loader.gif
rsportz.com/images/ 4 KB
4 KB 28ms
28ms Image
image/gif 99.80.159.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rsportz.com/images/ajax-loader.gif
Requested by: Host: rsportz.com
URL: https://rsportz.com/assets/application/application-4b7c376e2b2502c7d3e17a058de3fc17d8356469d63569237a630c35c985a5a6.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.159.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-159-202.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rsportz.com/assets/application/application-4b7c376e2b2502c7d3e17a058de3fc17d8356469d63569237a630c35c985a5a6.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 14:46:09 GMT
Last-Modified: Fri, 12 May 2023 15:20:58 GMT
Server: nginx
ETag: "645e595a-1052"
Content-Type: image/gif
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Content-Length: 4178
Expires: Fri, 09 Dec 2033 14:46:09 GMT

GET
H/1.1 200
OK 182603 Show response
www.fmfu.org/widgets/ 962 B
2 KB 74ms
74ms XHR
text/javascript 99.80.159.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://www.fmfu.org/widgets/182603

Requested by

Host: rsportz.com
URL: https://rsportz.com/assets/application/application-63b5e197fdd9d1746408a5af0ab1bacf1c63375c8070d4b72d8f1a7cd455cc54.js

Protocol

HTTP/1.1

Server

99.80.159.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-159-202.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

3516db9828f5721d8e2c19984c02a7366f6303ee8e4d5d232a7a89186e73ff59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: http://www.fmfu.org/
X-CSRF-Token: RqFbhe/bE+EmHawL1sd6av6JMiznSDps/zJpUshbS/o=
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 Dec 2023 14:46:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Runtime: 0.044338
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Vary: Origin
Cache-Control: no-cache, no-store
X-XSS-Protection: 1; mode=block
X-Request-Id: eb0a188f-ad3b-4dde-aa8f-77b6ff5b9cd1
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 182604 Show response
www.fmfu.org/widgets/ 1 KB
2 KB 102ms
74ms XHR
text/javascript 99.80.159.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://www.fmfu.org/widgets/182604

Requested by

Host: rsportz.com
URL: https://rsportz.com/assets/application/application-63b5e197fdd9d1746408a5af0ab1bacf1c63375c8070d4b72d8f1a7cd455cc54.js

Protocol

HTTP/1.1

Server

99.80.159.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-159-202.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

f3c45956f268b43907b8bab881160afc735d427a35e43d355cc360394bc72972

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: http://www.fmfu.org/
X-CSRF-Token: RqFbhe/bE+EmHawL1sd6av6JMiznSDps/zJpUshbS/o=
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 Dec 2023 14:46:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Runtime: 0.044727
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Vary: Origin
Cache-Control: no-cache, no-store
X-XSS-Protection: 1; mode=block
X-Request-Id: 601fb1e7-23bc-4b86-baa3-f3879e0d4b22
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 182622 Show response
www.fmfu.org/widgets/ 681 B
2 KB 99ms
71ms XHR
text/javascript 99.80.159.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://www.fmfu.org/widgets/182622

Requested by

Host: rsportz.com
URL: https://rsportz.com/assets/application/application-63b5e197fdd9d1746408a5af0ab1bacf1c63375c8070d4b72d8f1a7cd455cc54.js

Protocol

HTTP/1.1

Server

99.80.159.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-159-202.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

9cc14a0b9e4a87c109776687bf877909545e03462c9d251b3ee262b334fec8e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: http://www.fmfu.org/
X-CSRF-Token: RqFbhe/bE+EmHawL1sd6av6JMiznSDps/zJpUshbS/o=
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 Dec 2023 14:46:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Runtime: 0.039836
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Vary: Origin
Cache-Control: no-cache, no-store
X-XSS-Protection: 1; mode=block
X-Request-Id: 57d3b181-eaf9-4f13-b8ff-040472041856
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 182630 Show response
www.fmfu.org/widgets/ 777 B
2 KB 108ms
80ms XHR
text/javascript 99.80.159.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://www.fmfu.org/widgets/182630

Requested by

Host: rsportz.com
URL: https://rsportz.com/assets/application/application-63b5e197fdd9d1746408a5af0ab1bacf1c63375c8070d4b72d8f1a7cd455cc54.js

Protocol

HTTP/1.1

Server

99.80.159.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-159-202.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

30a6b72ed3826451d49419a263092579df6b5e8929449a1eae79cd4e67353572

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: http://www.fmfu.org/
X-CSRF-Token: RqFbhe/bE+EmHawL1sd6av6JMiznSDps/zJpUshbS/o=
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 Dec 2023 14:46:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Runtime: 0.050253
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Vary: Origin
Cache-Control: no-cache, no-store
X-XSS-Protection: 1; mode=block
X-Request-Id: 4af1e6ce-952f-487d-a501-4633d13daf96
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 182636 Show response
www.fmfu.org/widgets/ 2 KB
2 KB 130ms
100ms XHR
text/javascript 99.80.159.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://www.fmfu.org/widgets/182636

Requested by

Host: rsportz.com
URL: https://rsportz.com/assets/application/application-63b5e197fdd9d1746408a5af0ab1bacf1c63375c8070d4b72d8f1a7cd455cc54.js

Protocol

HTTP/1.1

Server

99.80.159.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-159-202.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e7fdb5360d6ed3288ce0dbbf9af793faa9a18a46510271939959fbfc860f4f44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: http://www.fmfu.org/
X-CSRF-Token: RqFbhe/bE+EmHawL1sd6av6JMiznSDps/zJpUshbS/o=
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 Dec 2023 14:46:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Runtime: 0.068528
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Vary: Origin
Cache-Control: no-cache, no-store
X-XSS-Protection: 1; mode=block
X-Request-Id: f018d63e-40ae-4814-9d85-948e7bdf7ee4
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widget_iframe.2f70fb173b9000da126c79afe2098f02.html Show response
platform.twitter.com/widgets/ Frame 7659 319 KB
104 KB 7ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=http%3A%2F%2Fwww.fmfu.org
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BA) /
Resource Hash: 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer: http://www.fmfu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 77068
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Tue, 12 Dec 2023 14:46:09 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:49 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67BA)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H3 200 635027176650503 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 79ms
78ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/635027176650503?v=2.9.138&r=stable&domain=www.fmfu.org

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

774fe339579ce96175d949337d33a2751f75f1b7ba5e1e85ce86d7aee0f8a652

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fmfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 12 Dec 2023 14:46:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: ysLhlg8tb0l4Ft0PoZdLAeZYTYfvs2XD0C0v+wE+qtiojdJ7EJayaGAlZLYYiWctJ19OLnHattCvDMstHRVNnA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 297 KB
85 KB 16ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=2f818b7651c1620edce6b3c45b37fa11

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f8cfc8ca6ea9a8dd8fee4f7842d9eba2d6984709ad1e51327eae1247d275dbab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://www.fmfu.org/
Origin: http://www.fmfu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 12 Dec 2023 14:46:09 GMT
content-md5: k0WJNQcIrfigTZHwBZpWyw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86867
reporting-endpoints
x-fb-debug: jV45S039AcZ/OolRPNvYmN6/OMTAavzwhQrJpjPQ0pta0ruC0FLQo2Y4bw1xCnM6T/D+eyUTEIIJAiSdsj588w==
x-fb-content-md5: b5f29dd0b3e58226d531cea458f94866
cross-origin-opener-policy: same-origin-allow-popups
etag: "a8c896477349d78b4db791f998e06186"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Wed, 11 Dec 2024 13:21:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 7659 869 B
659 B 140ms
116ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=af08bcaf332547917e46f10196ac06177c2fd0be

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=http%3A%2F%2Fwww.fmfu.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-response-time: 109
date: Tue, 12 Dec 2023 14:46:09 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Tue, 12 Dec 2023 14:46:10 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: a4d9c3b8db89d5cb
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7469935968
x-connection-hash: 84e3ff9c77be8aea48d598f5669a2cf90643612ff522b83e17c01fd870bc15c7
content-length: 337

GET
H2 200 jquery-3.6.3.min.js Show response
static.liqpay.ua/libjs/ Frame E8A3 88 KB
32 KB 33ms
16ms Script
application/javascript 13.32.121.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.liqpay.ua/libjs/jquery-3.6.3.min.js

Requested by

Host: www.liqpay.ua
URL: https://www.liqpay.ua/ru/checkoutjs?hostname=www.fmfu.org&port=&protocol=http%3A&uid=1702392369816&data=eyAidmVyc2lvbiIgOiAzLCAicHVibGljX2tleSIgOiAieW91cl9wdWJsaWNfa2V5IiwgImFjdGlvbiIgOiAicGF5IiwgImFtb3VudCIgOiAxLCAiY3VycmVuY3kiIDogIlVTRCIsICJkZXNjcmlwdGlvbiIgOiAiZGVzY3JpcHRpb24gdGV4dCIsICJvcmRlcl9pZCIgOiAib3JkZXJfaWRfMSIgfQ%3D%3D&signature=QvJD5u9Fg55PCx%2FHdz6lzWtYwcI%3D&embedTo=%23liqpay_checkout&language=ru&mode=embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-31.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

448ef0632211ba18d7c1557a6d22250820ac3b4465ba2e73b7137f4dc4a31a12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.liqpay.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 20:19:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 1362402
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 14:30:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
x-amz-cf-id: JKbirMzIj12qjXFg9_Knh7hlOgtQyGsW7DlguhFmNE6VxO8nfqpp2g==
expires: Tue, 26 Dec 2023 20:19:27 GMT

GET
H2 200 jquery-migrate-3.4.0.min.js Show response
static.liqpay.ua/libjs/ Frame E8A3 13 KB
5 KB 35ms
18ms Script
application/javascript 13.32.121.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.liqpay.ua/libjs/jquery-migrate-3.4.0.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-31.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

