capital-one-march-madness-2024.prod.fooji.com Open in urlscan Pro
2600:9000:237d:ba00:1d:c286:3240:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://capital-one-march-madness-2024.prod.fooji.com/
Effective URL:
https://capital-one-march-madness-2024.prod.fooji.com/
Submission: On March 26 via api (March 26th 2024, 1:13:13 am UTC) from US — Scanned from DE

Summary HTTP 41 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 9 domains to perform 41 HTTP transactions. The main IP is 2600:9000:237d:ba00:1d:c286:3240:93a1, located in United States and belongs to AMAZON-02, US. The main domain is capital-one-march-madness-2024.prod.fooji.com. The Cisco Umbrella rank of the primary domain is 746734.
TLS certificate: Issued by Amazon RSA 2048 M02 on July 19th 2023. Valid for: a year.

This is the only time capital-one-march-madness-2024.prod.fooji.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2600:9000:237... 2600:9000:237d:ba00:1d:c286:3240:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	192.229.133.221 192.229.133.221	15133 (EDGECAST) (EDGECAST)
2	2606:4700:e6:... 2606:4700:e6::ac40:cf26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
8	3.142.105.128 3.142.105.128	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	172.217.16.138 172.217.16.138	15169 (GOOGLE) (GOOGLE)
2	2600:9000:237... 2600:9000:237d:ea00:1a:eb80:1680:93a1	16509 (AMAZON-02) (AMAZON-02)
41	12

16 2600:9000:237d:ba00:1d:c286:3240:93a1 (United States)

ASN16509 (AMAZON-02, US)

capital-one-march-madness-2024.prod.fooji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.133.221 (United States)

ASN15133 (EDGECAST, US)

www.w3schools.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e6::ac40:cf26 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.142.105.128 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-142-105-128.us-east-2.compute.amazonaws.com

front-end-api.prod.fooji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.138 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f138.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:237d:ea00:1a:eb80:1680:93a1 (United States)

ASN16509 (AMAZON-02, US)

auth-api.prod.fooji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	fooji.com capital-one-march-madness-2024.prod.fooji.com — Cisco Umbrella Rank: 746734 front-end-api.prod.fooji.com — Cisco Umbrella Rank: 824606 auth-api.prod.fooji.com	2 MB
4	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 666	187 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1803	328 B
2	bugsnag.com sessions.bugsnag.com — Cisco Umbrella Rank: 1144	131 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 108	165 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1746	8 KB
1	gstatic.com www.gstatic.com	199 KB
1	w3schools.com www.w3schools.com — Cisco Umbrella Rank: 33949	5 KB
1	google.com www.google.com — Cisco Umbrella Rank: 5	1 KB
41	9

	Domain	Requested by
16	capital-one-march-madness-2024.prod.fooji.com	capital-one-march-madness-2024.prod.fooji.com
8	front-end-api.prod.fooji.com	capital-one-march-madness-2024.prod.fooji.com
4	maps.googleapis.com	capital-one-march-madness-2024.prod.fooji.com maps.googleapis.com
2	auth-api.prod.fooji.com	capital-one-march-madness-2024.prod.fooji.com
2	region1.google-analytics.com	www.googletagmanager.com
2	sessions.bugsnag.com	capital-one-march-madness-2024.prod.fooji.com
2	www.googletagmanager.com	capital-one-march-madness-2024.prod.fooji.com www.googletagmanager.com
2	use.fontawesome.com	capital-one-march-madness-2024.prod.fooji.com use.fontawesome.com
1	www.gstatic.com	www.google.com
1	www.w3schools.com	capital-one-march-madness-2024.prod.fooji.com
1	www.google.com	capital-one-march-madness-2024.prod.fooji.com
41	11

This site contains links to these domains. Also see Links.

Domain
fooji.com
fooji.info
images.prod.fooji.com
3719b8e5-bbb2-48ec-b39b-d4eb747db867.prod12-care.sprinklr.com

Subject Issuer	Validity	Valid
prod.fooji.com Amazon RSA 2048 M02	`2023-07-19` - `2024-08-17`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.w3schools.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-04`	a year	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.bugsnag.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-20` - `2025-04-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://capital-one-march-madness-2024.prod.fooji.com/
Frame ID: F7CF32FB63F836CF714EC1BC5B970275
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Participate in the Capital One - March Madness 2024 campaign from Capital One, powered by Fooji

Page URL History Show full URLs

http://capital-one-march-madness-2024.prod.fooji.com/ HTTP 307
https://capital-one-march-madness-2024.prod.fooji.com/ Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

41
Requests

100 %
HTTPS

75 %
IPv6

9
Domains

11
Subdomains

12
IPs

2
Countries

2939 kB
Transfer

4070 kB
Size

3
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://fooji.com/company/cookies-policy
Title: Cookies Notice

Search URL Search Domain Scan URL

URL: https://fooji.info/CapitalOneMarchMadness24Rules
Title: https://fooji.info/CapitalOneMarchMadness24Rules

Search URL Search Domain Scan URL

URL: https://images.prod.fooji.com/original/organizations/129/campaigns/2287/published/click_here_for_promotional_rules-e4d2bf0.pdf
Title: official rules

Search URL Search Domain Scan URL

URL: https://fooji.com/company/terms-of-service
Title: terms

Search URL Search Domain Scan URL

URL: https://fooji.com/company/privacy-policy
Title: privacy

Search URL Search Domain Scan URL

URL: https://3719b8e5-bbb2-48ec-b39b-d4eb747db867.prod12-care.sprinklr.com/
Title: need help?

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://capital-one-march-madness-2024.prod.fooji.com/ HTTP 307
https://capital-one-march-madness-2024.prod.fooji.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
capital-one-march-madness-2024.prod.fooji.com/
Redirect Chain

http://capital-one-march-madness-2024.prod.fooji.com/
https://capital-one-march-madness-2024.prod.fooji.com/

4 KB
5 KB

725ms
626ms

Document
text/html

2600:9000:237d:ba00:1d:c286:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://capital-one-march-madness-2024.prod.fooji.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:237d:ba00:1d:c286:3240:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b9c848ee6cecf113f4e9ff0f14903c2bd4502b7049a05c989ec263920dd6417c

Security Headers

Name	Value
Content-Security-Policy	default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:;img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:;style-src 'unsafe-inline' https:; frame-ancestors dash.prod.fooji.com
Strict-Transport-Security	maxAge: 5184000; includeSubDomains: true; force: true
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 4248
content-security-policy: default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:;img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:;style-src 'unsafe-inline' https:; frame-ancestors dash.prod.fooji.com
content-type: text/html
date: Tue, 26 Mar 2024 01:13:07 GMT
etag: "628fa42d91a83079792e301a9b7c1bc1"
last-modified: Tue, 19 Mar 2024 18:02:06 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: maxAge: 5184000; includeSubDomains: true; force: true
via: 1.1 ef6c1b0d6b04f2b7f81eb00fa448b890.cloudfront.net (CloudFront)
x-amz-cf-id: mkbvYv7FTVgpQ9nG_P_JWdX4wSBU8FXMyMe6h1oUDQ-LXRB_b6J0Fg==
x-amz-cf-pop: MUC50-P2
x-amz-id-2: BYrPX6pxFbBkVuZ5z3dhXGAJA4Mn9lGr25cIhZxN2JRWwL+xBXHY7ysGXLIiOWDDF0rhObXMGE8vHCJ1r2O5WA==
x-amz-request-id: T53HQSZ4T53HP14P
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Location: https://capital-one-march-madness-2024.prod.fooji.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 81ms
31ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?onload=recaptchaOnLoadCallback&render=explicit

Requested by

Host: capital-one-march-madness-2024.prod.fooji.com
URL: https://capital-one-march-madness-2024.prod.fooji.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

782c8afb6e5b7da2d577f9c2181405e98a765d3668cfba671e6731848bc6ac1f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://capital-one-march-madness-2024.prod.fooji.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 01:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 26 Mar 2024 01:13:07 GMT

GET
H2 200 w3.css
www.w3schools.com/w3css/4/ 23 KB
5 KB 99ms
20ms Stylesheet
text/css 192.229.133.221
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.w3schools.com/w3css/4/w3.css

Requested by

Host: capital-one-march-madness-2024.prod.fooji.com
URL: https://capital-one-march-madness-2024.prod.fooji.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.133.221 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6796) / ASP.NET

