GET
H2
|
200
|
rpmtapq-omoyxym-imqgirz
Show response
www.fifa.com/
|
4 KB
6 KB
|
263ms
106ms
|
Document
text/html |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/rpmtapq-omoyxym-imqgirz?s_uid=556402247
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (amb/6B15) /
- Resource Hash
- 4a9ec9a1a3d95aaa58785161c1927b1b3e8490599e5b7685c57709acdc5beefd
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-interest-page-qa-app.azurewebsites.net/ https://fifa-interest-page-prd-app.azurewebsites.net/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
noto-sans-700.5f31d84a47d8ffc9c07f.woff2
www.fifa.com/static/media/
|
152 KB
156 KB
|
48ms
46ms
|
Font
font/woff2 |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/static/media/noto-sans-700.5f31d84a47d8ffc9c07f.woff2
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/rpmtapq-omoyxym-imqgirz?s_uid=556402247
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (frc/4C83) /
- Resource Hash
- 6a2f4003a98a3d8b367702823291c5e43078623288deff831d9d83c8f2db9b16
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-interest-page-qa-app.azurewebsites.net/ https://fifa-interest-page-prd-app.azurewebsites.net/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
noto-sans-italic.ac006f14f6d49286b3e8.woff2
www.fifa.com/static/media/
|
116 KB
121 KB
|
48ms
45ms
|
Font
font/woff2 |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/static/media/noto-sans-italic.ac006f14f6d49286b3e8.woff2
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/rpmtapq-omoyxym-imqgirz?s_uid=556402247
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (frc/4CC9) /
- Resource Hash
- a954c0a79c10d3b1bc92da8061a74c4bf99ade39a5f0b385de63e14e569a23db
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-interest-page-qa-app.azurewebsites.net/ https://fifa-interest-page-prd-app.azurewebsites.net/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
noto-sans-regular.bfa96228235216443a93.woff2
www.fifa.com/static/media/
|
153 KB
158 KB
|
47ms
44ms
|
Font
font/woff2 |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/static/media/noto-sans-regular.bfa96228235216443a93.woff2
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/rpmtapq-omoyxym-imqgirz?s_uid=556402247
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (frc/4CAA) /
- Resource Hash
- 16bb3d8fb5c371c9e4fa6b5f313c0a5e2edd911c0ce6d0f9c3cee01e9560a2b3
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-interest-page-qa-app.azurewebsites.net/ https://fifa-interest-page-prd-app.azurewebsites.net/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
poppins-500.323014b9ce03a905066b.woff2
www.fifa.com/static/media/
|
48 KB
52 KB
|
201ms
198ms
|
Font
font/woff2 |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/static/media/poppins-500.323014b9ce03a905066b.woff2
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/rpmtapq-omoyxym-imqgirz?s_uid=556402247
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (frc/4C87) /
- Resource Hash
- c293b3aeb4898d08cc511c812408a728d6c707c464078342d9af91adcb3adc8a
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-interest-page-qa-app.azurewebsites.net/ https://fifa-interest-page-prd-app.azurewebsites.net/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
poppins-600.427f703758de281bb306.woff2
www.fifa.com/static/media/
|
49 KB
53 KB
|
201ms
199ms
|
Font
font/woff2 |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/static/media/poppins-600.427f703758de281bb306.woff2
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/rpmtapq-omoyxym-imqgirz?s_uid=556402247
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (frc/4CF7) /
- Resource Hash
- f9947515ada0af97c9f138a55bf4b733905d3cd11010e806a501c32d20b18ecb
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-interest-page-qa-app.azurewebsites.net/ https://fifa-interest-page-prd-app.azurewebsites.net/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
poppins-italic.c232e61555ffdea495db.woff2
www.fifa.com/static/media/
|
56 KB
60 KB
|
202ms
200ms
|
Font
font/woff2 |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/static/media/poppins-italic.c232e61555ffdea495db.woff2
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/rpmtapq-omoyxym-imqgirz?s_uid=556402247
