www.footbein.com Open in urlscan Pro
2a00:1450:4001:81b::2013 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
Submission: On August 29 via manual (August 29th 2020, 6:13:21 pm UTC) from KW

Summary HTTP 40 Redirects Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 29 domains to perform 40 HTTP transactions. The main IP is 2a00:1450:4001:81b::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.footbein.com.

This is the only time www.footbein.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a00:1450:400... 2a00:1450:4001:81b::2013	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
3	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
1 2	2606:4700:303... 2606:4700:3034::681c:1e87	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	192.54.57.158 192.54.57.158	9009 (M247) (M247)
1	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE)
1 2	163.172.217.128 163.172.217.128	12876 (Online SAS) (Online SAS)
4	188.42.208.45 188.42.208.45	7979 (SERVERS-COM) (SERVERS-COM)
1	2a00:1450:400... 2a00:1450:4001:800::2009	15169 (GOOGLE) (GOOGLE)
1	139.45.195.107 139.45.195.107	9002 (RETN-AS) (RETN-AS)
2	2a00:1450:400... 2a00:1450:4001:817::2009	15169 (GOOGLE) (GOOGLE)
2	139.45.196.70 139.45.196.70	9002 (RETN-AS) (RETN-AS)
1	139.45.195.103 139.45.195.103	9002 (RETN-AS) (RETN-AS)
1	2a00:f820:425::3 2a00:f820:425::3	34549 (MEER-AS m...) (MEER-AS meerfarbig GmbH & Co. KG)
2	139.45.195.91 139.45.195.91	9002 (RETN-AS) (RETN-AS)
1	88.85.66.220 88.85.66.220	35415 (WEBZILLA) (WEBZILLA)
2	192.243.59.13 192.243.59.13	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	139.45.196.132 139.45.196.132	9002 (RETN-AS) (RETN-AS)
1	192.243.59.12 192.243.59.12	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	188.42.139.84 188.42.139.84	7979 (SERVERS-COM) (SERVERS-COM)
1	185.66.200.222 185.66.200.222	201702 (SKHOSTING-EU) (SKHOSTING-EU)
3	185.66.200.220 185.66.200.220	201702 (SKHOSTING-EU) (SKHOSTING-EU)
1 1	185.66.200.127 185.66.200.127	201702 (SKHOSTING-EU) (SKHOSTING-EU)
1	185.66.200.224 185.66.200.224	201702 (SKHOSTING-EU) (SKHOSTING-EU)
40	26

2 2a00:1450:4001:81b::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.footbein.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::681c:1e87 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.fontstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.54.57.158 (Amsterdam, Netherlands)

ASN9009 (M247, GB)

db.onlinewebfonts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 163.172.217.128 (Amsterdam, Netherlands) 1 redirects

ASN12876 (Online SAS, FR)
PTR: 163-172-217-128.rev.poneytelecom.eu

e.top4top.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.42.208.45 (Netherlands)

ASN7979 (SERVERS-COM, US)

promo.propellerads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.107 (Ascension Island)

ASN9002 (RETN-AS, EU)

go.oclasrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.196.70 (Ascension Island)

ASN9002 (RETN-AS, EU)

upgulpinon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.103 (Ascension Island)

ASN9002 (RETN-AS, EU)

tharbadir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:f820:425::3 (Germany)

ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE)

rf.revolvermaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.91 (Ascension Island)

ASN9002 (RETN-AS, EU)

inpagepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.85.66.220 (Netherlands)

ASN35415 (WEBZILLA, NL)

shepeekr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

uhsmmaq4l2n5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.196.132 (Ascension Island)

ASN9002 (RETN-AS, EU)

propu.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

pl15290737.passeura.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.42.139.84 (Netherlands)

ASN7979 (SERVERS-COM, US)

pl15288706.passeura.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.66.200.222 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.222.skhosting.eu

cdn-server.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.66.200.220 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)

uprimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
goraps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.66.200.127 (Slovakia) 1 redirects

ASN201702 (SKHOSTING-EU, SK)

ylx-aff.advertica-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.66.200.224 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)