Resource Hash

c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://mycourses.w3schools.com;
X-Content-Security-Policy	frame-ancestors 'self' https://mycourses.w3schools.com;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://capital-one-march-madness-2024.prod.fooji.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
content-encoding: gzip
date: Tue, 26 Mar 2024 01:13:07 GMT
last-modified: Mon, 25 Mar 2024 10:03:00 GMT
server: ECS (frb/6796)
age: 6929
etag: "0a2329e9b7eda1:0+gzip"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: public,max-age=14400,public
accept-ranges: bytes
content-length: 5256
x-content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;

GET
H2 200 8738594ce5.css
use.fontawesome.com/ 1 KB
869 B 103ms
37ms Stylesheet
text/css 2606:4700:e6::ac40:cf26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/8738594ce5.css
Requested by: Host: capital-one-march-madness-2024.prod.fooji.com
URL: https://capital-one-march-madness-2024.prod.fooji.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7908ab6e2cbbd15085f3d0f8c18794e9336e35c82d4e8d7f1f4dfa5fe988d2d1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://capital-one-march-madness-2024.prod.fooji.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 01:13:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:00:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5845
etag: W/"5dc00ecc8423d47342d9113428e01a73"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OcbzM1zQdlOEnoYlmtvav%2FRMPJ7bKluawNAIDEba4ZLhlI1QAe4ocpl9YUfqZ0W5zPDlifkMcqk4QFz7uxdf16%2BhVhLZdRI3b5uKh4RfuzgHKWcQtdatnHSP69J4qST5mnO%2F8UkEzOrTRs6nj0dEYs8J"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 86a346bbcf4e0e08-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 mobile-8e33fcf6.css
capital-one-march-madness-2024.prod.fooji.com/style/ 77 KB
78 KB 478ms
477ms Stylesheet
text/css 2600:9000:237d:ba00:1d:c286:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://capital-one-march-madness-2024.prod.fooji.com/style/mobile-8e33fcf6.css

Requested by

Host: capital-one-march-madness-2024.prod.fooji.com
URL: https://capital-one-march-madness-2024.prod.fooji.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:237d:ba00:1d:c286:3240:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

344f23eabc12aa90de531dcf81849a3df2a2711cccf3ab69d0836fd44719f168

Security Headers

Name	Value
Content-Security-Policy	default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:;img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:;style-src 'unsafe-inline' https:; frame-ancestors dash.prod.fooji.com
Strict-Transport-Security	maxAge: 5184000; includeSubDomains: true; force: true
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://capital-one-march-madness-2024.prod.fooji.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 01:13:08 GMT
strict-transport-security: maxAge: 5184000; includeSubDomains: true; force: true
x-content-type-options: nosniff
content-security-policy: default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:;img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:;style-src 'unsafe-inline' https:; frame-ancestors dash.prod.fooji.com
via: 1.1 ef6c1b0d6b04f2b7f81eb00fa448b890.cloudfront.net (CloudFront)
x-amz-request-id: KMX22QH26X7MNPSW
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 78557
x-amz-id-2: 7mqVDoYrNLuQ8bFn4M4q439HWWRuH6dhJNsXctpgSuoFWQPkB/Dh3OADbsoLCW9fI2/mZ7SttYo=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 18:01:59 GMT
server: AmazonS3
etag: "2e0e6f0886a9e1f9884e9a0ee7540050"
content-type: text/css
accept-ranges: bytes
x-amz-cf-id: 605YB7S7lwADgmzXQdK_y_sD69nviGfsjwvccEBPFUNWx91r_pHMRw==

GET
H2 200 desktop-efda87b8.css
capital-one-march-madness-2024.prod.fooji.com/style/ 31 KB
32 KB 514ms
514ms Stylesheet
text/css 2600:9000:237d:ba00:1d:c286:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://capital-one-march-madness-2024.prod.fooji.com/style/desktop-efda87b8.css

Requested by

Host: capital-one-march-madness-2024.prod.fooji.com
URL: https://capital-one-march-madness-2024.prod.fooji.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:237d:ba00:1d:c286:3240:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

05f3754835ca997193932b168da3645108a9e7b31622a234431a1465a0b5a28b

Security Headers

Name	Value
Content-Security-Policy	default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:;img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:;style-src 'unsafe-inline' https:; frame-ancestors dash.prod.fooji.com
Strict-Transport-Security	maxAge: 5184000; includeSubDomains: true; force: true
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://capital-one-march-madness-2024.prod.fooji.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 01:13:08 GMT
strict-transport-security: maxAge: 5184000; includeSubDomains: true; force: true
x-content-type-options: nosniff
content-security-policy: default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:;img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:;style-src 'unsafe-inline' https:; frame-ancestors dash.prod.fooji.com
via: 1.1 ef6c1b0d6b04f2b7f81eb00fa448b890.cloudfront.net (CloudFront)
x-amz-request-id: KMX6487CG7ZCPEVH
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 32141
x-amz-id-2: sExzMQx40TwWaxXC8/1P03hDZcgwqOdwDxWTWMcQSQdWSXSKCPFZT/lqakJYny2aZ4ngreP1LYI=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 18:01:59 GMT
server: AmazonS3
etag: "ea7aca9b3f70b0ffeea166028b241eae"
content-type: text/css
accept-ranges: bytes
x-amz-cf-id: it_M6t5eBtucjvnX-NjfRy5pLB5BOV3zIFamIKJJOq71YwtDIESkcw==

GET
H2 200 fooji.capital-one-march-madness-2024-06257247.js Show response
capital-one-march-madness-2024.prod.fooji.com/js/ 2 MB
2 MB 531ms
530ms Script
application/javascript 2600:9000:237d:ba00:1d:c286:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://capital-one-march-madness-2024.prod.fooji.com/js/fooji.capital-one-march-madness-2024-06257247.js

Requested by

Host: capital-one-march-madness-2024.prod.fooji.com
URL: https://capital-one-march-madness-2024.prod.fooji.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:237d:ba00:1d:c286:3240:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c7b54fd177b47a30c964423b2d08ef14e409ee62c38352181bbb6d73f14df875

Security Headers

Name	Value
Content-Security-Policy	default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:;img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:;style-src 'unsafe-inline' https:; frame-ancestors dash.prod.fooji.com
Strict-Transport-Security	maxAge: 5184000; includeSubDomains: true; force: true
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://capital-one-march-madness-2024.prod.fooji.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 01:13:08 GMT
strict-transport-security: maxAge: 5184000; includeSubDomains: true; force: true
x-content-type-options: nosniff
content-security-policy: default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:;img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:;style-src 'unsafe-inline' https:; frame-ancestors dash.prod.fooji.com
via: 1.1 ef6c1b0d6b04f2b7f81eb00fa448b890.cloudfront.net (CloudFront)
x-amz-request-id: KMX2WEZJRV1FCD7Q
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 2054286
x-amz-id-2: LtD3cPAYgnn3ZLjDKX+2vmRc5MObqYl0NMDeeV4lIxYIqwvboa3uJ3I8eD+0el913Z6IDON+DYk=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 18:01:54 GMT
server: AmazonS3
etag: "c4425f55e605857de92c836d03734314"
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: MJWD8D6YamAmpMeqqUv37XIzFggttCabBL19sNvL7Blrk6oxYEpeQg==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ 499 KB
199 KB 64ms
19ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?onload=recaptchaOnLoadCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

554fdc93109beed0802d148bc60f1b16fe7d8caf68ef4ecb95b562463b7844c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://capital-one-march-madness-2024.prod.fooji.com/
Origin: https://capital-one-march-madness-2024.prod.fooji.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 24 Mar 2024 17:51:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112871
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 203033
x-xss-protection: 0
last-modified: Tue, 19 Mar 2024 18:14:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 24 Mar 2025 17:51:56 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 197 KB
70 KB 86ms
38ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MFMS4FR

Requested by

Host: capital-one-march-madness-2024.prod.fooji.com
URL: https://capital-one-march-madness-2024.prod.fooji.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3d5bde7896477d3003cce0380749d3f15038d26ab9bb40d31139943cccaa7ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://capital-one-march-madness-2024.prod.fooji.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 01:13:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71041
x-xss-protection: 0
last-modified: Tue, 26 Mar 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 26 Mar 2024 01:13:07 GMT