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (frc/4CBF) /
- Resource Hash
- 48eb74a45169ea3d83367b03ba9fcfaa84db06cc587da680c6e9b864a15b4e5b
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-interest-page-qa-app.azurewebsites.net/ https://fifa-interest-page-prd-app.azurewebsites.net/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
poppins-regular.80ad975e8fb5131f927c.woff2
www.fifa.com/static/media/
|
49 KB
53 KB
|
203ms
201ms
|
Font
font/woff2 |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/static/media/poppins-regular.80ad975e8fb5131f927c.woff2
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/rpmtapq-omoyxym-imqgirz?s_uid=556402247
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (frc/4CB9) /
- Resource Hash
- bca0cbef4d9a1480419d2e87f92f86f2b04237f91c1a36800ff4929370b931a4
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-interest-page-qa-app.azurewebsites.net/ https://fifa-interest-page-prd-app.azurewebsites.net/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
launch-ENf264c4ce0fad4ce4bf7503fd7be51245.min.js
Show response
assets.adobedtm.com/7db34e84caae/759763b5faef/
|
344 KB
92 KB
|
147ms
41ms
|
Script
application/x-javascript |
2a02:26f0:480:98f::1e80
AKAMAI-ASN1
|
|
|
GET
H2
|
200
|
main.bundle.js
Show response
play.fifa.com/components/
|
129 KB
43 KB
|
203ms
185ms
|
Script
application/javascript |
152.199.19.82
EDGECAST
|
|
|
GET
H2
|
200
|
OtAutoBlock.js
Show response
cdn.cookielaw.org/consent/996debe1-708b-4ebc-95c8-5b7ee0d77d76/
|
140 KB
17 KB
|
160ms
72ms
|
Script
application/x-javascript |
2606:4700::6813:b234
CLOUDFLARENET
|
|
General
- Full URL
- https://cdn.cookielaw.org/consent/996debe1-708b-4ebc-95c8-5b7ee0d77d76/OtAutoBlock.js
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/rpmtapq-omoyxym-imqgirz?s_uid=556402247
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700::6813:b234
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- c85082bdf7f65c12bc734139c95a14b1a61778437d527b5097f0b025c1466c6c
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
otSDKStub.js
Show response
cdn.cookielaw.org/scripttemplates/
|
21 KB
7 KB
|
143ms
56ms
|
Script
application/javascript |
2606:4700::6813:b234
CLOUDFLARENET
|
|
General
- Full URL
- https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/rpmtapq-omoyxym-imqgirz?s_uid=556402247
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700::6813:b234
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- fdfea52427fb822bebdd32b325768e73b40637bd203c100827d4dece88e431c3
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
|
70 B
237 B
|
153ms
64ms
|
Other
text/javascript |
2606:4700:4400::6812:2089
CLOUDFLARENET
|
|
|
GET
H3
|
200
|
pdf.worker.min.js
Show response
cdnjs.cloudflare.com/ajax/libs/pdf.js/3.11.174/
|
1 MB
229 KB
|
99ms
53ms
|
Script
application/javascript |
104.17.25.14
CLOUDFLARENET
|
|
General
- Full URL
- https://cdnjs.cloudflare.com/ajax/libs/pdf.js/3.11.174/pdf.worker.min.js
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/rpmtapq-omoyxym-imqgirz?s_uid=556402247
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
104.17.25.14
-, ,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- feabdf309770ed24bba31a5467836cdc8cf639c705af27d52b585b041bb8527b
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=15780000 |
X-Content-Type-Options |
nosniff |
|
GET
|
|
conviva-4.0.12.js
cdn.theoplayer.com/conviva/
|
0
0
|
|
|
|
|
|
GET
H2
|
200
|
themePalette
cxm-api.fifa.com/fifaplusweb/api/
|
41 KB
3 KB
|
224ms
57ms
|
Other
application/json |
68.232.34.143
EDGECAST
|
|
General
- Full URL
- https://cxm-api.fifa.com/fifaplusweb/api/themePalette
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/rpmtapq-omoyxym-imqgirz?s_uid=556402247
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
68.232.34.143
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (frb/67D8) /
- Resource Hash
- 08315b37d81ba79c8c9aed8fcba2e94bd32a31936a738e6df91807c3b5dac14b
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubDomains, max-age=63072000; includeSubDomains |
X-Content-Type-Options |
nosniff, nosniff |
X-Frame-Options |
sameorigin, sameorigin |
X-Xss-Protection |
1; mode=block, 1; mode=block |
|
GET
H2
|
200
|
main.08a90946.js
Show response