59f2939d3343ece8aaad6c2c4a399ae28921fa844b9f9add5dde17c87599df82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.liqpay.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 20:19:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 1362402
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 14:30:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
x-amz-cf-id: LjGadsiqLR73CLqKb7hNJAOi0O25dF0qt_ycuZ8og9SykRWXYahGRg==
expires: Tue, 26 Dec 2023 20:19:27 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E8A3 27 KB
1 KB 64ms
63ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b13d4ba577f8a1e50ca84576732bd47c5608583931791b476d06bf7bed513585

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.liqpay.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Dec 2023 14:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 14:28:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Dec 2023 14:46:10 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E8A3 8 KB
745 B 65ms
64ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600&subset=cyrillic-ext

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

93c9b0c2e8b47042c9f1cff90e635f3fe72d3a0384ea73b0a122dd28dd33316d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.liqpay.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Dec 2023 14:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 13:27:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Dec 2023 14:46:10 GMT

GET
H2 200 index.css
static.liqpay.ua/checkout/231207002801/styles/ Frame E8A3 117 KB
24 KB 28ms
11ms Stylesheet
text/css 13.32.121.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.liqpay.ua/checkout/231207002801/styles/index.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-31.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

5255a46d5e25c25eb2c18cb3159654dbe7c9e0c59e1574f8a6c229d4a9499cdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.liqpay.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 04:58:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 467255
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Dec 2023 04:58:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
x-amz-cf-id: RClIraihKjhKKAKRA5XatwsNtd43214w7yxGR6cpFsfNJbG-o3DcpA==
expires: Sat, 06 Jan 2024 04:58:34 GMT

GET
H2 200 index.js Show response
static.liqpay.ua/checkout/231207002801/js/ Frame E8A3 1 MB
400 KB 8ms
8ms Script
application/javascript 13.32.121.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.liqpay.ua/checkout/231207002801/js/index.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-31.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

452a5f58a07e278c736f43d57668769c2b4f87e21f1b6845161d671b2eb47ffd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.liqpay.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 04:58:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 467256
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Dec 2023 04:58:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
x-amz-cf-id: V4KFX1SmvUgtyfvllygC3YT8iY8q3VPcxub7gCG4EbARQScZqFNTlA==
expires: Sat, 06 Jan 2024 04:58:34 GMT

GET
H2 200 calculator.js Show response
ppcalc.privatbank.ua/pp_calculator/resources/js/ Frame E8A3 6 KB
2 KB 61ms
23ms Script
application/javascript 3.33.193.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ppcalc.privatbank.ua/pp_calculator/resources/js/calculator.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.193.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a5eaf579d8d33784e.awsglobalaccelerator.com

Software

nginx /

Resource Hash

0257bf34c57cc8c15e49150d34ae29daa4bb2599eaea09665d393ad9c07bf6b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.liqpay.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:46:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 31 Aug 2023 09:31:08 GMT
server: nginx
etag: W/"103889735-5967-1693474268000"
content-type: application/javascript
cache-control: max-age=3600

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 25ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=635027176650503&ev=PageView&dl=http%3A%2F%2Fwww.fmfu.org%2F&rl=&if=false&ts=1702392370029&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1702392370029.532075475&ler=empty&it=1702392369932&coo=false&rqm=GET

Requested by

Host: www.fmfu.org
URL: http://www.fmfu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fmfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 12 Dec 2023 14:46:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 checkoutjs Show response
www.liqpay.ua/uk/ Frame E8A3 1 KB
2 KB 69ms
69ms Document
text/html 75.2.86.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.liqpay.ua/uk/checkoutjs?hostname=www.fmfu.org&port=&protocol=http%3A&uid=1702392369816&data=eyAidmVyc2lvbiIgOiAzLCAicHVibGljX2tleSIgOiAieW91cl9wdWJsaWNfa2V5IiwgImFjdGlvbiIgOiAicGF5IiwgImFtb3VudCIgOiAxLCAiY3VycmVuY3kiIDogIlVTRCIsICJkZXNjcmlwdGlvbiIgOiAiZGVzY3JpcHRpb24gdGV4dCIsICJvcmRlcl9pZCIgOiAib3JkZXJfaWRfMSIgfQ%3D%3D&signature=QvJD5u9Fg55PCx%2FHdz6lzWtYwcI%3D&embedTo=%23liqpay_checkout&language=ru&mode=embed

Requested by

Host: static.liqpay.ua
URL: https://static.liqpay.ua/checkout/231207002801/js/index.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.86.201 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a8d9cbce969696280.awsglobalaccelerator.com

Software

nginx /

Resource Hash

037fe41a1e5010d3606a04609554f6711734dd91ef1a0acb5bd92141e2e5275d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://static.liqpay.com https://static.liqpay.ua https://w.liqpay.ua https://cdn.liqpay.ua https://img.liqpay.ua https://www.liqpay.ua https://sentry.microaws.com https://fonts.googleapis.com https://ajax.googleapis.com https://www.google-analytics.com https://.gstatic.com https://.google.com https://www.googletagmanager.com https://www.youtube.com https://www.youtube-nocookie.com https://crm.privatbank.ua/service/Incut https://masterpass.com https://static.masterpass.com https://pin.privatbank.ua https://socauth.privatbank.ua https://discount.pb.ua/inet https://.checkout.visa.com https://.masterpassturkiye.com https://channelapi.liqpay.ua wss://channelapi.liqpay.ua https://telegram.org https://fingerprint.pb.ua https://login-widget.privat24.ua https://www.privat24.ua https://gouploader.microaws.com https://api.novaposhta.ua https://ppcalc.privatbank.ua/pp_calculator/resources/js/calculator.js https://google.com/pay;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.liqpay.ua/ru/checkoutjs?hostname=www.fmfu.org&port=&protocol=http%3A&uid=1702392369816&data=eyAidmVyc2lvbiIgOiAzLCAicHVibGljX2tleSIgOiAieW91cl9wdWJsaWNfa2V5IiwgImFjdGlvbiIgOiAicGF5IiwgImFtb3VudCIgOiAxLCAiY3VycmVuY3kiIDogIlVTRCIsICJkZXNjcmlwdGlvbiIgOiAiZGVzY3JpcHRpb24gdGV4dCIsICJvcmRlcl9pZCIgOiAib3JkZXJfaWRfMSIgfQ%3D%3D&signature=QvJD5u9Fg55PCx%2FHdz6lzWtYwcI%3D&embedTo=%23liqpay_checkout&language=ru&mode=embed
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://static.liqpay.com https://static.liqpay.ua https://w.liqpay.ua https://cdn.liqpay.ua https://img.liqpay.ua https://www.liqpay.ua https://sentry.microaws.com https://fonts.googleapis.com https://ajax.googleapis.com https://www.google-analytics.com https://*.gstatic.com https://*.google.com https://www.googletagmanager.com https://www.youtube.com https://www.youtube-nocookie.com https://crm.privatbank.ua/service/Incut https://masterpass.com https://static.masterpass.com https://pin.privatbank.ua https://socauth.privatbank.ua https://discount.pb.ua/inet https://*.checkout.visa.com https://*.masterpassturkiye.com https://channelapi.liqpay.ua wss://channelapi.liqpay.ua https://telegram.org https://fingerprint.pb.ua https://login-widget.privat24.ua https://www.privat24.ua https://gouploader.microaws.com https://api.novaposhta.ua https://ppcalc.privatbank.ua/pp_calculator/resources/js/calculator.js https://google.com/pay;
content-type: text/html; charset=utf-8
date: Tue, 12 Dec 2023 14:46:10 GMT
etag: W/"11598afa33df4a483f2bcbfda52e7137"
expires: Mon, 11 Dec 2023 10:59:30 GMT
last-modified: Thu, 07 Dec 2023 04:58:34 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-amz-id-2: K64Yok1qp3JD7TXlmfBMeMNkleRVMWENA6NlQnY/fYhLth5PQi6ivOBlD+Ze5T0/jvHkWCZP6rQ=
x-amz-request-id: 323FFZARFRNP136S
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 /
www.google.com/pagead/1p-user-list/868611982/ 42 B
340 B 65ms
65ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/868611982/?random=1702392369807&cv=9&fst=1702389600000&num=1&guid=ON&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=http%3A%2F%2Fwww.fmfu.org%2F&tiba=Welcome%20-%20%D0%A4%D0%B5%D0%B4%D0%B5%D1%80%D0%B0%D1%86%D1%96%D1%8F%20%D0%BC%D1%96%D0%BD%D1%96%D1%84%D1%83%D1%82%D0%B1%D0%BE%D0%BB%D1%83%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_aFE3miNIjsmoGtcLARdcJMjX8wXK8A&random=1452006767&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.fmfu.org
URL: http://www.fmfu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fmfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 14:46:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/868611982/ 42 B
455 B 173ms
65ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/868611982/?random=1702392369807&cv=9&fst=1702389600000&num=1&guid=ON&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=http%3A%2F%2Fwww.fmfu.org%2F&tiba=Welcome%20-%20%D0%A4%D0%B5%D0%B4%D0%B5%D1%80%D0%B0%D1%86%D1%96%D1%8F%20%D0%BC%D1%96%D0%BD%D1%96%D1%84%D1%83%D1%82%D0%B1%D0%BE%D0%BB%D1%83%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_aFE3miNIjsmoGtcLARdcJMjX8wXK8A&random=1452006767&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.fmfu.org
URL: http://www.fmfu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fmfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 14:46:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 101ms
38ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-G6R3H6YCR9&gtm=45je3bt0v9137032127&_p=1702392369806&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=965322388.1702392370&ul=en-us&sr=1600x1200&_s=1&sid=1702392370&sct=1&seg=0&dl=http%3A%2F%2Fwww.fmfu.org%2F&dt=Welcome%20-%20%D0%A4%D0%B5%D0%B4%D0%B5%D1%80%D0%B0%D1%86%D1%96%D1%8F%20%D0%BC%D1%96%D0%BD%D1%96%D1%84%D1%83%D1%82%D0%B1%D0%BE%D0%BB%D1%83%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2282
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G6R3H6YCR9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fmfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 14:46:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.fmfu.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery-3.6.3.min.js Show response
static.liqpay.ua/libjs/ Frame E8A3 88 KB
32 KB 9ms
9ms Script
application/javascript 13.32.121.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.liqpay.ua/libjs/jquery-3.6.3.min.js