GET
H2 200 font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 30 KB
7 KB 35ms
35ms Stylesheet
text/css 2606:4700:e6::ac40:cf26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/8738594ce5.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://use.fontawesome.com/8738594ce5.css
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 01:13:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1067427
etag: W/"36082410df2ef7f83932219089dc1443"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vxlD%2FtmzYRJ1L3VRHCpNIm%2FmvRhrVwLO88VX9QiGUKzM%2F8e%2Be4ALmfewuUPJPNTI%2BAH%2BMr5KCR21xAzmveydjcDW7BgR7Lhq8FVvSWm6Tm9lOTbzDKmBD7lHel%2B92AUJbt%2BFT2vLgXDfMYhhwSboHQvn"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 86a346bbff630e08-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 284 KB
96 KB 44ms
43ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LTC8MYVBV4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFMS4FR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aba13871cc3cc0c111578e1a9b85f9a1b5c6e8edddc0d65923c1571e566a7dd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://capital-one-march-madness-2024.prod.fooji.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 01:13:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97802
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 26 Mar 2024 01:13:07 GMT

GET
H2 200 background_grid.svg
capital-one-march-madness-2024.prod.fooji.com/img/ 298 B
1 KB 523ms
521ms Image
image/svg+xml 2600:9000:237d:ba00:1d:c286:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://capital-one-march-madness-2024.prod.fooji.com/img/background_grid.svg

Requested by

Host: capital-one-march-madness-2024.prod.fooji.com
URL: https://capital-one-march-madness-2024.prod.fooji.com/style/desktop-efda87b8.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:237d:ba00:1d:c286:3240:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5a814abaeaf1dade15c5dfd1d60221577d8f44c34849f886cd8f7aae6c85b446

Security Headers

Name	Value
Content-Security-Policy	default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:;img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:;style-src 'unsafe-inline' https:; frame-ancestors dash.prod.fooji.com
Strict-Transport-Security	maxAge: 5184000; includeSubDomains: true; force: true
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://capital-one-march-madness-2024.prod.fooji.com/style/desktop-efda87b8.css
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 01:13:08 GMT
strict-transport-security: maxAge: 5184000; includeSubDomains: true; force: true
x-content-type-options: nosniff
content-security-policy: default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:;img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:;style-src 'unsafe-inline' https:; frame-ancestors dash.prod.fooji.com
via: 1.1 ef6c1b0d6b04f2b7f81eb00fa448b890.cloudfront.net (CloudFront)
x-amz-request-id: 6KV3YK3N0D4XDRD2
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 298
x-amz-id-2: z2+kHM9mINCON3y0ALeYH7zfR1keTqcD74Q0lrqy+2CL1hPM0I6LyRsIfh/k1CDrhi7Hh7ydtXc=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 18:01:52 GMT
server: AmazonS3
etag: "94a79e99c511e88d85808b302a5654e5"
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: R7N_VFGjzNkqK7drNIUy-_4yHx8sxf0It5M35-VjO8dp7geUpStzyQ==

GET
H2 200 Optimist_Rg.ttf
capital-one-march-madness-2024.prod.fooji.com/custom_fonts/ 81 KB
82 KB 602ms
600ms Font
font/ttf 2600:9000:237d:ba00:1d:c286:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://capital-one-march-madness-2024.prod.fooji.com/custom_fonts/Optimist_Rg.ttf

Requested by

Host: capital-one-march-madness-2024.prod.fooji.com
URL: https://capital-one-march-madness-2024.prod.fooji.com/style/mobile-8e33fcf6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:237d:ba00:1d:c286:3240:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f5ec84a4490a216a17b81687e86d2e8f7a87c90862089114deae0fc1985e67e8

Security Headers

Name	Value
Content-Security-Policy	default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:;img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:;style-src 'unsafe-inline' https:; frame-ancestors dash.prod.fooji.com
Strict-Transport-Security	maxAge: 5184000; includeSubDomains: true; force: true
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://capital-one-march-madness-2024.prod.fooji.com/style/mobile-8e33fcf6.css
Origin: https://capital-one-march-madness-2024.prod.fooji.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 01:13:08 GMT
strict-transport-security: maxAge: 5184000; includeSubDomains: true; force: true
x-content-type-options: nosniff
content-security-policy: default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:;img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:;style-src 'unsafe-inline' https:; frame-ancestors dash.prod.fooji.com
via: 1.1 ef6c1b0d6b04f2b7f81eb00fa448b890.cloudfront.net (CloudFront)
x-amz-request-id: 6KVBYZDRRZYDM66M
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 83128
x-amz-id-2: cwYNCALqhCoP/SyIcT6TR3zDV0Lh9u91viUAafyQVEewMqgFxARus5BFVGVmJ7C/TL/KcwKdYek=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 18:01:52 GMT
server: AmazonS3
etag: "e67bec6f59e7322c4272848f1fb1584c"
content-type: font/ttf
accept-ranges: bytes
x-amz-cf-id: 3H2diZdwwtq0C5lXKvLaCWKwZmRkjer_wprDmbNTurPJf1zJDv1R9Q==

OPTIONS
H2 200 /
sessions.bugsnag.com/ 0
0 210ms
166ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://capital-one-march-madness-2024.prod.fooji.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 26 Mar 2024 01:13:07 GMT
via: 1.1 google

OPTIONS
H2 204 capital-one-march-madness-2024.prod.fooji.com
front-end-api.prod.fooji.com/v1/config/ 0
0 376ms
123ms Preflight 3.142.105.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://front-end-api.prod.fooji.com/v1/config/capital-one-march-madness-2024.prod.fooji.com?client=microsite

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.142.105.128 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-142-105-128.us-east-2.compute.amazonaws.com

Software

nginx/1.25.2 / free pizza

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://capital-one-march-madness-2024.prod.fooji.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Tue, 26 Mar 2024 01:13:08 GMT
public-key-pins-report-only: pin-sha256="4VDy9+1PipnvvZRuI0i4OTeOfy2nBvy/rVcA/NR7mcs="; pin-sha256="++MBgDH5WGvL9Bcn5Be30cRcL0f5O+NyoXuWtQdX1aI="; pin-sha256="f0KW/FtqTjs108NpYj42SrGvOB2PpxIVM8nWxjPqJGE="; pin-sha256="NqvDJlas/GRcYbcWE8S/IceH9cq77kg0jVhZeAPXq8k="; pin-sha256="9+ze1cZgR9KO1kZrVDxA4HQ6voHRCSVNz4RdTCx4U8U="; pin-sha256="KwccWaCgrnaw6tsrrSO61FgLacNgG2MMLq8GE6+oP5I="; max-age=604800; includeSubDomains; report-uri="https://ucfqrfp5ol.execute-api.us-east-1.amazonaws.com/prod/hpkp-error-handler"
server: nginx/1.25.2
strict-transport-security: max-age=5184000; includeSubDomains
vary: Access-Control-Request-Headers
x-powered-by: free pizza

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
131 B 167ms
166ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: capital-one-march-madness-2024.prod.fooji.com
URL: https://capital-one-march-madness-2024.prod.fooji.com/js/fooji.capital-one-march-madness-2024-06257247.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
Bugsnag-Api-Key: ddef09934d14d51d2bf2923d528ddbee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Bugsnag-Payload-Version: 1
Referer: https://capital-one-march-madness-2024.prod.fooji.com/
Bugsnag-Sent-At: 2024-03-26T01:13:07.786Z
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Tue, 26 Mar 2024 01:13:08 GMT
via: 1.1 google
bugsnag-session-uuid: c3d6aa60-4a86-475b-8662-31db9e900619
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

GET
H2 200 capital-one-march-madness-2024.prod.fooji.com Show response
front-end-api.prod.fooji.com/v1/config/ 24 KB
9 KB 135ms
134ms XHR
application/json 3.142.105.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://front-end-api.prod.fooji.com/v1/config/capital-one-march-madness-2024.prod.fooji.com?client=microsite

Requested by

Host: capital-one-march-madness-2024.prod.fooji.com
URL: https://capital-one-march-madness-2024.prod.fooji.com/js/fooji.capital-one-march-madness-2024-06257247.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.142.105.128 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-142-105-128.us-east-2.compute.amazonaws.com