www.fifa.com/static/js/
|
1 MB
358 KB
|
69ms
69ms
|
Script
application/javascript |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/static/js/main.08a90946.js
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/rpmtapq-omoyxym-imqgirz?s_uid=556402247
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (frc/4C87) /
- Resource Hash
- 4365c26d3915a6bdfcaf0ea76c6d0cc2be7d50bdcedbe114352b1ade13880370
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-interest-page-qa-app.azurewebsites.net/ https://fifa-interest-page-prd-app.azurewebsites.net/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
main.a77da6d6.css
www.fifa.com/static/css/
|
804 KB
125 KB
|
201ms
200ms
|
Stylesheet
text/css |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/static/css/main.a77da6d6.css
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/rpmtapq-omoyxym-imqgirz?s_uid=556402247
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (frc/4C92) /
- Resource Hash
- 769ae378c495f1d9a455b8802ca968f38296ad43ad5d6ae828c84d813d20e517
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-interest-page-qa-app.azurewebsites.net/ https://fifa-interest-page-prd-app.azurewebsites.net/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
996debe1-708b-4ebc-95c8-5b7ee0d77d76.json
Show response
cdn.cookielaw.org/consent/996debe1-708b-4ebc-95c8-5b7ee0d77d76/
|
6 KB
2 KB
|
143ms
61ms
|
XHR
application/x-javascript |
2606:4700::6813:b234
CLOUDFLARENET
|
|
General
- Full URL
- https://cdn.cookielaw.org/consent/996debe1-708b-4ebc-95c8-5b7ee0d77d76/996debe1-708b-4ebc-95c8-5b7ee0d77d76.json
- Requested by
- Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700::6813:b234
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 05b21c83774b77ef5d85267b9fc27fef02100767a5138bbecd2e6406c0040048
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
4592.863b2c12.chunk.js
www.fifa.com/static/js/
|
23 KB
13 KB
|
40ms
40ms
|
Script
application/javascript |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/static/js/4592.863b2c12.chunk.js
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/static/js/main.08a90946.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (frc/4CD3) /
- Resource Hash
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-interest-page-qa-app.azurewebsites.net/ https://fifa-interest-page-prd-app.azurewebsites.net/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
|
|
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
|
0
0
|
|
|
|
|
|
GET
H2
|
200
|
8675.e8954956.chunk.js
www.fifa.com/static/js/
|
55 KB
23 KB
|
40ms
40ms
|
Script
application/javascript |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/static/js/8675.e8954956.chunk.js
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/static/js/main.08a90946.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (frc/4CB2) /
- Resource Hash
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-interest-page-qa-app.azurewebsites.net/ https://fifa-interest-page-prd-app.azurewebsites.net/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
4785.2f1cf0e2.chunk.css
www.fifa.com/static/css/
|
6 KB
6 KB
|
41ms
41ms
|
Stylesheet
text/css |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/static/css/4785.2f1cf0e2.chunk.css
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/static/js/main.08a90946.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (frc/4CBD) /
- Resource Hash
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-interest-page-qa-app.azurewebsites.net/ https://fifa-interest-page-prd-app.azurewebsites.net/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
4785.e92e3b3d.chunk.js
www.fifa.com/static/js/
|
26 KB
12 KB
|
42ms
42ms
|
Script
application/javascript |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/static/js/4785.e92e3b3d.chunk.js
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/static/js/main.08a90946.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (frc/4CF5) /
- Resource Hash
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-interest-page-qa-app.azurewebsites.net/ https://fifa-interest-page-prd-app.azurewebsites.net/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
headerManagement
cxm-api.fifa.com/fifaplusweb/api/
|
746 KB
54 KB
|
44ms
43ms
|
XHR