Requested by

Host: www.liqpay.ua
URL: https://www.liqpay.ua/uk/checkoutjs?hostname=www.fmfu.org&port=&protocol=http%3A&uid=1702392369816&data=eyAidmVyc2lvbiIgOiAzLCAicHVibGljX2tleSIgOiAieW91cl9wdWJsaWNfa2V5IiwgImFjdGlvbiIgOiAicGF5IiwgImFtb3VudCIgOiAxLCAiY3VycmVuY3kiIDogIlVTRCIsICJkZXNjcmlwdGlvbiIgOiAiZGVzY3JpcHRpb24gdGV4dCIsICJvcmRlcl9pZCIgOiAib3JkZXJfaWRfMSIgfQ%3D%3D&signature=QvJD5u9Fg55PCx%2FHdz6lzWtYwcI%3D&embedTo=%23liqpay_checkout&language=ru&mode=embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-31.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

448ef0632211ba18d7c1557a6d22250820ac3b4465ba2e73b7137f4dc4a31a12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.liqpay.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 20:19:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 1362403
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 14:30:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
x-amz-cf-id: Qoj4RIYvtlbUmdjV_HvGC-Mv52ngtTffR-qOPTe1EBBHivkWMJ9oNg==
expires: Tue, 26 Dec 2023 20:19:27 GMT

GET
H2 200 jquery-migrate-3.4.0.min.js Show response
static.liqpay.ua/libjs/ Frame E8A3 13 KB
5 KB 10ms
10ms Script
application/javascript 13.32.121.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.liqpay.ua/libjs/jquery-migrate-3.4.0.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-31.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

59f2939d3343ece8aaad6c2c4a399ae28921fa844b9f9add5dde17c87599df82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.liqpay.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 20:19:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 1362403
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 14:30:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
x-amz-cf-id: ZkTI25T8oaWG2NQ344sadcHmy_2ZN90Oqk5g02bvDNksNeIbex_6iw==
expires: Tue, 26 Dec 2023 20:19:27 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E8A3 27 KB
1 KB 60ms
60ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b13d4ba577f8a1e50ca84576732bd47c5608583931791b476d06bf7bed513585

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.liqpay.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Dec 2023 14:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 14:05:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Dec 2023 14:46:10 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E8A3 8 KB
745 B 61ms
61ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600&subset=cyrillic-ext

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

93c9b0c2e8b47042c9f1cff90e635f3fe72d3a0384ea73b0a122dd28dd33316d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.liqpay.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Dec 2023 14:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 14:14:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Dec 2023 14:46:10 GMT

GET
H2 200 index.css
static.liqpay.ua/checkout/231207002801/styles/ Frame E8A3 117 KB
24 KB 8ms
8ms Stylesheet
text/css 13.32.121.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.liqpay.ua/checkout/231207002801/styles/index.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-31.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

5255a46d5e25c25eb2c18cb3159654dbe7c9e0c59e1574f8a6c229d4a9499cdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.liqpay.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 04:58:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 467256
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Dec 2023 04:58:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
x-amz-cf-id: wEkerdaZNC-OHpxCOoe3QoqIE7SknfghY3DbhhubxcobK5s9LXf-dw==
expires: Sat, 06 Jan 2024 04:58:34 GMT

GET
H2 200 index.js Show response
static.liqpay.ua/checkout/231207002801/js/ Frame E8A3 1 MB
400 KB 7ms
7ms Script
application/javascript 13.32.121.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.liqpay.ua/checkout/231207002801/js/index.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-31.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

452a5f58a07e278c736f43d57668769c2b4f87e21f1b6845161d671b2eb47ffd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.liqpay.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 04:58:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 467256
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Dec 2023 04:58:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
x-amz-cf-id: KmVaYBdZqYYW3T2JN-WPo2DP0o03BL_yexfDm81Fb67Wwe3q5s7t3g==
expires: Sat, 06 Jan 2024 04:58:34 GMT

GET
H2 200 calculator.js Show response
ppcalc.privatbank.ua/pp_calculator/resources/js/ Frame E8A3 6 KB
2 KB 18ms
17ms Script
application/javascript 3.33.193.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ppcalc.privatbank.ua/pp_calculator/resources/js/calculator.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.193.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a5eaf579d8d33784e.awsglobalaccelerator.com

Software

nginx /

Resource Hash

0257bf34c57cc8c15e49150d34ae29daa4bb2599eaea09665d393ad9c07bf6b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.liqpay.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:46:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 31 Aug 2023 09:31:08 GMT
server: nginx
etag: W/"103889735-5967-1693474268000"
content-type: application/javascript
cache-control: max-age=3600

GET
H/1.1 200
OK async-ads.js Show response
cse.google.com/adsense/search/ 143 KB
53 KB 145ms
92ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/3bd4ac03c21554b3/cse_element__uk.js?usqp=CAI%3D

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9211b98042b17907d74bb76aa84613fe8d9dec0208003af8082899a662a00c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fmfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 14:46:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
ETag: "12933309866110392501"
Vary: Accept-Encoding
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Accept-Ranges: bytes
Link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
Expires: Tue, 12 Dec 2023 14:46:10 GMT

GET
H2 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 51ms
51ms Image
image/png 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/3bd4ac03c21554b3/default+uk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/cse/static/element/3bd4ac03c21554b3/default+uk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 13:08:48 GMT
x-content-type-options: nosniff
age: 5842
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 11 Dec 2024 13:08:48 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 52ms
51ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.fmfu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:34:04 GMT
x-content-type-options: nosniff
age: 76326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 17:34:04 GMT

GET
H/1.1 204
No Content generate_204
clients1.google.com/ 0
127 B 127ms
53ms Image
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clients1.google.com/generate_204
Requested by: Host: www.fmfu.org
URL: http://www.fmfu.org/
Protocol: HTTP/1.1
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fmfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 14:46:10 GMT
Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin

GET
H2 200 chunk-vendors.6da32d06.css
sport.video/static/dist/css/ Frame 1402 30 KB
7 KB 31ms
30ms Stylesheet
text/css 2606:4700:20::ac43:4789
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sport.video/static/dist/css/chunk-vendors.6da32d06.css
Requested by: Host: sport.video
URL: https://sport.video/embed-game/ukraine-vs-romania-904012484/ff223f7b-1e51-4032-ae33-17043259e01c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4789 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 080b53cfe93346432e962a67712bcba0c54d83e98e921574700084227cd37cb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sport.video/embed-game/ukraine-vs-romania-904012484/ff223f7b-1e51-4032-ae33-17043259e01c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:46:10 GMT
content-encoding: br
cf-cache-status: HIT
x-original-content-length: 30354
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1149158
cf-polished: origSize=30354
cf-bgj: minify
server: cloudflare
etag: W/"6560a285-7692"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=040DXIUbenKbF32uEaZd9oiXAubBUqgo%2BFDmN5A%2FZA%2BZvylF9LaQLoWj%2B5yzIalIdgVCO08XvOc8IPzISxZ8MTS2V6sm0qg5Htp8ekWVQ1ST8zQU2s8RTwTQeTKrDvtZUdPoxkFBQPjY"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000, public
cf-ray: 8346c15add318ff8-FRA
expires: Fri, 29 Dec 2023 02:25:21 GMT

GET
H2 200 chunk-common.85b8616e.css
sport.video/static/dist/css/ Frame 1402 4 KB
1 KB 24ms
22ms Stylesheet
text/css 2606:4700:20::ac43:4789
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sport.video/static/dist/css/chunk-common.85b8616e.css
Requested by: Host: sport.video
URL: https://sport.video/embed-game/ukraine-vs-romania-904012484/ff223f7b-1e51-4032-ae33-17043259e01c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4789 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a512c4bef9d261e63d11a5bac4bab003495547aca6d807d165ec41f51548a94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sport.video/embed-game/ukraine-vs-romania-904012484/ff223f7b-1e51-4032-ae33-17043259e01c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:46:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 977431
cf-polished: origSize=4047
cf-bgj: minify
last-modified: Thu, 30 Nov 2023 12:52:22 GMT
server: cloudflare
etag: W/"65688586-fcf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXlDJwsfM2F7etfQ4Mm3iqmU2MacBpJ5OAa%2Bgrf6FeUvLqeusbOiDid1YEvBfeJVhjGm4Lf%2B9mHp%2BQSkRNYykh3JKN5IDE7bd0QpsrTX2jQN3%2BoxeFRvrC7vYiCKcK%2FsF9bfYlahguez"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000, public
cf-ray: 8346c15add338ff8-FRA
expires: Sun, 31 Dec 2023 07:15:39 GMT