Software

nginx/1.25.2 / free pizza

Resource Hash

9f3b1f4ae263694f277a8998b0d4e6dedcfa47422db38ed82e75a7f6ccb92e48

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://capital-one-march-madness-2024.prod.fooji.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 01:13:08 GMT
strict-transport-security: max-age=5184000; includeSubDomains
content-encoding: gzip
server: nginx/1.25.2
x-powered-by: free pizza
etag: W/"611d-IGDfdvZOCCCaRCIZnD7ycO1eIrw"
vary: Origin
public-key-pins-report-only: pin-sha256="4VDy9+1PipnvvZRuI0i4OTeOfy2nBvy/rVcA/NR7mcs="; pin-sha256="++MBgDH5WGvL9Bcn5Be30cRcL0f5O+NyoXuWtQdX1aI="; pin-sha256="f0KW/FtqTjs108NpYj42SrGvOB2PpxIVM8nWxjPqJGE="; pin-sha256="NqvDJlas/GRcYbcWE8S/IceH9cq77kg0jVhZeAPXq8k="; pin-sha256="9+ze1cZgR9KO1kZrVDxA4HQ6voHRCSVNz4RdTCx4U8U="; pin-sha256="KwccWaCgrnaw6tsrrSO61FgLacNgG2MMLq8GE6+oP5I="; max-age=604800; includeSubDomains; report-uri="https://ucfqrfp5ol.execute-api.us-east-1.amazonaws.com/prod/hpkp-error-handler"
access-control-allow-origin: https://capital-one-march-madness-2024.prod.fooji.com
content-type: application/json; charset=utf-8

POST
H2 204 collect
region1.google-analytics.com/g/ 0
274 B 81ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LTC8MYVBV4&gtm=45je43p0v9100633149za200&_p=1711415587171&gcs=G100&gcd=13p3p3l2l5&npa=1&dma_cps=sypham&dma=1&cid=934456324.1711415588&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.58%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.58&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&_eu=AEA&_s=1&sid=1711415587&sct=1&seg=0&dl=https%3A%2F%2Fcapital-one-march-madness-2024.prod.fooji.com%2F&dt=&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90&tfd=1549
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LTC8MYVBV4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://capital-one-march-madness-2024.prod.fooji.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 26 Mar 2024 01:13:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://capital-one-march-madness-2024.prod.fooji.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 favicon.ico
capital-one-march-madness-2024.prod.fooji.com/ 3 KB
3 KB 473ms
473ms Other
image/x-icon 2600:9000:237d:ba00:1d:c286:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://capital-one-march-madness-2024.prod.fooji.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:237d:ba00:1d:c286:3240:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2a850910d2c104985993d6edfceb8f34943e6d4c257e0e32bbd6e3b1795ba524

Security Headers

Name	Value
Content-Security-Policy	default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:;img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:;style-src 'unsafe-inline' https:; frame-ancestors dash.prod.fooji.com
Strict-Transport-Security	maxAge: 5184000; includeSubDomains: true; force: true
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://capital-one-march-madness-2024.prod.fooji.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 01:13:09 GMT
strict-transport-security: maxAge: 5184000; includeSubDomains: true; force: true
x-content-type-options: nosniff
content-security-policy: default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:;img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:;style-src 'unsafe-inline' https:; frame-ancestors dash.prod.fooji.com
via: 1.1 ef6c1b0d6b04f2b7f81eb00fa448b890.cloudfront.net (CloudFront)
x-amz-request-id: 0V2B57GVJYB85BDY
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 2723
x-amz-id-2: rKYpj/DR+yBq0VgfwRJ/I8kUxZJcmlf5Od689x1I4eUn1pYEai+ni/PNnnQrFyxeAIUWANCC160=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 18:01:52 GMT
server: AmazonS3
etag: "fa02fc36775a0ce6b98fd203718cd92a"
content-type: image/x-icon
accept-ranges: bytes
x-amz-cf-id: XKgAp0GLKvsvsbUp0KrBpQLpXa-Gat8CwQaCJjkt_F6netZQyaUybg==

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 229 KB
75 KB 142ms
88ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?callback=__googleMapsCallback&key=AIzaSyDAbRDXsxgN0CFkPbqFvbti7OfI_pwO8FQ&libraries=places&language=en&v=3.52

Requested by

Host: capital-one-march-madness-2024.prod.fooji.com
URL: https://capital-one-march-madness-2024.prod.fooji.com/js/fooji.capital-one-march-madness-2024-06257247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

6dd74d9c2ce0661c74c2191c34f243f07ed61ccbe89a643cf24f987abe08fbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://capital-one-march-madness-2024.prod.fooji.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 01:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76545
x-xss-protection: 0

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 84ms
35ms XHR
application/json 172.217.16.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?callback=__googleMapsCallback&key=AIzaSyDAbRDXsxgN0CFkPbqFvbti7OfI_pwO8FQ&libraries=places&language=en&v=3.52

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f138.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://capital-one-march-madness-2024.prod.fooji.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 01:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://capital-one-march-madness-2024.prod.fooji.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 403 background-w-heading.png
capital-one-march-madness-2024.prod.fooji.com/img/ 255 B
255 B 461ms
461ms Image
application/xml 2600:9000:237d:ba00:1d:c286:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capital-one-march-madness-2024.prod.fooji.com/img/background-w-heading.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ba00:1d:c286:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e38e49cd1dad6c4c49452de30c108d8eefc468c09d8606e2e0cb7a05aef9cac3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://capital-one-march-madness-2024.prod.fooji.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 01:13:08 GMT
via: 1.1 ef6c1b0d6b04f2b7f81eb00fa448b890.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-request-id: GBH9SMHV84KZSBRM
x-amz-cf-pop: MUC50-P2
x-cache: Error from cloudfront
content-type: application/xml
x-amz-cf-id: rzcwY9rzG2lwZoxT5Kwr_vuAwLceJPWB5yL6kiiL4gvoF9DfDF7O_A==
x-amz-id-2: nzPuz4R74rAlfpNaLprrp12eiNtx9lynTdncRVxgBEM8GDFZSYACw3pgDzFon7VBiL4yfobAUfszz5NQVd33EQ==

GET
H2 200 capital-one-logo-white.svg
capital-one-march-madness-2024.prod.fooji.com/ooji/img/ 8 KB
9 KB 475ms
474ms Image
image/svg+xml 2600:9000:237d:ba00:1d:c286:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://capital-one-march-madness-2024.prod.fooji.com/ooji/img/capital-one-logo-white.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:237d:ba00:1d:c286:3240:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

282b29af50d2b4301f341821e6e336f10cf4466240ed5280f0bcf6c22c6476a9

Security Headers

Name	Value
Content-Security-Policy	default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:;img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:;style-src 'unsafe-inline' https:; frame-ancestors dash.prod.fooji.com
Strict-Transport-Security	maxAge: 5184000; includeSubDomains: true; force: true
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://capital-one-march-madness-2024.prod.fooji.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 01:13:09 GMT
strict-transport-security: maxAge: 5184000; includeSubDomains: true; force: true
x-content-type-options: nosniff
content-security-policy: default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:;img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:;style-src 'unsafe-inline' https:; frame-ancestors dash.prod.fooji.com
via: 1.1 ef6c1b0d6b04f2b7f81eb00fa448b890.cloudfront.net (CloudFront)
x-amz-request-id: D6QE0K427QDB0PPB
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 8256
x-amz-id-2: wh8RzBUYGzYN3gy+5f3agFLyXbJ5LEL5jM5Yupdf3GTLwLoAbiPI6C9nrK9pJLS5yJlGrXB1RM0=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 18:01:54 GMT
server: AmazonS3
etag: "f8f5e6738b240f93d22f53c72e2f370d"
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: qBn2KDIrhJ2Fc0JoRpMxp1I0TIRadlzmOfB5MkVYbTFasbaOh5aXeA==

OPTIONS
H2 204 campaign
front-end-api.prod.fooji.com/v1/ 0
0 119ms
119ms Preflight 3.142.105.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://front-end-api.prod.fooji.com/v1/campaign?campaign_key=capital-one-march-madness-2024&timestamp=1711415580&client=microsite

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.142.105.128 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-142-105-128.us-east-2.compute.amazonaws.com