application/json |
68.232.34.143
EDGECAST
|
|
General
- Full URL
- https://cxm-api.fifa.com/fifaplusweb/api/headerManagement?locale=de
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/static/js/main.08a90946.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
68.232.34.143
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (frb/67F8) /
- Resource Hash
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubDomains, max-age=63072000; includeSubDomains |
X-Content-Type-Options |
nosniff, nosniff |
X-Frame-Options |
sameorigin, sameorigin |
X-Xss-Protection |
1; mode=block, 1; mode=block |
|
GET
H2
|
200
|
Primary Request
rpmtapq-omoyxym-imqgirz
Show response
www.fifa.com/de/
|
4 KB
6 KB
|
111ms
111ms
|
Document
text/html |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/de/rpmtapq-omoyxym-imqgirz?s_uid=556402247
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/static/js/main.08a90946.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (amb/6AF4) /
- Resource Hash
- 4a9ec9a1a3d95aaa58785161c1927b1b3e8490599e5b7685c57709acdc5beefd
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-interest-page-qa-app.azurewebsites.net/ https://fifa-interest-page-prd-app.azurewebsites.net/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
|
|
rpmtapq-omoyxym-imqgirz
cxm-api.fifa.com/fifaplusweb/api/pages/
|
0
0
|
|
|
|
|
|
GET
|
|
resources
cxm-api.fifa.com/fifaplusweb/api/
|
0
0
|
|
|
|
|
|
GET
|
|
resources
cxm-api.fifa.com/fifaplusweb/api/
|
0
0
|
|
|
|
|
|
GET
H2
|
200
|
noto-sans-700.5f31d84a47d8ffc9c07f.woff2
www.fifa.com/static/media/
|
152 KB
0
|
48ms
46ms
|
Font
font/woff2 |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/static/media/noto-sans-700.5f31d84a47d8ffc9c07f.woff2
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/de/rpmtapq-omoyxym-imqgirz?s_uid=556402247
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (frc/4C83) /
- Resource Hash
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-interest-page-qa-app.azurewebsites.net/ https://fifa-interest-page-prd-app.azurewebsites.net/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
noto-sans-italic.ac006f14f6d49286b3e8.woff2
www.fifa.com/static/media/
|
116 KB
0
|
48ms
45ms
|
Font
font/woff2 |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/static/media/noto-sans-italic.ac006f14f6d49286b3e8.woff2
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/de/rpmtapq-omoyxym-imqgirz?s_uid=556402247
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (frc/4CC9) /
- Resource Hash
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-interest-page-qa-app.azurewebsites.net/ https://fifa-interest-page-prd-app.azurewebsites.net/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
noto-sans-regular.bfa96228235216443a93.woff2
www.fifa.com/static/media/
|
153 KB
0
|
47ms
44ms
|
Font
font/woff2 |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/static/media/noto-sans-regular.bfa96228235216443a93.woff2
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/de/rpmtapq-omoyxym-imqgirz?s_uid=556402247
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (frc/4CAA) /
- Resource Hash
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-interest-page-qa-app.azurewebsites.net/ https://fifa-interest-page-prd-app.azurewebsites.net/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
poppins-500.323014b9ce03a905066b.woff2
www.fifa.com/static/media/
|
48 KB
0
|
201ms
198ms
|
Font
font/woff2 |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/static/media/poppins-500.323014b9ce03a905066b.woff2
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/de/rpmtapq-omoyxym-imqgirz?s_uid=556402247
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (frc/4C87) /
- Resource Hash
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-interest-page-qa-app.azurewebsites.net/ https://fifa-interest-page-prd-app.azurewebsites.net/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
poppins-600.427f703758de281bb306.woff2
www.fifa.com/static/media/
|
49 KB
0
|
201ms
199ms
|
Font
font/woff2 |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/static/media/poppins-600.427f703758de281bb306.woff2
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/de/rpmtapq-omoyxym-imqgirz?s_uid=556402247