yllix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	propellerads.com promo.propellerads.com	210 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com	19 KB
2	uprimp.com uprimp.com	3 KB
2	passeura.com pl15290737.passeura.com pl15288706.passeura.com
2	uhsmmaq4l2n5.com uhsmmaq4l2n5.com
2	inpagepush.com inpagepush.com	47 KB
2	upgulpinon.com upgulpinon.com	8 KB
2	blogger.com www.blogger.com	54 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	fontstatic.com 1 redirects www.fontstatic.com	887 B
2	footbein.com www.footbein.com	190 KB
1	yllix.com yllix.com	43 KB
1	advertica-cdn.com 1 redirects ylx-aff.advertica-cdn.com	348 B
1	goraps.com goraps.com	2 KB
1	cdn-server.top cdn-server.top	677 B
1	propu.sh propu.sh	13 KB
1	shepeekr.net shepeekr.net	13 KB
1	revolvermaps.com rf.revolvermaps.com	1 KB
1	tharbadir.com tharbadir.com	4 KB
1	oclasrv.com go.oclasrv.com	22 KB
1	blogblog.com resources.blogblog.com	841 B
1	top4top.io e.top4top.io	18 KB
1	top4top.net 1 redirects e.top4top.net	133 B
1	google.com adservice.google.com	168 B
1	google.de adservice.google.de	168 B
1	onlinewebfonts.com db.onlinewebfonts.com	854 B
1	googlesyndication.com pagead2.googlesyndication.com	44 KB
0	Failed function sub() { [native code] }. Failed
0	jquery.com Failed code.jquery.com Failed
40	29

	Domain	Requested by
4	promo.propellerads.com	www.footbein.com
3	maxcdn.bootstrapcdn.com	www.footbein.com
2	uprimp.com	www.footbein.com
2	uhsmmaq4l2n5.com	www.footbein.com
2	inpagepush.com	www.footbein.com
2	upgulpinon.com	www.footbein.com
2	www.blogger.com	www.footbein.com
2	fonts.googleapis.com	www.footbein.com
2	www.fontstatic.com	1 redirects www.footbein.com
2	www.footbein.com	www.footbein.com
1	yllix.com	www.footbein.com
1	ylx-aff.advertica-cdn.com	1 redirects
1	goraps.com	www.footbein.com
1	cdn-server.top	www.footbein.com
1	pl15288706.passeura.com	www.footbein.com
1	pl15290737.passeura.com	www.footbein.com
1	propu.sh	www.footbein.com
1	shepeekr.net	www.footbein.com
1	rf.revolvermaps.com	www.footbein.com
1	tharbadir.com	www.footbein.com
1	go.oclasrv.com	www.footbein.com
1	resources.blogblog.com	www.footbein.com
1	e.top4top.io	www.footbein.com
1	e.top4top.net	1 redirects
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	db.onlinewebfonts.com	www.footbein.com
1	pagead2.googlesyndication.com	www.footbein.com
0	Failed	www.footbein.com
0	code.jquery.com Failed	www.footbein.com
40	30

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-18` - `2021-08-18`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
top4top.io Let's Encrypt Authority X3	`2020-08-16` - `2020-11-14`	3 months	crt.sh
*.blogger.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
cdn-server.top Let's Encrypt Authority X3	`2020-08-04` - `2020-11-02`	3 months	crt.sh
yllix.com Sectigo RSA Domain Validation Secure Server CA	`2019-08-16` - `2021-08-15`	2 years	crt.sh

This page contains 1 frames:

Primary Page: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
Frame ID: 401C8DE29C6561B4154DFEBBE8C766E9
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

OpenGSE (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

Page Statistics

40
Requests

23 %
HTTPS

38 %
IPv6

29
Domains

30
Subdomains

26
IPs

5
Countries

771 kB
Transfer

1594 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://www.fontstatic.com/f=bein-normal HTTP 301
https://www.fontstatic.com/f=bein-normal

Request Chain 12

https://e.top4top.net/p_9021e69s1.png HTTP 301
https://e.top4top.io/p_9021e69s1.png

Request Chain 35

http://ylx-aff.advertica-cdn.com/pub_7nc2s6.png HTTP 301
https://yllix.com/images/aff/pub_7nc2s6.png

40 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request blog-post_70.html Show response
www.footbein.com/2020/08/ 579 KB
188 KB 432ms
412ms Document
text/html 2a00:1450:4001:81b::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding

Protocol

HTTP/1.1

Server

2a00:1450:4001:81b::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

742bff65988328136dd3504bf73565b4c007c6025555cde949059e08d7a0b6cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.footbein.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/html; charset=UTF-8
Expires: Sat, 29 Aug 2020 18:12:46 GMT
Date: Sat, 29 Aug 2020 18:12:46 GMT
Cache-Control: private, max-age=0
Last-Modified: Sat, 29 Aug 2020 15:18:50 GMT
ETag: W/"476430215117992f25dd46496d9222f0f4a249390befd6e01c1c979a5beb04f7"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 191840
Server: GSE

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 126 KB
44 KB 29ms
21ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.footbein.com
URL: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3cc3d4e9d09e8b001ee014c36ce948a2646d407e8ecf49b07a315060769134a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Sat, 29 Aug 2020 18:12:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 15476532164680559219
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 44783
X-XSS-Protection: 0
Expires: Sat, 29 Aug 2020 18:12:46 GMT

GET
H/1.1 200
OK font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/ 21 KB
5 KB 14ms
7ms Stylesheet
text/css 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

http://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css

Requested by

Host: www.footbein.com
URL: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding

Protocol

HTTP/1.1

Server

2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 29 Aug 2020 18:12:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 12 Dec 2018 18:35:19 GMT
ETag: "1544639719"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
cache-control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 5041

GET
H2

200

f=bein-normal
www.fontstatic.com/
Redirect Chain

http://www.fontstatic.com/f=bein-normal
https://www.fontstatic.com/f=bein-normal

253 B
521 B

67ms
51ms

Stylesheet
text/css

2606:4700:3034::681c:1e87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fontstatic.com/f=bein-normal
Requested by: Host: www.footbein.com
URL: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:1e87 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 409c25ba8625573bb28e55a72e2a1c08d3dc77642228cab70c561c3bc1fbfcb4

Request headers

Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Aug 2020 18:12:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: MISS
content-type: text/css; charset=UTF-8
status: 200
cf-ray: 5ca83e017b5096b0-FRA
cf-request-id: 04dd0514ef000096b02f0ee200000001
x-proxy-cache: MISS

Redirect headers

Date: Sat, 29 Aug 2020 18:12:46 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://www.fontstatic.com/f=bein-normal
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5ca83e014e663250-FRA
cf-request-id: 04dd0514ce000032500a8a8200000001
Expires: Sat, 29 Aug 2020 19:12:46 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 12 KB
2 KB 22ms
15ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=PT+Serif:400,700,400normal,700normal|Roboto:400,500|Open+Sans:400,700,700normal,400normal

Requested by

Host: www.footbein.com
URL: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

186355a32462c2dbd99742d256b75504dc0946e1cb028669fd7881e0a8a11763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 29 Aug 2020 18:12:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sat, 29 Aug 2020 18:12:46 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Sat, 29 Aug 2020 18:12:46 GMT

GET
H/1.1 200
OK font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 26 KB
6 KB 20ms
6ms Stylesheet
text/css 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

http://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Requested by

Host: www.footbein.com
URL: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding

Protocol

HTTP/1.1

Server

2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 29 Aug 2020 18:12:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 12 Dec 2018 18:35:19 GMT
ETag: "1544639719"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
cache-control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 6079

GET
H/1.1 200
OK notonaskharabic.css
fonts.googleapis.com/earlyaccess/ 1 KB
687 B 21ms
14ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/earlyaccess/notonaskharabic.css?ver=4.5.2

Requested by

Host: www.footbein.com
URL: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb75e66c87398c07afdb37c8a22e06974a646a57d875351737a9a4c614eeb5b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 29 Aug 2020 18:12:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400
Transfer-Encoding: chunked
Timing-Allow-Origin: *
X-XSS-Protection: 0
Expires: Sat, 29 Aug 2020 18:12:46 GMT

GET
H/1.1 200
OK f6e895d8c1d12739e54a0ca9df6903d5
db.onlinewebfonts.com/c/ 1 KB
854 B 103ms
87ms Stylesheet
text/css 192.54.57.158
M247

General

Check archive.org

Show headers Download Go to

Full URL: http://db.onlinewebfonts.com/c/f6e895d8c1d12739e54a0ca9df6903d5?family=NeoSansArabic
Requested by: Host: www.footbein.com
URL: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
Protocol: HTTP/1.1
Server: 192.54.57.158 Amsterdam, Netherlands, ASN9009 (M247, GB),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 6bc7a5c735f46218e169613714643265a5e1e36547163d89e96e043a1a6f53f4

Request headers

Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 29 Aug 2020 18:12:08 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.4.45
Vary: Accept-Encoding, Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=86400,must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 16ms
16ms Script
application/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.footbein.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 29 Aug 2020 18:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 14ms
14ms Script
application/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.footbein.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 29 Aug 2020 18:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H/1.1 200
OK font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 6ms
6ms Stylesheet
text/css 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

http://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.footbein.com
URL: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding

Protocol

HTTP/1.1

Server

2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 29 Aug 2020 18:12:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 12 Dec 2018 18:35:20 GMT
ETag: "1544639720"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
cache-control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 7050

GET jquery-1.10.2.min.js
code.jquery.com/ 0
0

GET
DATA 200
OK truncated
/ 75 KB
75 KB Font
font/ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 557f5b1dc95defcee390e4aa0b8d0303fa94f4ca007e0006e874c11c47b56bed

Request headers

Origin: http://www.footbein.com
Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: font/ttf

GET
H2

200

p_9021e69s1.png
e.top4top.io/
Redirect Chain

https://e.top4top.net/p_9021e69s1.png
https://e.top4top.io/p_9021e69s1.png

18 KB
18 KB

30ms
27ms

Image
image/png

163.172.217.128
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://e.top4top.io/p_9021e69s1.png