GET
H2 200 app.7bc70055.css
sport.video/static/dist/css/ Frame 1402 484 KB
80 KB 32ms
31ms Stylesheet
text/css 2606:4700:20::ac43:4789
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sport.video/static/dist/css/app.7bc70055.css
Requested by: Host: sport.video
URL: https://sport.video/embed-game/ukraine-vs-romania-904012484/ff223f7b-1e51-4032-ae33-17043259e01c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4789 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc951d5d6ba7d78f8bfecc57e1d56d984b5663ad0baab32a9e0a1631a991de78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sport.video/embed-game/ukraine-vs-romania-904012484/ff223f7b-1e51-4032-ae33-17043259e01c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:46:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1062253
cf-polished: origSize=495421
cf-bgj: minify
last-modified: Fri, 24 Nov 2023 13:17:57 GMT
server: cloudflare
etag: W/"6560a285-78f3d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nvCViL%2FIWaMLZPJfS9FZqQVDuh7Fm57gzVw0ht3TaIEJwI6CQQqds1EYnJRAvxyrLY6UKnjgEKVB3wMKqwcNIz1O0dDweWXMdvptXhiY96xt%2BacRHDKoGES281wM0zxIlG4RDpirw%2Ff%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000, public
cf-ray: 8346c15aed358ff8-FRA
expires: Sat, 30 Dec 2023 07:41:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 1402 259 KB
88 KB 89ms
88ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8EQ0QMHWR9

Requested by

Host: sport.video
URL: https://sport.video/embed-game/ukraine-vs-romania-904012484/ff223f7b-1e51-4032-ae33-17043259e01c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fa04db3d753c82305707002601525a39396c652d40abb527c975c5b2cb32e4b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:46:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90331
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 12 Dec 2023 14:46:10 GMT

GET
H2 200 reverse.430c1796798f.js Show response
sport.video/static/django_js_reverse/js/ Frame 1402 14 KB
3 KB 27ms
26ms Script
application/javascript 2606:4700:20::ac43:4789
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sport.video/static/django_js_reverse/js/reverse.430c1796798f.js
Requested by: Host: sport.video
URL: https://sport.video/embed-game/ukraine-vs-romania-904012484/ff223f7b-1e51-4032-ae33-17043259e01c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4789 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b746c8cbf21a12e8b97e410c587d4a4f8737bfaade75add50a7201b5f6e1b071

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sport.video/embed-game/ukraine-vs-romania-904012484/ff223f7b-1e51-4032-ae33-17043259e01c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:46:10 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 03 Oct 2023 08:54:27 GMT
server: cloudflare
age: 1237191
etag: W/"651bd6c3-36d2"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ooR6zY7gjRrK5WV0C8a5GfC6Wj7a2lvCAzCK0foD0JgVHylH1mmve59i623Jxh5SHBtjKCvq2um8JLJZRGCOax4flsYGIZdtr9jFwe2fW08fuCLYXiiE5Rspo0P8isNKfV5hdOeFUfQe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000, public
cf-ray: 8346c15aed368ff8-FRA
expires: Thu, 28 Dec 2023 07:06:19 GMT

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ Frame 1402 366 B
761 B 159ms
44ms Script
text/javascript 2a04:4e42::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js?features=es6,,Object.entries,String.prototype.includes,Array.prototype.includes,Array.prototype.entries

Requested by

Host: sport.video
URL: https://sport.video/embed-game/ukraine-vs-romania-904012484/ff223f7b-1e51-4032-ae33-17043259e01c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

97d06bd7b958f09ace94a6d29cafd5aae171dfd97fc384a2164936fc80cae48c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 12 Dec 2023 14:46:10 GMT
age: 88968
detected-user-agent: Chrome/120.0.0
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=2
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 264
referrer-policy: origin-when-cross-origin
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/120.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 1402 367 KB
126 KB 110ms
103ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: sport.video
URL: https://sport.video/embed-game/ukraine-vs-romania-904012484/ff223f7b-1e51-4032-ae33-17043259e01c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bda9ec230e9fd779256cde4a4b7687c6fbfab102624bed226faca3e27d255716

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128901
x-xss-protection: 0
expires: Tue, 12 Dec 2023 14:46:10 GMT

GET
H2 200 / Show response
sport.video/jsi18n/ Frame 1402 5 KB
2 KB 59ms
58ms Script
text/javascript 2606:4700:20::ac43:4789
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sport.video/jsi18n/

Requested by

Host: sport.video
URL: https://sport.video/embed-game/ukraine-vs-romania-904012484/ff223f7b-1e51-4032-ae33-17043259e01c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4789 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c94b86e1a9f98bed26116bdc4a06a58548a133311a87edc968cfe17ae127d8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sport.video/embed-game/ukraine-vs-romania-904012484/ff223f7b-1e51-4032-ae33-17043259e01c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:46:10 GMT
content-encoding: br
referrer-policy: same-origin
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-railgun: direct (starting new WAN connection)
vary: Accept-Language, Authorization, Cookie
content-language: en
access-control-allow-origin: https://sport.video
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ORvJPGhBXnNLvd9UEfEI7y7ktuCrUExSjTSq2fNSnHkEFLn8IBY4TzDYnI%2FPi1t7rXeUNWH5zdFrpBoePk8P24BP34PGIDjo5PHaGSc6OKvQg4%2Fd0gCoc%2B3K8SclMAiVZ9M9XGWoXwQk"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset="utf-8"
x-frame-options: DENY
cf-ray: 8346c15aed378ff8-FRA

GET
H2 200 chunk-vendors.2ee4d79a.js Show response
sport.video/static/dist/js/ Frame 1402 3 MB
994 KB 41ms
40ms Script
application/javascript 2606:4700:20::ac43:4789
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sport.video/static/dist/js/chunk-vendors.2ee4d79a.js
Requested by: Host: sport.video
URL: https://sport.video/embed-game/ukraine-vs-romania-904012484/ff223f7b-1e51-4032-ae33-17043259e01c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4789 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4aa852b36c64f6780d195663a1562d56fceecc4b7cbfd464ebcc2d2647b29864

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sport.video/embed-game/ukraine-vs-romania-904012484/ff223f7b-1e51-4032-ae33-17043259e01c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:46:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1041088
cf-polished: origSize=3599196
cf-bgj: minify
last-modified: Thu, 30 Nov 2023 12:52:22 GMT
server: cloudflare
etag: W/"65688586-36eb5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3FmlqVdWLW%2BWylDQ9R7FDA4lKjT1ozrHAlmmcSpUQrmkpUA69oIcT1VyowFioC4801sQKQ1EuAC0M1l6EjFfKVF8g51VY9isGzgboqLhLTimgRU9mYTOC215VA3A0cA%2BxGXslQ3U%2BqNj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000, public
cf-ray: 8346c15aed388ff8-FRA
expires: Sat, 30 Dec 2023 13:34:42 GMT

GET
H2 200 chunk-common.d5af39b6.js Show response
sport.video/static/dist/js/ Frame 1402 25 KB
6 KB 24ms
24ms Script
application/javascript 2606:4700:20::ac43:4789
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sport.video/static/dist/js/chunk-common.d5af39b6.js
Requested by: Host: sport.video
URL: https://sport.video/embed-game/ukraine-vs-romania-904012484/ff223f7b-1e51-4032-ae33-17043259e01c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4789 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1e03616bedff4880648617046129208a25f4627f1d925ae028852f8966570c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sport.video/embed-game/ukraine-vs-romania-904012484/ff223f7b-1e51-4032-ae33-17043259e01c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:46:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1041088
cf-polished: origSize=25368
cf-bgj: minify
last-modified: Thu, 30 Nov 2023 12:52:22 GMT
server: cloudflare
etag: W/"65688586-6318"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F9YeBMfWanhpfxdyMbfAfGRa%2BtPhayb8Z0uDQ4UH4f9sLttTPy%2BcJY8cz7iFaX0F2aI8%2Bf9e3lFEWABs1l51OJTBVmUECfl%2FQY2JZ7CZlCF5bc6PNQnm6YUcCrazJ9FdRr8bhmtXZcmw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000, public
cf-ray: 8346c15aed398ff8-FRA
expires: Sat, 30 Dec 2023 13:34:42 GMT

GET
H2 200 app.46683536.js Show response
sport.video/static/dist/ Frame 1402 169 KB
28 KB 29ms
29ms Script
application/javascript 2606:4700:20::ac43:4789
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sport.video/static/dist/app.46683536.js
Requested by: Host: sport.video
URL: https://sport.video/embed-game/ukraine-vs-romania-904012484/ff223f7b-1e51-4032-ae33-17043259e01c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4789 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ae01f8f43fe49a67b0c07b286b464413510b68cccd86d5cc73dd8bf397c2b1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sport.video/embed-game/ukraine-vs-romania-904012484/ff223f7b-1e51-4032-ae33-17043259e01c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:46:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1041082
cf-polished: origSize=172763
cf-bgj: minify
last-modified: Thu, 30 Nov 2023 12:52:22 GMT
server: cloudflare
etag: W/"65688586-2a2db"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sPMYZ0OPplEYcb%2BK%2Bqog7Kltq302iztykF3rUUj%2B7ni1DpOUFeg2%2BhZLFWaSf9zPlWUFtSrSsTW9KT%2Fz3vxynFK1LczHyWJv18l6xpy3Ff76GJeFV27xe15YqR22VPZFERcSvMVl2aLR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000, public
cf-ray: 8346c15aed3a8ff8-FRA
expires: Sat, 30 Dec 2023 13:34:48 GMT

GET
H2 200 5004026.js Show response
js.hs-scripts.com/ Frame 1402 974 B
1 KB 147ms
130ms Script
application/javascript 2606:4700::6810:bd59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/5004026.js

Requested by

Host: sport.video
URL: https://sport.video/embed-game/ukraine-vs-romania-904012484/ff223f7b-1e51-4032-ae33-17043259e01c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:bd59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c88237d2e57c3236880af4e946dbe5dab972d1420ed9b1136b348540fa4e6fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:46:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 1d19c08b-39f4-459f-bd9c-26d66e690971
x-envoy-upstream-service-time: 12
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1d19c08b-39f4-459f-bd9c-26d66e690971
last-modified: Tue, 12 Dec 2023 14:35:13 GMT
server: cloudflare
x-trace: 2B3C0D527D164AE5AF1E09917E2E2A7726001D355F000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-6ffdd984b9-tnh9w
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 8346c15baeea996f-FRA
expires: Tue, 12 Dec 2023 14:47:10 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1402 15 KB
979 B 62ms
61ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400,400i,700,700i|Roboto:400,500,700