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (frc/4CF7) /
- Resource Hash
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-interest-page-qa-app.azurewebsites.net/ https://fifa-interest-page-prd-app.azurewebsites.net/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
poppins-italic.c232e61555ffdea495db.woff2
www.fifa.com/static/media/
|
56 KB
0
|
202ms
200ms
|
Font
font/woff2 |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/static/media/poppins-italic.c232e61555ffdea495db.woff2
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/de/rpmtapq-omoyxym-imqgirz?s_uid=556402247
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (frc/4CBF) /
- Resource Hash
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-interest-page-qa-app.azurewebsites.net/ https://fifa-interest-page-prd-app.azurewebsites.net/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
poppins-regular.80ad975e8fb5131f927c.woff2
www.fifa.com/static/media/
|
49 KB
0
|
203ms
201ms
|
Font
font/woff2 |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/static/media/poppins-regular.80ad975e8fb5131f927c.woff2
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/de/rpmtapq-omoyxym-imqgirz?s_uid=556402247
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (frc/4CB9) /
- Resource Hash
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-interest-page-qa-app.azurewebsites.net/ https://fifa-interest-page-prd-app.azurewebsites.net/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
launch-ENf264c4ce0fad4ce4bf7503fd7be51245.min.js
Show response
assets.adobedtm.com/7db34e84caae/759763b5faef/
|
344 KB
0
|
0ms
0ms
|
Script
application/x-javascript |
2a02:26f0:480:98f::1e80
AKAMAI-ASN1
|
|
|
GET
H2
|
200
|
main.bundle.js
Show response
play.fifa.com/components/
|
129 KB
0
|
1ms
1ms
|
Script
application/javascript |
152.199.19.82
EDGECAST
|
|
|
GET
H2
|
200
|
OtAutoBlock.js
Show response
cdn.cookielaw.org/consent/996debe1-708b-4ebc-95c8-5b7ee0d77d76/
|
140 KB
0
|
160ms
72ms
|
Script
application/x-javascript |
2606:4700::6813:b234
CLOUDFLARENET
|
|
General
- Full URL
- https://cdn.cookielaw.org/consent/996debe1-708b-4ebc-95c8-5b7ee0d77d76/OtAutoBlock.js
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/de/rpmtapq-omoyxym-imqgirz?s_uid=556402247
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700::6813:b234
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- c85082bdf7f65c12bc734139c95a14b1a61778437d527b5097f0b025c1466c6c
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
otSDKStub.js
Show response
cdn.cookielaw.org/scripttemplates/
|
21 KB
0
|
143ms
56ms
|
Script
application/javascript |
2606:4700::6813:b234
CLOUDFLARENET
|
|
General
- Full URL
- https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/de/rpmtapq-omoyxym-imqgirz?s_uid=556402247
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700::6813:b234
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- fdfea52427fb822bebdd32b325768e73b40637bd203c100827d4dece88e431c3
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
|
70 B
169 B
|
70ms
67ms
|
Other
text/javascript |
2606:4700:4400::6812:2089
CLOUDFLARENET
|
|
|
GET
H3
|
200
|
pdf.worker.min.js
Show response
cdnjs.cloudflare.com/ajax/libs/pdf.js/3.11.174/
|
1 MB
0
|
1ms
1ms
|
Script
application/javascript |
104.17.25.14
CLOUDFLARENET
|
|
|
GET
|
|
conviva-4.0.12.js
cdn.theoplayer.com/conviva/
|
0
0
|
|
|
|
|
|
GET
H2
|
200
|
themePalette
cxm-api.fifa.com/fifaplusweb/api/
|
41 KB
36 B
|
44ms
41ms
|
Other
application/json |
68.232.34.143
EDGECAST
|
|
General
- Full URL
- https://cxm-api.fifa.com/fifaplusweb/api/themePalette
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/de/rpmtapq-omoyxym-imqgirz?s_uid=556402247
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
68.232.34.143
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (frb/67D8) /
- Resource Hash
- 08315b37d81ba79c8c9aed8fcba2e94bd32a31936a738e6df91807c3b5dac14b
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubDomains, max-age=63072000; includeSubDomains |
X-Content-Type-Options |
nosniff, nosniff |
X-Frame-Options |
sameorigin, sameorigin |
X-Xss-Protection |
1; mode=block, 1; mode=block |
|
GET
H2
|
200
|
main.08a90946.js
Show response
www.fifa.com/static/js/
|
1 MB
0
|
69ms
69ms