Requested by

Host: www.footbein.com
URL: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

163.172.217.128 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),

Reverse DNS

163-172-217-128.rev.poneytelecom.eu

Software

nginx /

Resource Hash

9bb4ade306fe29983e66e31c616320355b4328f334d4878904b0e0c45e09d2b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-file-id: x23395504x
date: Sat, 29 Aug 2020 18:12:46 GMT
last-modified: Thu, 21 Jun 2018 16:37:52 GMT
server: nginx
etag: "5b2bd460-4620"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/png
status: 200
cache-control: max-age=7200
content-disposition: inline; filename="Image-1508090185129.png"
accept-ranges: bytes
content-length: 17952
expires: Sat, 29 Aug 2020 20:12:46 GMT

Redirect headers

status: 301
date: Sat, 29 Aug 2020 18:12:46 GMT
server: nginx
location: https://e.top4top.io/p_9021e69s1.png
content-length: 162
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: text/html

GET
H/1.1 200
OK 728x90-popads_1.gif
promo.propellerads.com/ 70 KB
70 KB 187ms
31ms Image
image/gif 188.42.208.45
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://promo.propellerads.com/728x90-popads_1.gif
Requested by: Host: www.footbein.com
URL: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
Protocol: HTTP/1.1
Server: 188.42.208.45 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: f5c514f9d1ca9fa4af748367a69609c7429aa45d608ffe113056e70e08a8d45a

Request headers

Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 29 Aug 2020 18:12:47 GMT
Last-Modified: Mon, 12 Oct 2015 11:18:29 GMT
Server: nginx
Etag: "7ad58eebde26ae7b416792126d768a61"
Content-Type: image/gif
X-Timestamp: 1444648708.86613
X-Object-Meta-Mtime: 1444648600.621900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 71707
X-Trans-Id: txdca3087fb9a24df0a4445-005f4a9a9f

GET
H2 200 icon18_wrench_allbkg.png
resources.blogblog.com/img/ 475 B
841 B 26ms
5ms Image
image/png 2a00:1450:4001:800::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

Requested by

Host: www.footbein.com
URL: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 26 Aug 2020 04:55:19 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 Aug 2020 10:23:10 GMT
server: sffe
age: 307048
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 475
x-xss-protection: 0
expires: Wed, 02 Sep 2020 04:55:19 GMT

GET
H/1.1 200
OK 468x60_03.jpg
promo.propellerads.com/ 30 KB
30 KB 189ms
33ms Image
image/jpeg 188.42.208.45
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://promo.propellerads.com/468x60_03.jpg
Requested by: Host: www.footbein.com
URL: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
Protocol: HTTP/1.1
Server: 188.42.208.45 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 9e526cbdedb12acb4c73cf4b34909cc0e578fd6a5744fa4707ab70303a438c36

Request headers

Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 29 Aug 2020 18:12:47 GMT
Last-Modified: Mon, 09 Jun 2014 12:42:17 GMT
Server: nginx
Etag: "a0c89f52e744d0c7a0f67ef2349adca9"
Content-Type: image/jpeg
X-Timestamp: 1402317736.11871
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30775
X-Trans-Id: tx787afa372e4d426dbf700-005f4a9a9f

GET
H/1.1 200
OK apu.php Show response
go.oclasrv.com/ 60 KB
22 KB 295ms
28ms Script
application/javascript 139.45.195.107
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://go.oclasrv.com/apu.php?zoneid=1685910

Requested by

Host: www.footbein.com
URL: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding

Protocol

HTTP/1.1

Server

139.45.195.107 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

c2b2cec5704d5ca0e6e514913020490ee01313b275cfd5130252001fb75223bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 29 Aug 2020 18:12:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: c8b4614d3e9a0b695faf902f16306bfd
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 206467671-comment_from_post_iframe.js Show response
www.blogger.com/static/v1/jsbin/ 13 KB
5 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:817::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/jsbin/206467671-comment_from_post_iframe.js

Requested by

Host: www.footbein.com
URL: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22493d01ca38115b6e48be56e21cefe1bbe7bc19d785ae2780f6ff87b33a099c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 25 Aug 2020 00:37:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Aug 2020 06:19:31 GMT
server: sffe
age: 408945
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5093
x-xss-protection: 0
expires: Wed, 25 Aug 2021 00:37:02 GMT

GET
H/1.1 200
OK 1 Show response
upgulpinon.com/ 7 KB
4 KB 61ms
39ms Script
text/javascript 139.45.196.70
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://upgulpinon.com/1?z=3537596
Requested by: Host: www.footbein.com
URL: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
Protocol: HTTP/1.1
Server: 139.45.196.70 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash: 0694a46d40be5c2fe53710d2cff087832ccb5085b0f63abe88756bfa11694cd0