Software

nginx/1.25.2 / free pizza

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://capital-one-march-madness-2024.prod.fooji.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Tue, 26 Mar 2024 01:13:08 GMT
public-key-pins-report-only: pin-sha256="4VDy9+1PipnvvZRuI0i4OTeOfy2nBvy/rVcA/NR7mcs="; pin-sha256="++MBgDH5WGvL9Bcn5Be30cRcL0f5O+NyoXuWtQdX1aI="; pin-sha256="f0KW/FtqTjs108NpYj42SrGvOB2PpxIVM8nWxjPqJGE="; pin-sha256="NqvDJlas/GRcYbcWE8S/IceH9cq77kg0jVhZeAPXq8k="; pin-sha256="9+ze1cZgR9KO1kZrVDxA4HQ6voHRCSVNz4RdTCx4U8U="; pin-sha256="KwccWaCgrnaw6tsrrSO61FgLacNgG2MMLq8GE6+oP5I="; max-age=604800; includeSubDomains; report-uri="https://ucfqrfp5ol.execute-api.us-east-1.amazonaws.com/prod/hpkp-error-handler"
server: nginx/1.25.2
strict-transport-security: max-age=5184000; includeSubDomains
vary: Access-Control-Request-Headers
x-powered-by: free pizza

GET
H2 200 campaign Show response
front-end-api.prod.fooji.com/v1/ 689 B
1 KB 124ms
124ms XHR
application/json 3.142.105.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://front-end-api.prod.fooji.com/v1/campaign?campaign_key=capital-one-march-madness-2024&timestamp=1711415580&client=microsite

Requested by

Host: capital-one-march-madness-2024.prod.fooji.com
URL: https://capital-one-march-madness-2024.prod.fooji.com/js/fooji.capital-one-march-madness-2024-06257247.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.142.105.128 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-142-105-128.us-east-2.compute.amazonaws.com

Software

nginx/1.25.2 / free pizza

Resource Hash

e3c81b7e98ee5ceccbc0a188e6e04f00f6b703c82e571ee95ffbf2f61e1458ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://capital-one-march-madness-2024.prod.fooji.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 01:13:08 GMT
strict-transport-security: max-age=5184000; includeSubDomains
content-encoding: gzip
server: nginx/1.25.2
x-powered-by: free pizza
etag: W/"2b1-DfHCB9iNpdzvcXnst/5MYz5peww"
vary: Origin
public-key-pins-report-only: pin-sha256="4VDy9+1PipnvvZRuI0i4OTeOfy2nBvy/rVcA/NR7mcs="; pin-sha256="++MBgDH5WGvL9Bcn5Be30cRcL0f5O+NyoXuWtQdX1aI="; pin-sha256="f0KW/FtqTjs108NpYj42SrGvOB2PpxIVM8nWxjPqJGE="; pin-sha256="NqvDJlas/GRcYbcWE8S/IceH9cq77kg0jVhZeAPXq8k="; pin-sha256="9+ze1cZgR9KO1kZrVDxA4HQ6voHRCSVNz4RdTCx4U8U="; pin-sha256="KwccWaCgrnaw6tsrrSO61FgLacNgG2MMLq8GE6+oP5I="; max-age=604800; includeSubDomains; report-uri="https://ucfqrfp5ol.execute-api.us-east-1.amazonaws.com/prod/hpkp-error-handler"
access-control-allow-origin: https://capital-one-march-madness-2024.prod.fooji.com
content-type: application/json; charset=utf-8
cache-control: max-age=60

OPTIONS
H2 204 is-valid
front-end-api.prod.fooji.com/v1/campaign/ 0
0 119ms
119ms Preflight 3.142.105.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://front-end-api.prod.fooji.com/v1/campaign/is-valid?campaign_key=capital-one-march-madness-2024&timestamp=1711415580&client=microsite

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.142.105.128 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-142-105-128.us-east-2.compute.amazonaws.com

Software

nginx/1.25.2 / free pizza

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://capital-one-march-madness-2024.prod.fooji.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Tue, 26 Mar 2024 01:13:08 GMT
public-key-pins-report-only: pin-sha256="4VDy9+1PipnvvZRuI0i4OTeOfy2nBvy/rVcA/NR7mcs="; pin-sha256="++MBgDH5WGvL9Bcn5Be30cRcL0f5O+NyoXuWtQdX1aI="; pin-sha256="f0KW/FtqTjs108NpYj42SrGvOB2PpxIVM8nWxjPqJGE="; pin-sha256="NqvDJlas/GRcYbcWE8S/IceH9cq77kg0jVhZeAPXq8k="; pin-sha256="9+ze1cZgR9KO1kZrVDxA4HQ6voHRCSVNz4RdTCx4U8U="; pin-sha256="KwccWaCgrnaw6tsrrSO61FgLacNgG2MMLq8GE6+oP5I="; max-age=604800; includeSubDomains; report-uri="https://ucfqrfp5ol.execute-api.us-east-1.amazonaws.com/prod/hpkp-error-handler"
server: nginx/1.25.2
strict-transport-security: max-age=5184000; includeSubDomains
vary: Access-Control-Request-Headers
x-powered-by: free pizza

GET
H2 200 is-valid Show response
front-end-api.prod.fooji.com/v1/campaign/ 50 B
773 B 149ms
149ms XHR
application/json 3.142.105.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://front-end-api.prod.fooji.com/v1/campaign/is-valid?campaign_key=capital-one-march-madness-2024&timestamp=1711415580&client=microsite

Requested by

Host: capital-one-march-madness-2024.prod.fooji.com
URL: https://capital-one-march-madness-2024.prod.fooji.com/js/fooji.capital-one-march-madness-2024-06257247.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.142.105.128 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-142-105-128.us-east-2.compute.amazonaws.com

Software

nginx/1.25.2 / free pizza

Resource Hash

00900d1d1c6d306bef94b866218980286193d0699880ab9d22aab3dc6fa841ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://capital-one-march-madness-2024.prod.fooji.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 01:13:08 GMT
strict-transport-security: max-age=5184000; includeSubDomains
content-encoding: gzip
server: nginx/1.25.2
x-powered-by: free pizza
etag: W/"32-iUijVCQDKGG6+dqMu7FMQtyjnaM"
vary: Origin
public-key-pins-report-only: pin-sha256="4VDy9+1PipnvvZRuI0i4OTeOfy2nBvy/rVcA/NR7mcs="; pin-sha256="++MBgDH5WGvL9Bcn5Be30cRcL0f5O+NyoXuWtQdX1aI="; pin-sha256="f0KW/FtqTjs108NpYj42SrGvOB2PpxIVM8nWxjPqJGE="; pin-sha256="NqvDJlas/GRcYbcWE8S/IceH9cq77kg0jVhZeAPXq8k="; pin-sha256="9+ze1cZgR9KO1kZrVDxA4HQ6voHRCSVNz4RdTCx4U8U="; pin-sha256="KwccWaCgrnaw6tsrrSO61FgLacNgG2MMLq8GE6+oP5I="; max-age=604800; includeSubDomains; report-uri="https://ucfqrfp5ol.execute-api.us-east-1.amazonaws.com/prod/hpkp-error-handler"
access-control-allow-origin: https://capital-one-march-madness-2024.prod.fooji.com
content-type: application/json; charset=utf-8
cache-control: max-age=60

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 30ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LTC8MYVBV4&gtm=45je43p0v9100633149za200&_p=1711415587171&gcs=G101&gcd=13p3t3l2l5&npa=1&dma_cps=sypham&dma=1&cid=934456324.1711415588&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.58%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.58&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&_s=2&sid=1711415587&sct=1&seg=0&dl=https%3A%2F%2Fcapital-one-march-madness-2024.prod.fooji.com%2F&dt=Participate%20in%20the%20Capital%20One%20-%20March%20Madness%202024%20campaign%20from%20Capital%20One%2C%20powered%20by%20Fooji&en=user_engagement&ep.ga_temp_client_id=934456324.1711415588&_et=1121&tfd=2686
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LTC8MYVBV4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://capital-one-march-madness-2024.prod.fooji.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 26 Mar 2024 01:13:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://capital-one-march-madness-2024.prod.fooji.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 start
front-end-api.prod.fooji.com/v1/campaign/anonymous/ 0
0 121ms
119ms Preflight 3.142.105.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://front-end-api.prod.fooji.com/v1/campaign/anonymous/start