Requested by

Host: sport.video
URL: https://sport.video/static/dist/css/app.7bc70055.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

436a47ff66d5d3a90c3ec0cee719ecadf3358d40aecb5d8914cb2b10d40baf29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Dec 2023 14:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 14:46:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Dec 2023 14:46:10 GMT

POST
H2 200 api Show response
www.liqpay.ua/apiweb/checkout/init/ Frame E8A3 212 B
337 B 40ms
40ms XHR
application/json 75.2.86.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.liqpay.ua/apiweb/checkout/init/api
Requested by: Host: static.liqpay.ua
URL: https://static.liqpay.ua/libjs/jquery-3.6.3.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.86.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8d9cbce969696280.awsglobalaccelerator.com
Software: nginx /
Resource Hash: ca26c6bf33f01ca401433609036c408087e7a67ae5cdb6f60603850e41305350

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.liqpay.ua/uk/checkoutjs?hostname=www.fmfu.org&port=&protocol=http%3A&uid=1702392369816&data=eyAidmVyc2lvbiIgOiAzLCAicHVibGljX2tleSIgOiAieW91cl9wdWJsaWNfa2V5IiwgImFjdGlvbiIgOiAicGF5IiwgImFtb3VudCIgOiAxLCAiY3VycmVuY3kiIDogIlVTRCIsICJkZXNjcmlwdGlvbiIgOiAiZGVzY3JpcHRpb24gdGV4dCIsICJvcmRlcl9pZCIgOiAib3JkZXJfaWRfMSIgfQ%3D%3D&signature=QvJD5u9Fg55PCx%2FHdz6lzWtYwcI%3D&embedTo=%23liqpay_checkout&language=ru&mode=embed
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: No-cache
date: Tue, 12 Dec 2023 14:46:10 GMT
cache-control: No-cache
server: nginx
content-length: 212
content-type: application/json; charset=utf-8

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ Frame E8A3 34 KB
0 54ms
54ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.liqpay.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:16:33 GMT
x-content-type-options: nosniff
age: 77377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 17:16:33 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 1402 165 KB
60 KB 67ms
67ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-THQWNMS

Requested by

Host: sport.video
URL: https://sport.video/embed-game/ukraine-vs-romania-904012484/ff223f7b-1e51-4032-ae33-17043259e01c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e754f4eac3e664c0adfaf003ec7b4856a19ab809a673c791eee522e2aecedaea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:46:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61569
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 12 Dec 2023 14:46:10 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1402 15 KB
15 KB 53ms
53ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,400i,700,700i|Roboto:400,500,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sport.video
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:54:09 GMT
x-content-type-options: nosniff
age: 21121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 08:54:09 GMT

GET
H2 200 hotjar-1285856.js Show response
static.hotjar.com/c/ Frame 1402 9 KB
4 KB 63ms
47ms Script
application/javascript 18.66.97.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1285856.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THQWNMS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-49.fra56.r.cloudfront.net

Software

Resource Hash

69bbd4ae26885bc66aa7338142c3be8b57175d8dfdaae1e370061e41288c3682

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 12 Dec 2023 14:46:10 GMT
via: 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/9a808849a501aeaad7cf68d0e098dbef
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: Ww3qXPiXvH_xzl6etIW_QUJQyJy2IoZ9oNvVW9sp5rLjs4siivj4cw==

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 1402 202 KB
53 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.fmfu.org
URL: http://www.fmfu.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 12 Dec 2023 14:46:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 2Un0oEYRC1PrUvXPIPsznJcAvTLOIN/YALvF8JIJQRKuyL/P7sCZ6VMTkIlpjFJY03a5qKJUxYSq9cZZH50K1A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 1402 256 KB
87 KB 71ms
71ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8EQ0QMHWR9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THQWNMS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1196eded1521d7cca105b5bbe34cc00b87b38346e3aa6220fb750e6ecc619d25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:46:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 12 Dec 2023 14:46:10 GMT

GET
H3 200 340812641799690 Show response
connect.facebook.net/signals/config/ Frame 1402 133 KB
35 KB 66ms
66ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/340812641799690?v=2.9.138&r=stable&domain=www.fmfu.org

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

17cd961fa0198c5a1016826fdc1fc5e2aaf53ebbe6fd6c66ddbc7cfb539c330b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 12 Dec 2023 14:46:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: DUehraHpaD1OofXDinUSVm3DZlctRZplDQS6PVBalDR8Y9kuCI1fYQmDhajGY5zptF4IW88RydOlZ48DVVS6lg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 1402 129 KB
49 KB 64ms
64ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-106775997-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8EQ0QMHWR9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

37984708e526e856a5e83940f4434fdf1d903b4e749377a855e7208f97528936

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:46:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 50561
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 12 Dec 2023 14:46:10 GMT

POST
H2 200 graphql Show response
sport.video/ Frame 1402 56 KB
4 KB 1028ms
1028ms Fetch
application/json 2606:4700:20::ac43:4789
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sport.video/graphql

Requested by

Host: sport.video
URL: https://sport.video/static/dist/js/chunk-vendors.2ee4d79a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4789 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a829d62a78ed8a7401e258cdd22a29db836e109b478833c8c4bf833805e890b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept: */*
Referer: https://sport.video/embed-game/ukraine-vs-romania-904012484/ff223f7b-1e51-4032-ae33-17043259e01c
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: application/json

Response headers

date: Tue, 12 Dec 2023 14:46:11 GMT
content-encoding: br
referrer-policy: same-origin
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-geocode: US
x-frame-options: DENY
cf-railgun: direct (starting new WAN connection)
content-type: application/json
vary: Cookie, Accept-Language, Authorization
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=licgUnOmmkQqx3QOvsBCjNcY5sMJ4b5aOYSTpDgMwUDgR%2BaxLm%2BHGZoC4%2Bqj0TwOAwexb7nCTdIb%2BRLb0Y%2BPKfbb5VfwI04JRaLL9cYhLQD%2B74FuRt%2FnfEuJcTmc%2F9I46hTwL5f4x14S"}],"group":"cf-nel","max_age":604800}
content-language: en
cf-ray: 8346c15d0fc88ff8-FRA

GET
H3 200 ieVj2ZhZI2eCN5jzbjEETS9weq8-19eLDwM9.woff2
fonts.gstatic.com/s/robotocondensed/v27/ Frame 1402 56 KB
56 KB 54ms
53ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVj2ZhZI2eCN5jzbjEETS9weq8-19eLDwM9.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,400i,700,700i|Roboto:400,500,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e0d02c04fe3bb456ed7318a162a6248bd481b6f8e955fecda064d7c0ad3d792

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sport.video
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 00:48:04 GMT
x-content-type-options: nosniff
age: 50286
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56996
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:53:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 00:48:04 GMT

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/5004026/ Frame 1402 65 KB
20 KB 351ms
336ms Script
text/javascript 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/5004026/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5004026.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f5174192fe5fbf3ea9107e55f30ee33830cb94ab9519a5755d5b45af2befc1b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:46:11 GMT
x-amz-version-id: RGMwD6DcqPguVrN9nqRYFMOleVd78xR1
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 4ZXQY1VPH87VA3JK
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 15211df5-f6b4-4ba1-a7bf-d197a85846dd
x-envoy-upstream-service-time: 37
x-amz-id-2: b94GV2pgxbix7M69HcEzWD2ZhDfvRQDdfPT/63B81dODWUpC71KPAHMHGVNzXKIcDitnJ8Je1H0dMQbv/y3iCrzXPPqPPomsLh8cb48R5pE=
x-evy-trace-listener: listener_https
x-request-id: 15211df5-f6b4-4ba1-a7bf-d197a85846dd
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 18 Oct 2023 16:26:22 GMT
server: cloudflare
etag: W/"51cfc878f2c468483d12053f3ab2905e"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
vary: origin, Accept-Encoding
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-576b4d6667-7nqmg
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8346c15d9f4a9b71-FRA
expires: Tue, 12 Dec 2023 14:51:11 GMT

GET
H2 200 5004026.js Show response
js.hs-analytics.net/analytics/1702392300000/ Frame 1402 66 KB
21 KB 188ms
158ms Script
text/javascript 2606:4700::6810:50ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1702392300000/5004026.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5004026.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:50ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 021b0e32128b6f45758afa70955c4105f103cb5c6bc3b06065ef0f312e48aa94

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:46:10 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 3235C1QFYW66E7MM
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 745d024c-586f-485a-95be-808b19785c58
x-envoy-upstream-service-time: 31
x-amz-id-2: 9qqTLSl/hZ00tp5RV4l7ExgIDJKbTQoWY2kyxu1kt3cSyHm+liF/lB42D64wUnVg7YQ6U5jrBVo=
x-evy-trace-listener: listener_https
x-request-id: 745d024c-586f-485a-95be-808b19785c58
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 15 Nov 2023 17:20:19 GMT
server: cloudflare
etag: W/"4f101cc64a498182a12b5c771f31654b"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-fd6fb8679-wvt5r
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8346c15dbb4a198f-FRA
expires: Tue, 12 Dec 2023 14:51:10 GMT

GET
H2 200 modules.3a21fc8f657f3b8e388d.js Show response
script.hotjar.com/ Frame 1402 219 KB
55 KB 62ms
26ms Script
application/javascript 108.156.2.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.3a21fc8f657f3b8e388d.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1285856.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.2.20 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-2-20.mxp63.r.cloudfront.net