Request headers

Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 29 Aug 2020 18:12:47 GMT
Content-Encoding: gzip
X-Sc: GFY5OiWJHNxEN1wvbcDSYvfFXuoznr00o82G-hG-Sd28SDIZgkG3u3lob5hDd4gB82nb626UmnSOnRUAaaLsWr-DbhQ=
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/javascript
Access-Control-Allow-Origin
Access-Control-Expose-Headers: X-Sc
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 2 Show response
tharbadir.com/ 7 KB
4 KB 64ms
46ms Script
text/javascript 139.45.195.103
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tharbadir.com/2?z=2729670
Requested by: Host: www.footbein.com
URL: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
Protocol: HTTP/1.1
Server: 139.45.195.103 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash: 30cfc602ef510fc39744d05c78bd0aeec9fbcd75fcce29598a018583d41342df

Request headers

Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 29 Aug 2020 18:12:47 GMT
Content-Encoding: gzip
X-Sc: jYadOgCtn1O23LKOc0ATw4NEgZzrTXosaw8Gb_dnkDDCfZw4voZv5A_5nNff9_z-tXXHDZMLDyj1ro4GsM1UlnwfLEU=
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/javascript
Access-Control-Allow-Origin
Access-Control-Expose-Headers: X-Sc
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 300x250_01.jpg
promo.propellerads.com/ 39 KB
39 KB 143ms
30ms Image
image/jpeg 188.42.208.45
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://promo.propellerads.com/300x250_01.jpg
Requested by: Host: www.footbein.com
URL: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
Protocol: HTTP/1.1
Server: 188.42.208.45 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 958f061b2a4b28f6008875eec0a45416b833b77919d8d56ffd8a5db5ede52406

Request headers

Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 29 Aug 2020 18:12:47 GMT
Last-Modified: Mon, 09 Jun 2014 12:42:16 GMT
Server: nginx
Etag: "1b4fbba2b6dcd27ea742922ba5a50bc5"
Content-Type: image/jpeg
X-Timestamp: 1402317735.05398
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 39469
X-Trans-Id: tx43289cb94cde478496707-005f4a9a9f

GET
H/1.1 200
OK 300x250-popads_1.gif
promo.propellerads.com/ 70 KB
70 KB 143ms
30ms Image
image/gif 188.42.208.45
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://promo.propellerads.com/300x250-popads_1.gif
Requested by: Host: www.footbein.com
URL: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
Protocol: HTTP/1.1
Server: 188.42.208.45 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: c843f940317ffebe66bee20a77bb4ee15149bf04cc15df60fd75acd81a1ba54d

Request headers

Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 29 Aug 2020 18:12:47 GMT
Last-Modified: Mon, 12 Oct 2015 11:18:29 GMT
Server: nginx
Etag: "ebb47bc1ab9717dbc36610eda88b9f2f"
Content-Type: image/gif
X-Timestamp: 1444648708.85916
X-Object-Meta-Mtime: 1444648600.255899
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 71409
X-Trans-Id: tx090eff6cb05a41ac820b5-005f4a9a9f

GET
H/1.1 200
OK 6.js Show response
rf.revolvermaps.com/0/0/ 2 KB
1 KB 16ms
6ms Script
application/javascript 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to

Full URL: http://rf.revolvermaps.com/0/0/6.js?i=5scylgfchnj&m=0&c=ff0000&cr1=ffffff&f=arial&l=1
Requested by: Host: www.footbein.com
URL: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
Protocol: HTTP/1.1
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: 4eb36b4ee54c1737b5489d7b05d3c88a9914c5828fbb7bb358165cee347437e8

Request headers

Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 29 Aug 2020 18:12:47 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Jun 2017 15:59:45 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=4, max=100
Content-Length: 975

GET
H/1.1 200
OK 1 Show response
upgulpinon.com/ 7 KB
4 KB 38ms
24ms Script
text/javascript 139.45.196.70
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://upgulpinon.com/1?z=3526564
Requested by: Host: www.footbein.com
URL: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
Protocol: HTTP/1.1
Server: 139.45.196.70 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash: 17d8e51c78f197e8e8a9a87366076a08ee8f57a56814ffe52576abd5dfb250ae

Request headers

Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 29 Aug 2020 18:12:47 GMT
Content-Encoding: gzip
X-Sc: s6tc7HfyGg1OAHoFiSzAnmYkvhgeXCOkQddJm8XwS5TB1PudixUB3m0GjINZ9z_3gA40NViONVVNFwX7hnc6acwSJzA=
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/javascript
Access-Control-Allow-Origin
Access-Control-Expose-Headers: X-Sc
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 3537584 Show response
inpagepush.com/400/ 65 KB
24 KB 57ms
42ms Script
application/javascript 139.45.195.91
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://inpagepush.com/400/3537584

Requested by

Host: www.footbein.com
URL: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding

Protocol

HTTP/1.1

Server

139.45.195.91 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

d5e6ef2bf7168e7dbb6e655e1bf67c44e1bba278df54c638514cbfa2849ffc08

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 5d59edde362d3fc9eb876da7b9868faf
Pragma: no-cache
Date: Sat, 29 Aug 2020 18:12:47 GMT
Content-Encoding: gzip
Vary: Origin
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK ntfc.php Show response
shepeekr.net/ 41 KB
13 KB 39ms
23ms Script
application/javascript 88.85.66.220
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://shepeekr.net/ntfc.php?p=3537588
Requested by: Host: www.footbein.com
URL: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
Protocol: HTTP/1.1
Server: 88.85.66.220 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: c3fd562e9147596f9841249cdda9cf272cb2fc584fcbc739453b3beedcef73e7

Request headers

Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 29 Aug 2020 18:12:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 26 Aug 2020 12:10:34 GMT
Server: nginx
ETag: W/"5f46513a-a5ff"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK 3306075 Show response
inpagepush.com/400/ 65 KB
24 KB 42ms
27ms Script
application/javascript 139.45.195.91
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://inpagepush.com/400/3306075

Requested by

Host: www.footbein.com
URL: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding

Protocol

HTTP/1.1

Server

139.45.195.91 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

e7dd29c16b0f56985ed6efc224a44f0d39de38ed042f908b08db583cc3e5080a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 8204ed2cccdf4e6ef83408a418ee9988
Pragma: no-cache
Date: Sat, 29 Aug 2020 18:12:47 GMT
Content-Encoding: gzip
Vary: Origin
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 403
Forbidden 9e8f000c75226ef8420e6c96e254c72b.js
uhsmmaq4l2n5.com/9e/8f/00/ 0
0 236ms
207ms Script
application/javascript 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://uhsmmaq4l2n5.com/9e/8f/00/9e8f000c75226ef8420e6c96e254c72b.js
Requested by: Host: www.footbein.com
URL: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
Protocol: HTTP/1.1
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 29 Aug 2020 18:12:47 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET http://%20uhsmmaq4l2n5.com/e998702c22c44610ad0230df771ddbbe/invoke.js
http://%20uhsmmaq4l2n5.com/e998702c22c44610ad0230df771ddbbe/invoke.js 0
0

GET
H/1.1 200
OK ntfc.php Show response
propu.sh/ 41 KB
13 KB 44ms
23ms Script
application/javascript 139.45.196.132
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://propu.sh/ntfc.php?p=3071169
Requested by: Host: www.footbein.com
URL: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
Protocol: HTTP/1.1
Server: 139.45.196.132 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash: c3fd562e9147596f9841249cdda9cf272cb2fc584fcbc739453b3beedcef73e7

Request headers

Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 29 Aug 2020 18:12:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 26 Aug 2020 12:10:34 GMT
Server: nginx
ETag: W/"5f46513a-a5ff"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 403
Forbidden invoke.js
pl15290737.passeura.com/e998702c22c44610ad0230df771ddbbe/ 0
0 238ms
209ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pl15290737.passeura.com/e998702c22c44610ad0230df771ddbbe/invoke.js
Requested by: Host: www.footbein.com
URL: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
Protocol: HTTP/1.1
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 29 Aug 2020 18:12:47 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 403
Forbidden a0486207fbe4d69db54be0f5ff70c2df.js
pl15288706.passeura.com/a0/48/62/ 0
0 57ms
28ms Script
application/javascript 188.42.139.84
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: http://pl15288706.passeura.com/a0/48/62/a0486207fbe4d69db54be0f5ff70c2df.js
Requested by: Host: www.footbein.com
URL: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
Protocol: HTTP/1.1
Server: 188.42.139.84 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 29 Aug 2020 18:12:47 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 wl.js Show response
cdn-server.top/p/ 380 B
677 B 404ms
236ms Script
application/javascript 185.66.200.222
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-server.top/p/wl.js?pub=421766&ga=g
Requested by: Host: www.footbein.com
URL: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.222 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.222.skhosting.eu
Software: nginx /
Resource Hash: efbe71bc468ea41eba4e28e08ab8b7386afc20092d9d6ea75ad7cf59d94992cc

Request headers

Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: cache
date: Sat, 29 Aug 2020 18:12:47 GMT
server: nginx
content-type: application/javascript
status: 200
cache-control: max-age=3600
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: Sat, 29 Aug 2020 19:12:47 GMT

GET
H/1.1 200
OK slider.php Show response
uprimp.com/ 2 KB
2 KB 170ms
154ms Script
application/javascript 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: http://uprimp.com/slider.php?section=General&pub=421766&ga=g&side=random
Requested by: Host: www.footbein.com
URL: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
Protocol: HTTP/1.1
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: 52be515ab3452055fa0413f1c5d0c0249c04e8bc5107a916bbcfac8155a23d62