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.142.105.128 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-142-105-128.us-east-2.compute.amazonaws.com

Software

nginx/1.25.2 / free pizza

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://capital-one-march-madness-2024.prod.fooji.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Tue, 26 Mar 2024 01:13:09 GMT
public-key-pins-report-only: pin-sha256="4VDy9+1PipnvvZRuI0i4OTeOfy2nBvy/rVcA/NR7mcs="; pin-sha256="++MBgDH5WGvL9Bcn5Be30cRcL0f5O+NyoXuWtQdX1aI="; pin-sha256="f0KW/FtqTjs108NpYj42SrGvOB2PpxIVM8nWxjPqJGE="; pin-sha256="NqvDJlas/GRcYbcWE8S/IceH9cq77kg0jVhZeAPXq8k="; pin-sha256="9+ze1cZgR9KO1kZrVDxA4HQ6voHRCSVNz4RdTCx4U8U="; pin-sha256="KwccWaCgrnaw6tsrrSO61FgLacNgG2MMLq8GE6+oP5I="; max-age=604800; includeSubDomains; report-uri="https://ucfqrfp5ol.execute-api.us-east-1.amazonaws.com/prod/hpkp-error-handler"
server: nginx/1.25.2
strict-transport-security: max-age=5184000; includeSubDomains
vary: Access-Control-Request-Headers
x-powered-by: free pizza

POST
H2 200 start Show response
front-end-api.prod.fooji.com/v1/campaign/anonymous/ 65 B
783 B 240ms
240ms XHR
application/json 3.142.105.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://front-end-api.prod.fooji.com/v1/campaign/anonymous/start

Requested by

Host: capital-one-march-madness-2024.prod.fooji.com
URL: https://capital-one-march-madness-2024.prod.fooji.com/js/fooji.capital-one-march-madness-2024-06257247.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.142.105.128 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-142-105-128.us-east-2.compute.amazonaws.com

Software

nginx/1.25.2 / free pizza

Resource Hash

faeb36db2842718d09309e6648090fdfe73473a79381eef1507a212682e7a69a

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://capital-one-march-madness-2024.prod.fooji.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 01:13:09 GMT
strict-transport-security: max-age=5184000; includeSubDomains
content-encoding: gzip
server: nginx/1.25.2
x-powered-by: free pizza
etag: W/"41-YO8Nirv2qGdpujOnfz+bz0pyOT8"
vary: X-HTTP-Method-Override, Origin
public-key-pins-report-only: pin-sha256="4VDy9+1PipnvvZRuI0i4OTeOfy2nBvy/rVcA/NR7mcs="; pin-sha256="++MBgDH5WGvL9Bcn5Be30cRcL0f5O+NyoXuWtQdX1aI="; pin-sha256="f0KW/FtqTjs108NpYj42SrGvOB2PpxIVM8nWxjPqJGE="; pin-sha256="NqvDJlas/GRcYbcWE8S/IceH9cq77kg0jVhZeAPXq8k="; pin-sha256="9+ze1cZgR9KO1kZrVDxA4HQ6voHRCSVNz4RdTCx4U8U="; pin-sha256="KwccWaCgrnaw6tsrrSO61FgLacNgG2MMLq8GE6+oP5I="; max-age=604800; includeSubDomains; report-uri="https://ucfqrfp5ol.execute-api.us-east-1.amazonaws.com/prod/hpkp-error-handler"
access-control-allow-origin: https://capital-one-march-madness-2024.prod.fooji.com
content-type: application/json; charset=utf-8

GET
H2 200 Optimist_Bd.ttf
capital-one-march-madness-2024.prod.fooji.com/custom_fonts/ 81 KB
82 KB 487ms
486ms Font
font/ttf 2600:9000:237d:ba00:1d:c286:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://capital-one-march-madness-2024.prod.fooji.com/custom_fonts/Optimist_Bd.ttf

Requested by

Host: capital-one-march-madness-2024.prod.fooji.com
URL: https://capital-one-march-madness-2024.prod.fooji.com/style/mobile-8e33fcf6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:237d:ba00:1d:c286:3240:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

17f424eb7274f4f6c79d532577fc56943da1254f90c6513f8ab114b9ebfc8618

Security Headers

Name	Value
Content-Security-Policy	default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:;img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:;style-src 'unsafe-inline' https:; frame-ancestors dash.prod.fooji.com
Strict-Transport-Security	maxAge: 5184000; includeSubDomains: true; force: true
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://capital-one-march-madness-2024.prod.fooji.com/style/mobile-8e33fcf6.css
Origin: https://capital-one-march-madness-2024.prod.fooji.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 01:13:10 GMT
strict-transport-security: maxAge: 5184000; includeSubDomains: true; force: true
x-content-type-options: nosniff
content-security-policy: default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:;img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:;style-src 'unsafe-inline' https:; frame-ancestors dash.prod.fooji.com
via: 1.1 ef6c1b0d6b04f2b7f81eb00fa448b890.cloudfront.net (CloudFront)
x-amz-request-id: 33EGFYG5AH9Z08KJ
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 83412
x-amz-id-2: 43yJKEHWISdAM6bvptAUzzsPCEzNOrePx4oqJCzm8T3TnHh0j/nva8W50ECBNIxClhfKlNlU6OU=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 18:01:52 GMT
server: AmazonS3
etag: "faf272017fa3af0fc9fe59aa4cbf41ef"
content-type: font/ttf
accept-ranges: bytes
x-amz-cf-id: f-ho6gcvhBjX71D-4jlk8amfq4sYjTDy30cteOXsBX5ESeGo6Eh9Uw==

GET
H2 200 favicon.ico
capital-one-march-madness-2024.prod.fooji.com/ 3 KB
3 KB 469ms
469ms Other
image/x-icon 2600:9000:237d:ba00:1d:c286:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://capital-one-march-madness-2024.prod.fooji.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:237d:ba00:1d:c286:3240:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2a850910d2c104985993d6edfceb8f34943e6d4c257e0e32bbd6e3b1795ba524

Security Headers

Name	Value
Content-Security-Policy	default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:;img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:;style-src 'unsafe-inline' https:; frame-ancestors dash.prod.fooji.com
Strict-Transport-Security	maxAge: 5184000; includeSubDomains: true; force: true
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://capital-one-march-madness-2024.prod.fooji.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 01:13:10 GMT
strict-transport-security: maxAge: 5184000; includeSubDomains: true; force: true
x-content-type-options: nosniff
content-security-policy: default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:;img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:;style-src 'unsafe-inline' https:; frame-ancestors dash.prod.fooji.com
via: 1.1 ef6c1b0d6b04f2b7f81eb00fa448b890.cloudfront.net (CloudFront)
x-amz-request-id: 0V2B57GVJYB85BDY
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 2723
x-amz-id-2: rKYpj/DR+yBq0VgfwRJ/I8kUxZJcmlf5Od689x1I4eUn1pYEai+ni/PNnnQrFyxeAIUWANCC160=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 18:01:52 GMT
server: AmazonS3
etag: "fa02fc36775a0ce6b98fd203718cd92a"
content-type: image/x-icon
accept-ranges: bytes
x-amz-cf-id: fphX9NhBNYQBQI_YUg4Is8p2aHQaTHvyldOtxNCF4Ms2bonnU1ZuNA==

POST
H/1.1 200
OK anonymous Show response
auth-api.prod.fooji.com/auth/ 1 KB
2 KB 396ms
396ms XHR
application/json 2600:9000:237d:ea00:1a:eb80:1680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-api.prod.fooji.com/auth/anonymous
Requested by: Host: capital-one-march-madness-2024.prod.fooji.com
URL: https://capital-one-march-madness-2024.prod.fooji.com/js/fooji.capital-one-march-madness-2024-06257247.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ea00:1a:eb80:1680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 42037b6789b2d4fbe8b5caf484909d0e7309ef8e4b8e0118dd194ae85276830b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://capital-one-march-madness-2024.prod.fooji.com/
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 26 Mar 2024 01:13:10 GMT
Via: 1.1 8ebebe66cc8de626ee8e15b2ee72d826.cloudfront.net (CloudFront), 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MUC50-P1, MUC50-P2
X-Amzn-Trace-Id: Root=1-66022126-1363e50535455cba723915d4;Parent=3ab95ee6f48be23c;Sampled=0;lineage=bc86a1f8:0
x-amzn-RequestId: 2937e6ab-bc07-4496-8b48-24553cf772a9
X-Cache: Miss from cloudfront
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
x-amz-apigw-id: VNoeBFiFiYcEPVQ=
Content-Length: 1404
X-Amz-Cf-Id: QrnC8ColvmYrqBezXI78EUETTl8-JqY0DHSVZ0LRUHj8uejTXxpf9g==