Software

Resource Hash

6ada98a3a91822b5e0f1a0523c302abcb41a512142e6cf92f61e598db9095961

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 c205f74aa99b4a794fa57396e24414b6.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P4
age: 16024
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55538
last-modified: Tue, 12 Dec 2023 10:18:14 GMT
etag: "17ef78973b50641a4ae2770942cf511c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: B17Bi7IQCoAiU0ZNBvHIdnPvNqvHcuvpRekq0VZhKqhvado129vlAw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 1402 52 KB
21 KB 177ms
57ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-106775997-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 12 Dec 2023 13:48:14 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3476
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 12 Dec 2023 15:48:14 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 1402 0
31 B 7ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=340812641799690&ev=PageView&dl=https%3A%2F%2Fsport.video%2Fembed-game%2Fukraine-vs-romania-904012484%2Fff223f7b-1e51-4032-ae33-17043259e01c&rl=http%3A%2F%2Fwww.fmfu.org%2F&if=true&ts=1702392370808&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&ler=other&it=1702392370594&coo=false&rqm=GET

Requested by

Host: sport.video
URL: https://sport.video/embed-game/ukraine-vs-romania-904012484/ff223f7b-1e51-4032-ae33-17043259e01c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 12 Dec 2023 14:46:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 __ptq.gif
track.hubspot.com/ Frame 1402 45 B
1 KB 296ms
163ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=813894649&v=1.1&a=5004026&r=http%3A%2F%2Fwww.fmfu.org%2F&pu=https%3A%2F%2Fsport.video%2Fembed-game%2Fukraine-vs-romania-904012484%2Fff223f7b-1e51-4032-ae33-17043259e01c&t=Ukraine+vs.+Romania+-+1%3A1&cts=1702392371162&vi=49a6b4bdcec6112e34b6167f2b1472d8&nc=true&cc=15

Requested by

Host: www.fmfu.org
URL: http://www.fmfu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:46:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 7f3ada23-a801-48a4-9fb6-575adddbeb7f
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 14
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 7f3ada23-a801-48a4-9fb6-575adddbeb7f
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bXeiXIVMdAHtDV3ibADSGhtddK2JafdKSENBNBQJbFxNYp9fZEExB8fe9G1%2BAaEiPjor%2F%2BtwG9geWVegPRmR8Qqu0dyS29RuEK5LbYMVXejCnd1BwebjOU%2FJfpnEbxswOiar4JopQMBE2AWpNO8M"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-7556df69f8-cnv5j
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8346c1609d9018eb-FRA
x-robots-tag: none

POST
H2 204 ngx_pagespeed_beacon Show response
sport.video/ Frame 1402 0
397 B 58ms
58ms XHR
text/plain 2606:4700:20::ac43:4789
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sport.video/ngx_pagespeed_beacon?url=https%3A%2F%2Fsport.video%2Fembed-game%2Fukraine-vs-romania-904012484%2Fff223f7b-1e51-4032-ae33-17043259e01c
Requested by: Host: sport.video
URL: https://sport.video/embed-game/ukraine-vs-romania-904012484/ff223f7b-1e51-4032-ae33-17043259e01c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4789 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sport.video/embed-game/ukraine-vs-romania-904012484/ff223f7b-1e51-4032-ae33-17043259e01c
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 12 Dec 2023 14:46:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-geocode: US
cf-railgun: direct (starting new WAN connection)
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5XWiLBN3FHS9lzr26t9xU%2FFqTgXD9nuvWmRpfBVyFivARY76g8pHZ4abCn%2FuBV5n7sGIbNLh7hcOmpgAQLZ20WMRoipUGow1%2FHH62acsJ%2BjTTuhS3XT%2Fhs58PiDGAB9nIJMH6kvWJKWP"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, no-cache
cf-ray: 8346c1606bad8ff8-FRA

GET
H3

200

/
www.facebook.com/login/ Frame C8A3
Redirect Chain

https://www.facebook.com/v2.8/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2081373cd08cc8%26d...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconn...

0
0

115ms
115ms

Document
text/html

2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2081373cd08cc8%2526domain%253Dwww.fmfu.org%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Fwww.fmfu.org%25252Ff2551bf3377d5e8%2526relation%253Dparent.parent%26container_width%3D329%26height%3D600%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fukraineminifootball%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D500

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=2f818b7651c1620edce6b3c45b37fa11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://www.fmfu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 12 Dec 2023 14:46:11 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: yML4oCk2SIY+6WXgcnWOtctMMrc3Ybo6kTHL5yWVBg1q9teABjxGj7RqPfFKqVOqFC7tOt3DRudvGV40nxzjFg==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 14:46:11 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v12.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2081373cd08cc8%2526domain%253Dwww.fmfu.org%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Fwww.fmfu.org%25252Ff2551bf3377d5e8%2526relation%253Dparent.parent%26container_width%3D329%26height%3D600%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fukraineminifootball%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D500
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
pragma: no-cache
priority: u=0,i
reporting-endpoints
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: kwE0NLjuD1/jBKgR8jsVRlrilJtZe1d5H6D/SBhUhgwUmrNWFcUULckErFSDoqSB3j3GrS6wxgVQtLt23B9/VQ==
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1402 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 default.png
sport.video/static/images/ Frame 1402 4 KB
5 KB 22ms
22ms Image
image/webp 2606:4700:20::ac43:4789
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sport.video/static/images/default.png
Requested by: Host: sport.video
URL: https://sport.video/static/dist/css/app.7bc70055.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4789 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68483d5be68c4a5206271716c3e6986f617f51ecebd334ee8732e4eafdad44b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sport.video/static/dist/css/app.7bc70055.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:46:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 967674
cf-polished: origFmt=png, origSize=9295
content-disposition: inline; filename="default.webp"
content-length: 4128
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "65688586-244f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d6wu6i3ToTq1Fc3B6Bl%2BG7P3qVR27UzGhSMqFBY5HUO2%2F4MMQqthD8DVOQ%2BxOH6U4i9oX0YrZ0c7aRtrlj7Jw37Thg0Sg%2FJzDUnPtsiBpbO%2BZwM681kGjItlqpmyQRcK1uSMMu0tMl1%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 8346c1639f268ff8-FRA
expires: Sun, 31 Dec 2023 08:10:42 GMT

GET
H3 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ Frame 1402 50 KB
50 KB 54ms
53ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,400i,700,700i|Roboto:400,500,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sport.video
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 07:29:10 GMT
x-content-type-options: nosniff
age: 285421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51404
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 07:29:10 GMT

GET
H2 200 icomoon-sportvideo.46f63353.woff2
sport.video/static/dist/fonts/ Frame 1402 29 KB
29 KB 46ms
45ms Font
font/woff2 2606:4700:20::ac43:4789
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sport.video/static/dist/fonts/icomoon-sportvideo.46f63353.woff2
Requested by: Host: sport.video
URL: https://sport.video/static/dist/css/app.7bc70055.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4789 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d54303a82919f59760f3423b0f7dfc8b661fcab1600b5434f270fb6ffc856936

Request headers

Referer: https://sport.video/static/dist/css/app.7bc70055.css
Origin: https://sport.video
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:46:11 GMT
cf-cache-status: EXPIRED
last-modified: Thu, 30 Nov 2023 12:52:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65688586-7244"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQSEbPawFKSvPrpJJZVkitpi6%2FKw2QxhauERLHyfi10q5iUeE24HjGxEiGfnZ8GUu2nZ04nFnJ%2B6li7AQkiopkP8OkaEKd1XYbanuUdqvY%2BJT4CE76nCZtvczDP4XmqFGKyv%2B%2FNkQWlO"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=2592000, public, s-maxage=10
accept-ranges: bytes
cf-ray: 8346c1639f298ff8-FRA
content-length: 29252
expires: Thu, 11 Jan 2024 14:46:11 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1402 15 KB
16 KB 64ms
63ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,400i,700,700i|Roboto:400,500,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sport.video
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 338810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 16:39:21 GMT

GET
H2 200 fa-regular-400.8d9ab84b.woff2
sport.video/static/dist/fonts/ Frame 1402 15 KB
15 KB 48ms
47ms Font
font/woff2 2606:4700:20::ac43:4789
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sport.video/static/dist/fonts/fa-regular-400.8d9ab84b.woff2
Requested by: Host: sport.video
URL: https://sport.video/static/dist/css/app.7bc70055.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4789 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ecd9f5bb492be71e3aacc8ca4f170c8f9890242a25e2c6ec9a42f13561b028f

Request headers

Referer: https://sport.video/static/dist/css/app.7bc70055.css
Origin: https://sport.video
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:46:11 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 30 Nov 2023 12:52:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "656885a6-3a28"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G9qXHyS0bP%2B93%2Bn6ReJcdzLo%2FHOOKD8AdTu0DbdJZdDzDobicVXeQ7oJwQ%2Bwo3uI0XAV4JpymSGyPek7UHLJFMZuN8VqzD5PQCYSwOQwxXvWNTqo0N7z7MKaHPtT1xdrgA3aIDXRJVLx"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=2592000, public, s-maxage=10
accept-ranges: bytes
cf-ray: 8346c1639f2b8ff8-FRA
content-length: 14888
expires: Thu, 11 Jan 2024 14:46:11 GMT

GET
H2 200 fa-solid-900.b75b4bfe.woff2
sport.video/static/dist/fonts/ Frame 1402 61 KB
61 KB 41ms
41ms Font
font/woff2 2606:4700:20::ac43:4789
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sport.video/static/dist/fonts/fa-solid-900.b75b4bfe.woff2
Requested by: Host: sport.video
URL: https://sport.video/static/dist/css/app.7bc70055.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4789 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f

Request headers

Referer: https://sport.video/static/dist/css/app.7bc70055.css
Origin: https://sport.video
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:46:11 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 30 Nov 2023 12:52:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65688586-f408"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eEGie4t7QilHnnSYsNWFXWNfYuUZZUVkM00lqDEcZnrnozwLy6q%2BOCWAg9Pl4rDGRNiCAxEf4mVCGkuol%2BA04FhyGSYBPbmn6OMhYSOMHTCFWMogbAhte14HxJc1C4EkqhjU%2BRflznk%2B"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=2592000, public, s-maxage=10
accept-ranges: bytes
cf-ray: 8346c1639f2d8ff8-FRA
content-length: 62472
expires: Thu, 11 Jan 2024 14:46:11 GMT