Request headers

Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 29 Aug 2020 18:12:47 GMT
Last-Modified: Sat, 29 Aug 2020 18:12:47 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet
Expires: Sat, 29 Aug 2020 18:12:47 GMT

GET
H/1.1 200
OK pup.php Show response
goraps.com/ 1 KB
2 KB 160ms
145ms Script
application/javascript 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: http://goraps.com/pup.php?section=General&pt=2&pub=421766&ga=g
Requested by: Host: www.footbein.com
URL: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
Protocol: HTTP/1.1
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: 61e208370a2e0e4186dcf7301d6725aac7a85517373fbecb31da86de08b94549

Request headers

Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 29 Aug 2020 18:12:47 GMT
Last-Modified: Sat, 29 Aug 2020 18:12:47 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet
Expires: Sat, 29 Aug 2020 18:12:47 GMT

GET
H2

200

pub_7nc2s6.png
yllix.com/images/aff/
Redirect Chain

http://ylx-aff.advertica-cdn.com/pub_7nc2s6.png
https://yllix.com/images/aff/pub_7nc2s6.png

43 KB
43 KB

236ms
77ms

Image
image/png

185.66.200.224
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yllix.com/images/aff/pub_7nc2s6.png

Requested by

Host: www.footbein.com
URL: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.66.200.224 , Slovakia, ASN201702 (SKHOSTING-EU, SK),

Reverse DNS

Software

nginx /

Resource Hash

6166289230e2524221332de0a4bc4c1b20dbc41ab6a409d892531a17331ac3ba

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 29 Aug 2020 18:12:47 GMT
last-modified: Tue, 29 Nov 2016 11:35:56 GMT
server: nginx
etag: "583d681c-ab2c"
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 43820
expires: Mon, 28 Sep 2020 18:12:47 GMT

Redirect headers

Date: Sat, 29 Aug 2020 18:12:47 GMT
Server: nginx
Location: https://yllix.com/images/aff/pub_7nc2s6.png
X-Cache: MISS
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
X-Server: cdnbts
Connection: keep-alive
Content-Length: 162
Expires: Mon, 28 Sep 2020 18:12:47 GMT

GET
H/1.1 200
OK bnr.php Show response
uprimp.com/ 373 B
794 B 160ms
146ms Script
application/javascript 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: http://uprimp.com/bnr.php?section=General&pub=421766&format=300x250&ga=g
Requested by: Host: www.footbein.com
URL: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
Protocol: HTTP/1.1
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
Software: nginx /
Resource Hash: 983425cc05973cd5596f6993fbeb991a5a7b09d0d4de377c3e62bd9d5cc4ec89

Request headers

Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 29 Aug 2020 18:12:47 GMT
Last-Modified: Sat, 29 Aug 2020 18:12:47 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet
Expires: Sat, 29 Aug 2020 18:12:47 GMT

GET
H/1.1 403
Forbidden a0486207fbe4d69db54be0f5ff70c2df.js
uhsmmaq4l2n5.com/a0/48/62/ 0
0 220ms
205ms Script
application/javascript 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://uhsmmaq4l2n5.com/a0/48/62/a0486207fbe4d69db54be0f5ff70c2df.js
Requested by: Host: www.footbein.com
URL: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
Protocol: HTTP/1.1
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 29 Aug 2020 18:12:47 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK cookienotice.js Show response
www.footbein.com/js/ 6 KB
2 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81b::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.footbein.com/js/cookienotice.js

Requested by

Host: www.footbein.com
URL: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding

Protocol

HTTP/1.1

Server

2a00:1450:4001:81b::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 26 Aug 2020 19:35:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 26 Aug 2020 18:35:44 GMT
Server: sffe
Age: 254259
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Content-Length: 2026
X-XSS-Protection: 0
Expires: Wed, 02 Sep 2020 19:35:08 GMT

GET
H3-Q050 200 3558192218-widgets.js Show response
www.blogger.com/static/v1/widgets/ 133 KB
49 KB 28ms
13ms Script
text/javascript 2a00:1450:4001:817::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3558192218-widgets.js

Requested by

Host: www.footbein.com
URL: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

169d588ce277b1ca8dad16f3edad044e4dd337f97b17414f63fdb27a41ecd1b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.footbein.com/2020/08/blog-post_70.html?m=1::~~Accept-Encoding
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 12:06:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Aug 2020 09:12:44 GMT
server: sffe
age: 453997
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49510
x-xss-protection: 0
expires: Tue, 24 Aug 2021 12:06:10 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: code.jquery.com
URL: http://code.jquery.com/jquery-1.10.2.min.js

Domain
URL: http://%20uhsmmaq4l2n5.com/e998702c22c44610ad0230df771ddbbe/invoke.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.