|
Script
application/javascript |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/static/js/main.08a90946.js
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/de/rpmtapq-omoyxym-imqgirz?s_uid=556402247
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (frc/4C87) /
- Resource Hash
- 4365c26d3915a6bdfcaf0ea76c6d0cc2be7d50bdcedbe114352b1ade13880370
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-interest-page-qa-app.azurewebsites.net/ https://fifa-interest-page-prd-app.azurewebsites.net/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
main.a77da6d6.css
www.fifa.com/static/css/
|
804 KB
0
|
201ms
200ms
|
Stylesheet
text/css |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/static/css/main.a77da6d6.css
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/de/rpmtapq-omoyxym-imqgirz?s_uid=556402247
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (frc/4C92) /
- Resource Hash
- 769ae378c495f1d9a455b8802ca968f38296ad43ad5d6ae828c84d813d20e517
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-interest-page-qa-app.azurewebsites.net/ https://fifa-interest-page-prd-app.azurewebsites.net/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
996debe1-708b-4ebc-95c8-5b7ee0d77d76.json
Show response
cdn.cookielaw.org/consent/996debe1-708b-4ebc-95c8-5b7ee0d77d76/
|
6 KB
0
|
0ms
0ms
|
XHR
application/x-javascript |
2606:4700::6813:b234
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
4592.863b2c12.chunk.js
Show response
www.fifa.com/static/js/
|
23 KB
0
|
40ms
40ms
|
Script
application/javascript |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/static/js/4592.863b2c12.chunk.js
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/static/js/main.08a90946.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (frc/4CD3) /
- Resource Hash
- 0d2fa9eff9a20c8ec29cd5e2658380d05c83e540158f32c3ba45371038ef652d
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-interest-page-qa-app.azurewebsites.net/ https://fifa-interest-page-prd-app.azurewebsites.net/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
location
Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/
|
59 B
138 B
|
75ms
75ms
|
XHR
application/json |
2606:4700:4400::6812:2089
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
8675.e8954956.chunk.js
Show response
www.fifa.com/static/js/
|
55 KB
0
|
40ms
40ms
|
Script
application/javascript |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/static/js/8675.e8954956.chunk.js
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/static/js/main.08a90946.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (frc/4CB2) /
- Resource Hash
- 606dec97dad76cdb2ee0a4015a3572f5041ae403d3cbd961490012f41b1a7ae3
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-interest-page-qa-app.azurewebsites.net/ https://fifa-interest-page-prd-app.azurewebsites.net/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
4785.2f1cf0e2.chunk.css
www.fifa.com/static/css/
|
6 KB
0
|
41ms
41ms
|
Stylesheet
text/css |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/static/css/4785.2f1cf0e2.chunk.css
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/static/js/main.08a90946.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (frc/4CBD) /
- Resource Hash
- 6bd3febe528c5bf1bdab49dd95b8337ba701162f630ef29486c6243faa48b88c
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-interest-page-qa-app.azurewebsites.net/ https://fifa-interest-page-prd-app.azurewebsites.net/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
4785.e92e3b3d.chunk.js
Show response
www.fifa.com/static/js/
|
26 KB
0
|
42ms
42ms
|
Script
application/javascript |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/static/js/4785.e92e3b3d.chunk.js
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/static/js/main.08a90946.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (frc/4CF5) /
- Resource Hash
- 5d912ff4a517f634dabc5c2d4f3f47b2ed1fd800781b727d104bbad33b28fdda
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-interest-page-qa-app.azurewebsites.net/ https://fifa-interest-page-prd-app.azurewebsites.net/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
headerManagement
Show response
cxm-api.fifa.com/fifaplusweb/api/
|
746 KB
35 B
|
45ms
45ms
|
XHR