GET
H2 200 ukraine.png
sport.video/media/club_logos/ Frame 1402 289 B
643 B 42ms
41ms Image
image/png 2606:4700:20::ac43:4789
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sport.video/media/club_logos/ukraine.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4789 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8851deca96d31533f1e3fcd60431d19fee380e49d0033532f9a338eedf4a6e9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sport.video/embed-game/ukraine-vs-romania-904012484/ff223f7b-1e51-4032-ae33-17043259e01c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:46:11 GMT
cf-cache-status: MISS
last-modified: Tue, 21 May 2019 11:43:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5ce3e45c-121"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ztmZLbdNzvv%2Bhxk1XWmCIJBUx%2BD%2Bq2bqHplRruYzpR1%2BIwm8A0JyR3s3Z6eVlwcKcGs4hvKnZdfluPMuwkcjSho4xr9uZlrKrUZVkB1SBI5lO7qitWqs2WkRkshFCZ4j4hLEFFjnxY2m"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000, public, s-maxage=10
accept-ranges: bytes
cf-ray: 8346c163df618ff8-FRA
content-length: 289
expires: Thu, 11 Jan 2024 14:46:11 GMT

GET
H2 200 Romania.png
sport.video/media/club_logos/ Frame 1402 276 B
687 B 55ms
54ms Image
image/png 2606:4700:20::ac43:4789
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sport.video/media/club_logos/Romania.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4789 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c7d9ed42f8f8168255faee1d5e83cae6c9d36c5bd8c44e0e2e1dfa584b58f4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sport.video/embed-game/ukraine-vs-romania-904012484/ff223f7b-1e51-4032-ae33-17043259e01c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:46:11 GMT
cf-cache-status: MISS
last-modified: Tue, 21 May 2019 20:35:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5ce46108-114"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2FFXyHjvE8z7pzL5AS4NmlYC2xOH1BnM9TQnXrUBS79kO%2FGiU3RzvsiyKvEgQzXtSdCyMuxfdbFgWVV8R%2BfzhjWVVWhKfK87r78qszLiIYZmI3r0xNwPE3BHX6nvRIoZFCndG%2Bcxzhdf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000, public, s-maxage=10
accept-ranges: bytes
cf-ray: 8346c163df658ff8-FRA
content-length: 276
expires: Thu, 11 Jan 2024 14:46:11 GMT

GET
H3 200 bridge3.608.2_en.html Show response
imasdk.googleapis.com/js/core/ Frame 2564 750 KB
240 KB 51ms
51ms Document
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cb453452cb7f5355d1d91b93b3305ab04e5d25a8fc005aeb0031c22ad75e283

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 394689
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 245949
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 01:08:02 GMT
expires: Sat, 07 Dec 2024 01:08:02 GMT
last-modified: Wed, 06 Dec 2023 01:36:01 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 1402 44 KB
17 KB 237ms
121ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Dec 2023 14:46:12 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9B81 40 KB
14 KB 167ms
53ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 13:50:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 12 Dec 2023 14:50:34 GMT

GET
H2 206 ff223f7b-1e51-4032-ae33-17043259e01c.mp4
video.sportvideos365.com/minifootball-federation-ukraine/ Frame 1402 5 MB
5 MB 1125ms
729ms Media
video/mp4 2606:4700:3038::6815:eb22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sportvideos365.com/minifootball-federation-ukraine/ff223f7b-1e51-4032-ae33-17043259e01c.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 243d1027ea9f1e23b99e895187236ce9f1f90d2948a669cb6d71a77f5fd82ea1

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 12 Dec 2023 14:46:12 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status: HIT
x-amz-storage-class: INTELLIGENT_TIERING
Content-Range: bytes 0-4815989/4815990
alt-svc: h3=":443"; ma=86400
Content-Length: 4815990
last-modified: Sun, 26 May 2019 12:54:24 GMT
server: cloudflare
etag: "e342a2a6f59dd2ebdb30e29156c410f6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RPJtzulmD1r5RmoN4fc%2FoRfXWiZpKuvh%2BtOUrc96HxSV%2B2Ws2eqMhQJnj1Y0s%2FvPJcbQrw2A0odnycpnEcTm4LxloLBAbTdB9hutWQCci1gOMLQ3vdhC%2B2jj7os7BJ2awHT71AF089pxp%2FKfXvsmIadZSXC2W74%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
cache-control: max-age=31536000
cf-ray: 8346c166cbb839b8-IAD
expires: Wed, 11 Dec 2024 14:46:12 GMT

GET
DATA 200
OK truncated
/ Frame 1402 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin: https://sport.video
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 MaterialIcons-Regular.570eb838.woff2
sport.video/static/dist/fonts/ Frame 1402 43 KB
44 KB 49ms
49ms Font
font/woff2 2606:4700:20::ac43:4789
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sport.video/static/dist/fonts/MaterialIcons-Regular.570eb838.woff2
Requested by: Host: sport.video
URL: https://sport.video/static/dist/css/app.7bc70055.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4789 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726

Request headers

Referer: https://sport.video/static/dist/css/app.7bc70055.css
Origin: https://sport.video
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:46:11 GMT
cf-cache-status: EXPIRED
last-modified: Thu, 30 Nov 2023 12:52:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "656885a6-ad0c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y2vHJ4Mx1AZU3jNVICpOpc72CCKLPLiO7XKGaPyO3a1u6ijyuYxZdDwoQi5cADjUXPiLs9xGt6avRJaUII2lE5zgRh105MZeeWM5t6K31hW3yG5civmPfcPeKdITwcwBQ9Bu31wLmF%2FR"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=2592000, public, s-maxage=10
accept-ranges: bytes
cf-ray: 8346c1640fa08ff8-FRA
content-length: 44300
expires: Thu, 11 Jan 2024 14:46:11 GMT

Verdicts & Comments Add Verdict or Comment

222 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fmfu.org/	1970-01-20 19:02:48	Name: _fbp Value: fb.1.1702392370029.532075475
.fmfu.org/	1969-12-31 23:59:59	Name: _rsportz-a-new-hope_session Value: VC9EYXo1Njk2MzRXYnQrTFY2T2xoSXRIZzhybFh1Q3doODFlT1l2WG9TUjh3MVVEVDd4ZlIwdGI1VG84MWZZdTRUb2d6Tng4TTF4bUl0WHQyWmJnTW1IbGg3S2l5Y1k0Qk52MUVwRkdoTjYya3Bia085TjNWN2t6T1FiNXdIYVRLbTE0MTZWRmExTGhxMENnMkgzejJ5aEdFYURtcUJVMGZHdVdOZFJMWlkvWnBxUW9XbThnRnp5N0ZzWFhCbHluSi9tR0JCL1E0RmtHMGkzeXE0SUdOc3NHTHE0WDV0RGJMcTRzWnYrY0pPWWtuRzlERjJYaGtOYVpBOXBVQU13bjZ2czhuU3BXTlZvRWl3T3owVHBQUDBGZ0N2SUl3RnN2TjVKaEFMZnhIdXhEOTNvSjBheXJkNFdGeXQzS1hvNUFGZkp3N3VwcktsYi9NMTVncXJkblFVRjJ2cWNGL21SaGF6TjZpSklSdnNxU29FWWdZQkJJdlpLU1drZ3MwREM1QlZ4RGlFdjlpbFo2ZmRqbU03VTd1UT09LS1wc3ZJa1IzTm15b0Q5WmkxZ2ZPa0xnPT0%3D--4c146517e499ee66a6abecbcece5125076a1470b
.doubleclick.net/	1970-01-20 16:53:13	Name: test_cookie Value: CheckForPermission
.fmfu.org/	1970-01-21 02:29:12	Name: _ga_G6R3H6YCR9 Value: GS1.1.1702392370.1.0.1702392370.0.0.0
.fmfu.org/	1970-01-21 02:29:12	Name: _ga Value: GA1.1.965322388.1702392370
.sport.video/	1970-01-21 01:38:48	Name: _hjSessionUser_1285856 Value: eyJpZCI6IjQ2OTM4OThjLTRhMjItNTM0Yi1hZTFkLTUxYjE0ZGMzYjRhMSIsImNyZWF0ZWQiOjE3MDIzOTIzNzA5MDEsImV4aXN0aW5nIjpmYWxzZX0=
.sport.video/	1970-01-20 16:53:14	Name: _hjFirstSeen Value: 1
.sport.video/	1970-01-20 16:53:14	Name: _hjIncludedInSessionSample_1285856 Value: 0
.sport.video/	1970-01-20 16:53:14	Name: _hjSession_1285856 Value: eyJpZCI6IjFjZTk4ZTRhLWYwYzctNGFhNy1iZTllLWY4NWQxNWE2ZmQ1NyIsImNyZWF0ZWQiOjE3MDIzOTIzNzA5MDEsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6dHJ1ZX0=
.sport.video/	1970-01-20 16:53:14	Name: _hjAbsoluteSessionInProgress Value: 0
.hubspot.com/	1970-01-20 16:53:14	Name: __cf_bm Value: jOgrorvsokWO8SFyYJD_EG_HkpSosPHTPMPkS6wNUG8-1702392371-1-ARhpjoS1hHLU0YjdAMr7uhH02iUhUstqPK2CLvXfKVbh4rKg0JCoyg+8jNunET8Tajt17OottV+WItfxbm4kglE=
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: cNOSeAOEn6z8z7tb2nA3ENx20K5dr12GSgpRj6yx3n4-1702392371449-0-604800000