OPTIONS
H/1.1 200
OK anonymous
auth-api.prod.fooji.com/auth/ 0
0 567ms
430ms Preflight
application/json 2600:9000:237d:ea00:1a:eb80:1680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-api.prod.fooji.com/auth/anonymous
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ea00:1a:eb80:1680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://capital-one-march-madness-2024.prod.fooji.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
Access-Control-Allow-Methods: OPTIONS,POST
Access-Control-Allow-Origin: https://capital-one-march-madness-2024.prod.fooji.com
Access-Control-Max-Age: 1
Connection: keep-alive
Content-Length: 1
Content-Type: application/json
Date: Tue, 26 Mar 2024 01:13:09 GMT
Via: 1.1 eec5ede1fdb15ceb2352a4ebfb155362.cloudfront.net (CloudFront), 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
X-Amz-Cf-Id: gcsJQldIhIplNrCiTnkcKMIuF0NVFqddHHT9ANRrGFWpEoWS_gY_Bw==
X-Amz-Cf-Pop: MUC50-P1 MUC50-P2
X-Cache: Miss from cloudfront
x-amz-apigw-id: VNod9GbTCYcEl2A=
x-amzn-RequestId: 5b5deee9-346b-46ba-a2c7-2afc56cca6d2

GET
H2 200 favicon.ico
capital-one-march-madness-2024.prod.fooji.com/ 3 KB
3 KB 469ms
469ms Other
image/x-icon 2600:9000:237d:ba00:1d:c286:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://capital-one-march-madness-2024.prod.fooji.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:237d:ba00:1d:c286:3240:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2a850910d2c104985993d6edfceb8f34943e6d4c257e0e32bbd6e3b1795ba524

Security Headers

Name	Value
Content-Security-Policy	default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:;img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:;style-src 'unsafe-inline' https:; frame-ancestors dash.prod.fooji.com
Strict-Transport-Security	maxAge: 5184000; includeSubDomains: true; force: true
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://capital-one-march-madness-2024.prod.fooji.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 01:13:11 GMT
strict-transport-security: maxAge: 5184000; includeSubDomains: true; force: true
x-content-type-options: nosniff
content-security-policy: default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:;img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:;style-src 'unsafe-inline' https:; frame-ancestors dash.prod.fooji.com
via: 1.1 ef6c1b0d6b04f2b7f81eb00fa448b890.cloudfront.net (CloudFront)
x-amz-request-id: 0V2B57GVJYB85BDY
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 2723
x-amz-id-2: rKYpj/DR+yBq0VgfwRJ/I8kUxZJcmlf5Od689x1I4eUn1pYEai+ni/PNnnQrFyxeAIUWANCC160=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 18:01:52 GMT
server: AmazonS3
etag: "fa02fc36775a0ce6b98fd203718cd92a"
content-type: image/x-icon
accept-ranges: bytes
x-amz-cf-id: QHTPJk6E1oAe-n8UJbSCg3THu31a6GYDigE5rN5-BfQL8Shqbw6rPw==

GET
H2 200 wait.hbs Show response
capital-one-march-madness-2024.prod.fooji.com/ooji/templates/ 4 KB
4 KB 484ms
483ms XHR
binary/octet-stream 2600:9000:237d:ba00:1d:c286:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://capital-one-march-madness-2024.prod.fooji.com/ooji/templates/wait.hbs

Requested by

Host: capital-one-march-madness-2024.prod.fooji.com
URL: https://capital-one-march-madness-2024.prod.fooji.com/js/fooji.capital-one-march-madness-2024-06257247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:237d:ba00:1d:c286:3240:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

000703c7115876df2e8cae5955bb37f513ea38faf34b6dd5f0d604ff2ea28254

Security Headers

Name	Value
Content-Security-Policy	default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:;img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:;style-src 'unsafe-inline' https:; frame-ancestors dash.prod.fooji.com
Strict-Transport-Security	maxAge: 5184000; includeSubDomains: true; force: true
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: text/plain, */*; q=0.01
Referer: https://capital-one-march-madness-2024.prod.fooji.com/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 01:13:11 GMT
strict-transport-security: maxAge: 5184000; includeSubDomains: true; force: true
x-content-type-options: nosniff
content-security-policy: default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:;img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:;style-src 'unsafe-inline' https:; frame-ancestors dash.prod.fooji.com
via: 1.1 ef6c1b0d6b04f2b7f81eb00fa448b890.cloudfront.net (CloudFront)
x-amz-request-id: D64WWEQKFH0K8YXK
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 3776
x-amz-id-2: zn0b6kTR5EQuAG30/prg5Wp7t9+/bZrJZprmUg8xshfIbbao8ygGLMuaENEgZy1aC+J9tbUTJ0g=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 18:01:59 GMT
server: AmazonS3
etag: "5b197787dc21911301a98eaaebba5b1c"
content-type: binary/octet-stream
accept-ranges: bytes
x-amz-cf-id: e-ConHSaBQoPzore8JwlHOLpDpnP6V0l3m08EPPNRLHDTy1nzCdjhg==

GET
H2 200 blue-logo.svg
capital-one-march-madness-2024.prod.fooji.com/img/ 9 KB
10 KB 476ms
476ms Image
image/svg+xml 2600:9000:237d:ba00:1d:c286:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://capital-one-march-madness-2024.prod.fooji.com/img/blue-logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:237d:ba00:1d:c286:3240:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

93351c93d64c1e95ab4757de51b77ce683666ff5168cb5f29a5a8a702d4c8d36

Security Headers

Name	Value
Content-Security-Policy	default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:;img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:;style-src 'unsafe-inline' https:; frame-ancestors dash.prod.fooji.com
Strict-Transport-Security	maxAge: 5184000; includeSubDomains: true; force: true
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://capital-one-march-madness-2024.prod.fooji.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 01:13:12 GMT
strict-transport-security: maxAge: 5184000; includeSubDomains: true; force: true
x-content-type-options: nosniff
content-security-policy: default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:;img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:;style-src 'unsafe-inline' https:; frame-ancestors dash.prod.fooji.com
via: 1.1 ef6c1b0d6b04f2b7f81eb00fa448b890.cloudfront.net (CloudFront)
x-amz-request-id: 5H4SNNC2NBMHZXXZ
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 9244
x-amz-id-2: KwK0OJKDfuKcN/3sDoTbGUTdAudvP3ANnP1UQ3sDElsCmuH1niXgZtVkwHpuPL23kj4zBQi9WgU=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 18:01:52 GMT
server: AmazonS3
etag: "b5c8962e6beb0c20be2b0b264a1d36e6"
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: gUvNMnd3ZwU4JpBnFxKZhh1aMzV9oJXOhLfJmm1tVCmu2jKg-9s6DQ==

GET
H2 200 header-logo-wide.svg
capital-one-march-madness-2024.prod.fooji.com/img/ 18 KB
19 KB 479ms
478ms Image
image/svg+xml 2600:9000:237d:ba00:1d:c286:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://capital-one-march-madness-2024.prod.fooji.com/img/header-logo-wide.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:237d:ba00:1d:c286:3240:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3805ebb6621d6ae9706b1af5739d41128a4faf24b417e1617a3a247194151706

Security Headers

Name	Value
Content-Security-Policy	default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:;img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:;style-src 'unsafe-inline' https:; frame-ancestors dash.prod.fooji.com
Strict-Transport-Security	maxAge: 5184000; includeSubDomains: true; force: true
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://capital-one-march-madness-2024.prod.fooji.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 01:13:12 GMT
strict-transport-security: maxAge: 5184000; includeSubDomains: true; force: true
x-content-type-options: nosniff
content-security-policy: default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:;img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:;style-src 'unsafe-inline' https:; frame-ancestors dash.prod.fooji.com
via: 1.1 ef6c1b0d6b04f2b7f81eb00fa448b890.cloudfront.net (CloudFront)
x-amz-request-id: 5H4WWGMV4JCXN1QF
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 18605
x-amz-id-2: Yz+lnl0WkFREOLNNype1K/65O3emxgYYd0zc+q57CpY3v9YcV4tAnh4hJ6eHyb88TbUYG0H5c6A=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 18:01:53 GMT
server: AmazonS3
etag: "7db5ae59858fd164e0c4ad826dc41bac"
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: hqRrLRKBZ6OXQW7jqpmczXxs3K8ZDm9SuhDwOyIwvuiuoLbXqSBO-Q==