adservice.google.com
adservice.google.de
cdn-server.top
code.jquery.com
db.onlinewebfonts.com
e.top4top.io
e.top4top.net
fonts.googleapis.com
go.oclasrv.com
goraps.com
inpagepush.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
pl15288706.passeura.com
pl15290737.passeura.com
promo.propellerads.com
propu.sh
resources.blogblog.com
rf.revolvermaps.com
shepeekr.net
tharbadir.com
uhsmmaq4l2n5.com
upgulpinon.com
uprimp.com
www.blogger.com
www.fontstatic.com
www.footbein.com
yllix.com
ylx-aff.advertica-cdn.com

code.jquery.com
139.45.195.103
139.45.195.107
139.45.195.91
139.45.196.132
139.45.196.70
163.172.217.128
185.66.200.127
185.66.200.220
185.66.200.222
185.66.200.224
188.42.139.84
188.42.208.45
192.243.59.12
192.243.59.13
192.54.57.158
2001:4de0:ac19::1:b:3a
2606:4700:3034::681c:1e87
2a00:1450:4001:800::2009
2a00:1450:4001:806::200a
2a00:1450:4001:817::2009
2a00:1450:4001:81b::2013
2a00:1450:4001:81d::2002
2a00:1450:4001:820::2002
2a00:1450:4001:824::2002
2a00:f820:425::3
88.85.66.220
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0694a46d40be5c2fe53710d2cff087832ccb5085b0f63abe88756bfa11694cd0
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
169d588ce277b1ca8dad16f3edad044e4dd337f97b17414f63fdb27a41ecd1b8
17d8e51c78f197e8e8a9a87366076a08ee8f57a56814ffe52576abd5dfb250ae
186355a32462c2dbd99742d256b75504dc0946e1cb028669fd7881e0a8a11763
22493d01ca38115b6e48be56e21cefe1bbe7bc19d785ae2780f6ff87b33a099c
30cfc602ef510fc39744d05c78bd0aeec9fbcd75fcce29598a018583d41342df
409c25ba8625573bb28e55a72e2a1c08d3dc77642228cab70c561c3bc1fbfcb4
4eb36b4ee54c1737b5489d7b05d3c88a9914c5828fbb7bb358165cee347437e8
52be515ab3452055fa0413f1c5d0c0249c04e8bc5107a916bbcfac8155a23d62
557f5b1dc95defcee390e4aa0b8d0303fa94f4ca007e0006e874c11c47b56bed
6166289230e2524221332de0a4bc4c1b20dbc41ab6a409d892531a17331ac3ba
61e208370a2e0e4186dcf7301d6725aac7a85517373fbecb31da86de08b94549
6bc7a5c735f46218e169613714643265a5e1e36547163d89e96e043a1a6f53f4
742bff65988328136dd3504bf73565b4c007c6025555cde949059e08d7a0b6cb
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
958f061b2a4b28f6008875eec0a45416b833b77919d8d56ffd8a5db5ede52406
983425cc05973cd5596f6993fbeb991a5a7b09d0d4de377c3e62bd9d5cc4ec89
9bb4ade306fe29983e66e31c616320355b4328f334d4878904b0e0c45e09d2b0
9e526cbdedb12acb4c73cf4b34909cc0e578fd6a5744fa4707ab70303a438c36
c2b2cec5704d5ca0e6e514913020490ee01313b275cfd5130252001fb75223bf
c3fd562e9147596f9841249cdda9cf272cb2fc584fcbc739453b3beedcef73e7
c843f940317ffebe66bee20a77bb4ee15149bf04cc15df60fd75acd81a1ba54d
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
d3cc3d4e9d09e8b001ee014c36ce948a2646d407e8ecf49b07a315060769134a
d5e6ef2bf7168e7dbb6e655e1bf67c44e1bba278df54c638514cbfa2849ffc08
e7dd29c16b0f56985ed6efc224a44f0d39de38ed042f908b08db583cc3e5080a
efbe71bc468ea41eba4e28e08ab8b7386afc20092d9d6ea75ad7cf59d94992cc
f5c514f9d1ca9fa4af748367a69609c7429aa45d608ffe113056e70e08a8d45a
fb75e66c87398c07afdb37c8a22e06974a646a57d875351737a9a4c614eeb5b7

www.footbein.com Open in urlscan Pro 2a00:1450:4001:81b::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

40 Requests

23 %HTTPS

38 %IPv6

29 Domains

30 Subdomains

26 IPs

5 Countries

771 kBTransfer

1594 kBSize

0 Cookies

0 Outgoing links

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.footbein.com Open in urlscan Pro
2a00:1450:4001:81b::2013 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

23 %
HTTPS

38 %
IPv6

29
Domains

30
Subdomains

26
IPs

5
Countries

771 kB
Transfer

1594 kB
Size

0
Cookies

40 HTTP transactions
1 data transactions