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://kit.fontawesome.com/a076d05399.js Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: http://static.liqpay.ua/libjs/checkout.js Message: Allow attribute will take precedence over 'allowpaymentrequest'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.polyfill.io
clients1.google.com
connect.facebook.net
cse.google.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imasdk.googleapis.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
kit.fontawesome.com
luca-asia.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
picua.org
platform.twitter.com
ppcalc.privatbank.ua
region1.google-analytics.com
rsportz.com
s0.2mdn.net
s3.amazonaws.com
script.hotjar.com
sport.video
stackpath.bootstrapcdn.com
static.hotjar.com
static.liqpay.ua
syndication.twitter.com
track.hubspot.com
video.sportvideos365.com
www.facebook.com
www.fmfu.org
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.liqpay.ua
www.recaptcha.net
104.244.42.200
108.156.2.20
13.32.121.31
13.32.121.62
16.182.96.8
18.66.97.49
2001:4860:4802:34::36
216.58.206.34
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::681a:8f0
2606:4700:20::ac43:4789
2606:4700:3038::6815:eb22
2606:4700:4400::6812:22e5
2606:4700:4400::ac40:93bc
2606:4700::6810:50ba
2606:4700::6810:bd59
2606:4700::6812:bcf
2606:4700::6813:9b53
2a00:1450:4001:803::2003
2a00:1450:4001:806::2002
2a00:1450:4001:808::2006
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2003
2a00:1450:4001:812::2003
2a00:1450:4001:812::200e
2a00:1450:4001:827::200e
2a00:1450:4001:828::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42::282
3.33.193.16
75.2.86.201
92.205.88.213
99.80.159.202
021b0e32128b6f45758afa70955c4105f103cb5c6bc3b06065ef0f312e48aa94
0257bf34c57cc8c15e49150d34ae29daa4bb2599eaea09665d393ad9c07bf6b1
037fe41a1e5010d3606a04609554f6711734dd91ef1a0acb5bd92141e2e5275d
080b53cfe93346432e962a67712bcba0c54d83e98e921574700084227cd37cb4
0e25908553614eb28deac58b782f209534da7b8d74fc65217e1eb6d2d8bc002d
0ecd9f5bb492be71e3aacc8ca4f170c8f9890242a25e2c6ec9a42f13561b028f
1196eded1521d7cca105b5bbe34cc00b87b38346e3aa6220fb750e6ecc619d25
122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e
12f0c7dba1f5ea3baa784019e07b09b83f5aa686746fc5d6355c5282befbcd37
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
17cd961fa0198c5a1016826fdc1fc5e2aaf53ebbe6fd6c66ddbc7cfb539c330b
2074b871b5a0cf7a87e49f1e4af7080145ebebf4e674ffda31643747d223cb30
243d1027ea9f1e23b99e895187236ce9f1f90d2948a669cb6d71a77f5fd82ea1
2a512c4bef9d261e63d11a5bac4bab003495547aca6d807d165ec41f51548a94
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
30a6b72ed3826451d49419a263092579df6b5e8929449a1eae79cd4e67353572
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
3516db9828f5721d8e2c19984c02a7366f6303ee8e4d5d232a7a89186e73ff59
37984708e526e856a5e83940f4434fdf1d903b4e749377a855e7208f97528936
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
436a47ff66d5d3a90c3ec0cee719ecadf3358d40aecb5d8914cb2b10d40baf29
448ef0632211ba18d7c1557a6d22250820ac3b4465ba2e73b7137f4dc4a31a12
452a5f58a07e278c736f43d57668769c2b4f87e21f1b6845161d671b2eb47ffd
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
4aa852b36c64f6780d195663a1562d56fceecc4b7cbfd464ebcc2d2647b29864
4e0d02c04fe3bb456ed7318a162a6248bd481b6f8e955fecda064d7c0ad3d792
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
5255a46d5e25c25eb2c18cb3159654dbe7c9e0c59e1574f8a6c229d4a9499cdf
59f2939d3343ece8aaad6c2c4a399ae28921fa844b9f9add5dde17c87599df82
5ae01f8f43fe49a67b0c07b286b464413510b68cccd86d5cc73dd8bf397c2b1b
5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f
5c94b86e1a9f98bed26116bdc4a06a58548a133311a87edc968cfe17ae127d8b
5cb453452cb7f5355d1d91b93b3305ab04e5d25a8fc005aeb0031c22ad75e283
61f631c90fc08c6305c0f6a6a881017b1d4fa87f40dcc43a97fbbd42e13cb2b5
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
63b5e197fdd9d1746408a5af0ab1bacf1c63375c8070d4b72d8f1a7cd455cc54
68483d5be68c4a5206271716c3e6986f617f51ecebd334ee8732e4eafdad44b1
69bbd4ae26885bc66aa7338142c3be8b57175d8dfdaae1e370061e41288c3682
6ada98a3a91822b5e0f1a0523c302abcb41a512142e6cf92f61e598db9095961
6c88237d2e57c3236880af4e946dbe5dab972d1420ed9b1136b348540fa4e6fd
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
70c769ceeabaa1caf851c29d5f6018eab003646a7676cafc237e33265ee32cc3
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
746dc44a8ba8a1283a1bd78aace6759f43d765b8c8ac7030a550dee750921513
756cca29e306e66f94e7b705c45bb0bc0315d7e745c159971cbecc65e62e7d3f
774fe339579ce96175d949337d33a2751f75f1b7ba5e1e85ce86d7aee0f8a652
7c7d9ed42f8f8168255faee1d5e83cae6c9d36c5bd8c44e0e2e1dfa584b58f4f
7f5174192fe5fbf3ea9107e55f30ee33830cb94ab9519a5755d5b45af2befc1b
8851deca96d31533f1e3fcd60431d19fee380e49d0033532f9a338eedf4a6e9b
8989b2225575c9729a39174fbafc4046533256260726bc07a890328acbcc9aeb
8f60980bbf3cf6ed5e453168d96f5a57502867990de779bddf251810fb447cc2
93c9b0c2e8b47042c9f1cff90e635f3fe72d3a0384ea73b0a122dd28dd33316d
9514372ab8ac313ea8019966fdcfe91b201c3aa69f92de8346ab34af461bbad2
97c5d9b4c0b1ba551303ea93f021e1132c602bcdb7367c270d083b4240fea8d7
97d06bd7b958f09ace94a6d29cafd5aae171dfd97fc384a2164936fc80cae48c
99f96f2824786dfc51cb1f254e0b5016f15e357bafec5b5277266648d54de113
9cb0f463f19758437948bdeafd5559f116fd214dc058534e18831475361eb4ca
9cc14a0b9e4a87c109776687bf877909545e03462c9d251b3ee262b334fec8e1
a1e03616bedff4880648617046129208a25f4627f1d925ae028852f8966570c1
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
a829d62a78ed8a7401e258cdd22a29db836e109b478833c8c4bf833805e890b5
a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b13d4ba577f8a1e50ca84576732bd47c5608583931791b476d06bf7bed513585
b1402bc42ab1bd301e1c2ee849b9a42cf99b85f23bde6552ae67d5c3294f330f
b69184be212bad696ea45206e86fa3927e1a9ee89a32d619321dedbdcca7880b
b746c8cbf21a12e8b97e410c587d4a4f8737bfaade75add50a7201b5f6e1b071
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bda9ec230e9fd779256cde4a4b7687c6fbfab102624bed226faca3e27d255716
c9211b98042b17907d74bb76aa84613fe8d9dec0208003af8082899a662a00c4
ca26c6bf33f01ca401433609036c408087e7a67ae5cdb6f60603850e41305350
cf6a7b907df6ae05528faa73129cc73cd039d8ed6e08db3d40f94a3fc7a57a86
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d17552a2dd58d4da4549092664fae6ac8c8f715282d9a3af826caa2a8ebedfd1
d4615c0510337a49be29bb6e897b10478c2e2cec142aefaa401e78aa69dc554b
d54303a82919f59760f3423b0f7dfc8b661fcab1600b5434f270fb6ffc856936
d7f2d0a47fdf905825cc214c922e4996950aaed9d5f9b5653e75d6aea66f09c0
d8c3ac3d285f3208da1ecf9d526cf4fd9c38e5ca66a5f721b0d363557aa21b7e
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc951d5d6ba7d78f8bfecc57e1d56d984b5663ad0baab32a9e0a1631a991de78
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
dd7ef3d24149a66c59a60d1c152191f352a5632c3ce0960fd949d0cb12f0ea0f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e10526306fa90999a7f3ff310b8d9126588d9a1b9f11fca77dc2aa069145eaaa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e4b292b01c63b6330f938b78f2ce00947b1ed0708030a843fd89c639b344a4
e5ef063f6733681e8b902f775c02455c69d9086725889adb70549fa2ed8696e8
e754f4eac3e664c0adfaf003ec7b4856a19ab809a673c791eee522e2aecedaea
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e7fdb5360d6ed3288ce0dbbf9af793faa9a18a46510271939959fbfc860f4f44
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3c45956f268b43907b8bab881160afc735d427a35e43d355cc360394bc72972
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8cfc8ca6ea9a8dd8fee4f7842d9eba2d6984709ad1e51327eae1247d275dbab
fa04db3d753c82305707002601525a39396c652d40abb527c975c5b2cb32e4b8

www.fmfu.org Open in urlscan Pro 99.80.159.202 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

117 Requests

88 %HTTPS

71 %IPv6

31 Domains

40 Subdomains

38 IPs

4 Countries

25390 kBTransfer

36471 kBSize

12 Cookies

7 Outgoing links

Redirected requests

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.fmfu.org Open in urlscan Pro
99.80.159.202 Public Scan

Screenshot
Live screenshot

Full Image

117
Requests

88 %
HTTPS

71 %
IPv6

31
Domains

40
Subdomains

38
IPs

4
Countries

25390 kB
Transfer

36471 kB
Size

12
Cookies

117 HTTP transactions
2 data transactions