GET
H2 200 header-logo.svg
capital-one-march-madness-2024.prod.fooji.com/img/ 16 KB
17 KB 483ms
483ms Image
image/svg+xml 2600:9000:237d:ba00:1d:c286:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://capital-one-march-madness-2024.prod.fooji.com/img/header-logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:237d:ba00:1d:c286:3240:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4f05e459a7caca0da8935e9288981e0dd76c60c4c88409660342e87844b9e52b

Security Headers

Name	Value
Content-Security-Policy	default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:;img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:;style-src 'unsafe-inline' https:; frame-ancestors dash.prod.fooji.com
Strict-Transport-Security	maxAge: 5184000; includeSubDomains: true; force: true
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://capital-one-march-madness-2024.prod.fooji.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 01:13:12 GMT
strict-transport-security: maxAge: 5184000; includeSubDomains: true; force: true
x-content-type-options: nosniff
content-security-policy: default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:;img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:;style-src 'unsafe-inline' https:; frame-ancestors dash.prod.fooji.com
via: 1.1 ef6c1b0d6b04f2b7f81eb00fa448b890.cloudfront.net (CloudFront)
x-amz-request-id: 5H4XH7VEJDZSVWPQ
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 16707
x-amz-id-2: kI34DaR8ewZbThohpJsqsjehOqhs+boaX8vU2gPPSsi5ru3hGmHpxS7tMa4+WlTPZb1r3PwwsmA=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 18:01:53 GMT
server: AmazonS3
etag: "0c85e549a5bcc85bfb3cbcedd6226c08"
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: LW5HLXNhALtSsLD1xQctpLGHeKuPrZC8y-2ThA_jLAwvxd2l6s34ng==

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/55/11a/ 255 KB
55 KB 31ms
26ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/55/11a/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?callback=__googleMapsCallback&key=AIzaSyDAbRDXsxgN0CFkPbqFvbti7OfI_pwO8FQ&libraries=places&language=en&v=3.52

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

634485b4948d43183d2a03442b71174f94b8175557fea54cbc5f12c269cafe9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://capital-one-march-madness-2024.prod.fooji.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 13:43:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41399
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56697
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 23:41:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Mar 2025 13:43:14 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/55/11a/ 181 KB
56 KB 24ms
20ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/55/11a/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?callback=__googleMapsCallback&key=AIzaSyDAbRDXsxgN0CFkPbqFvbti7OfI_pwO8FQ&libraries=places&language=en&v=3.52

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d9d8028f36453616e3ef0ff9190b678b8bc5dfb2b5da1156b415cb013c1c3d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://capital-one-march-madness-2024.prod.fooji.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 13:43:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41399
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56965
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 23:41:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Mar 2025 13:43:14 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.prod.fooji.com/	1969-12-31 23:59:59	Name: fooji-user-id Value: 01abf460-eb0e-11ee-aee2-d1980e391eae
.fooji.com/	1970-01-21 04:59:35	Name: _ga Value: GA1.1.934456324.1711415588
.fooji.com/	1970-01-21 04:59:35	Name: _ga_LTC8MYVBV4 Value: GS1.1.1711415587.1.1.1711415590.0.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://capital-one-march-madness-2024.prod.fooji.com/img/background-w-heading.png Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:;img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:;style-src 'unsafe-inline' https:; frame-ancestors dash.prod.fooji.com
Strict-Transport-Security	maxAge: 5184000; includeSubDomains: true; force: true
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth-api.prod.fooji.com
capital-one-march-madness-2024.prod.fooji.com
front-end-api.prod.fooji.com
maps.googleapis.com
region1.google-analytics.com
sessions.bugsnag.com
use.fontawesome.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.w3schools.com
172.217.16.138
192.229.133.221
2001:4860:4802:32::36
2600:1901:0:7a0b::
2600:9000:237d:ba00:1d:c286:3240:93a1
2600:9000:237d:ea00:1a:eb80:1680:93a1
2606:4700:e6::ac40:cf26
2a00:1450:4001:802::2003
2a00:1450:4001:808::2008
2a00:1450:4001:811::2004
2a00:1450:4001:811::200a
3.142.105.128
000703c7115876df2e8cae5955bb37f513ea38faf34b6dd5f0d604ff2ea28254
00900d1d1c6d306bef94b866218980286193d0699880ab9d22aab3dc6fa841ef
05f3754835ca997193932b168da3645108a9e7b31622a234431a1465a0b5a28b
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
17f424eb7274f4f6c79d532577fc56943da1254f90c6513f8ab114b9ebfc8618
282b29af50d2b4301f341821e6e336f10cf4466240ed5280f0bcf6c22c6476a9
2a850910d2c104985993d6edfceb8f34943e6d4c257e0e32bbd6e3b1795ba524
344f23eabc12aa90de531dcf81849a3df2a2711cccf3ab69d0836fd44719f168
3805ebb6621d6ae9706b1af5739d41128a4faf24b417e1617a3a247194151706
42037b6789b2d4fbe8b5caf484909d0e7309ef8e4b8e0118dd194ae85276830b
4f05e459a7caca0da8935e9288981e0dd76c60c4c88409660342e87844b9e52b
554fdc93109beed0802d148bc60f1b16fe7d8caf68ef4ecb95b562463b7844c4
5a814abaeaf1dade15c5dfd1d60221577d8f44c34849f886cd8f7aae6c85b446
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
634485b4948d43183d2a03442b71174f94b8175557fea54cbc5f12c269cafe9d
6dd74d9c2ce0661c74c2191c34f243f07ed61ccbe89a643cf24f987abe08fbff
782c8afb6e5b7da2d577f9c2181405e98a765d3668cfba671e6731848bc6ac1f
7908ab6e2cbbd15085f3d0f8c18794e9336e35c82d4e8d7f1f4dfa5fe988d2d1
93351c93d64c1e95ab4757de51b77ce683666ff5168cb5f29a5a8a702d4c8d36
9d9d8028f36453616e3ef0ff9190b678b8bc5dfb2b5da1156b415cb013c1c3d8
9f3b1f4ae263694f277a8998b0d4e6dedcfa47422db38ed82e75a7f6ccb92e48
aba13871cc3cc0c111578e1a9b85f9a1b5c6e8edddc0d65923c1571e566a7dd8
b9c848ee6cecf113f4e9ff0f14903c2bd4502b7049a05c989ec263920dd6417c
c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5
c7b54fd177b47a30c964423b2d08ef14e409ee62c38352181bbb6d73f14df875
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
e38e49cd1dad6c4c49452de30c108d8eefc468c09d8606e2e0cb7a05aef9cac3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c81b7e98ee5ceccbc0a188e6e04f00f6b703c82e571ee95ffbf2f61e1458ac
e3d5bde7896477d3003cce0380749d3f15038d26ab9bb40d31139943cccaa7ab
f5ec84a4490a216a17b81687e86d2e8f7a87c90862089114deae0fc1985e67e8
faeb36db2842718d09309e6648090fdfe73473a79381eef1507a212682e7a69a

capital-one-march-madness-2024.prod.fooji.com Open in urlscan Pro 2600:9000:237d:ba00:1d:c286:3240:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

100 %HTTPS

75 %IPv6

9 Domains

11 Subdomains

12 IPs

2 Countries

2939 kBTransfer

4070 kBSize

3 Cookies

6 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

capital-one-march-madness-2024.prod.fooji.com Open in urlscan Pro
2600:9000:237d:ba00:1d:c286:3240:93a1 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

100 %
HTTPS

75 %
IPv6

9
Domains

11
Subdomains

12
IPs

2
Countries

2939 kB
Transfer

4070 kB
Size

3
Cookies

41 HTTP transactions
0 data transactions