application/json |
68.232.34.143
EDGECAST
|
|
General
- Full URL
- https://cxm-api.fifa.com/fifaplusweb/api/headerManagement?locale=de
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/static/js/main.08a90946.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
68.232.34.143
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (frb/67F8) /
- Resource Hash
- 0b91c24903e4b6337b761236a55c65b4778ce83e4e09d8d9320641bfd4fe3f55
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubDomains, max-age=63072000; includeSubDomains |
X-Content-Type-Options |
nosniff, nosniff |
X-Frame-Options |
sameorigin, sameorigin |
X-Xss-Protection |
1; mode=block, 1; mode=block |
|
GET
H2
|
200
|
favicon.ico
www.fifa.com/
|
7 KB
6 KB
|
44ms
44ms
|
Other
image/x-icon |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/favicon.ico?v=4c4914f90c578869e7375b03cf029202
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (frc/4CBF) /
- Resource Hash
- c901ef305f575cc439d58b0b1defc445a5e7c3caa878f78d8b58067617b98ce0
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-interest-page-qa-app.azurewebsites.net/ https://fifa-interest-page-prd-app.azurewebsites.net/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
404
|
rpmtapq-omoyxym-imqgirz
Show response
cxm-api.fifa.com/fifaplusweb/api/pages/de/
|
98 B
235 B
|
642ms
642ms
|
XHR
application/json |
68.232.34.143
EDGECAST
|
|
General
- Full URL
- https://cxm-api.fifa.com/fifaplusweb/api/pages/de/rpmtapq-omoyxym-imqgirz
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/static/js/main.08a90946.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
68.232.34.143
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (amb/6AE1) /
- Resource Hash
- be3df0ad1b58d1ab2986c7952bab00762ebc052132f8d66d9737e2b3ecd7737f
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubDomains, max-age=63072000; includeSubDomains |
X-Content-Type-Options |
nosniff, nosniff |
X-Frame-Options |
sameorigin, sameorigin |
X-Xss-Protection |
1; mode=block, 1; mode=block |
|
GET
H2
|
200
|
resources
Show response
cxm-api.fifa.com/fifaplusweb/api/
|
5 KB
1 KB
|
44ms
41ms
|
XHR
application/json |
68.232.34.143
EDGECAST
|
|
General
- Full URL
- https://cxm-api.fifa.com/fifaplusweb/api/resources?locale=de&identifier=SearchLabels
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/static/js/main.08a90946.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
68.232.34.143
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (frb/6729) /
- Resource Hash
- 82becebc3ba7d0002ab4a7e8f418ff6a97ea0bc986db6fd9dbdd6831271ed1ea
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubDomains, max-age=63072000; includeSubDomains |
X-Content-Type-Options |
nosniff, nosniff |
X-Frame-Options |
sameorigin, sameorigin |
X-Xss-Protection |
1; mode=block, 1; mode=block |
|
GET
H2
|
200
|
resources
Show response
cxm-api.fifa.com/fifaplusweb/api/
|
16 KB
3 KB
|
44ms
43ms
|
XHR
application/json |
68.232.34.143
EDGECAST
|
|
General
- Full URL
- https://cxm-api.fifa.com/fifaplusweb/api/resources?locale=de&identifier=appNavigation
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/static/js/main.08a90946.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
68.232.34.143
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (frb/670A) /
- Resource Hash
- ba02912ace25d94b6310202cc56bac804423f82983d71fd9ce33b55046878fe9
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubDomains, max-age=63072000; includeSubDomains |
X-Content-Type-Options |
nosniff, nosniff |
X-Frame-Options |
sameorigin, sameorigin |
X-Xss-Protection |
1; mode=block, 1; mode=block |
|
GET
H2
|
200
|
otBannerSdk.js
Show response
cdn.cookielaw.org/scripttemplates/202311.1.0/
|
427 KB
103 KB
|
56ms
56ms
|
Script
application/javascript |
2606:4700::6813:b234
CLOUDFLARENET
|
|
General
- Full URL
- https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
- Requested by
- Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700::6813:b234
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 35b480df2d3690b7262690598f87598bc6e3ab6303e94911f2c1b77a721d7b49
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
FIFA_Logo_White_Generic
digitalhub.fifa.com/transform/befe3a64-328b-453c-8b58-0faeb9103684/
|
1 KB
3 KB
|
153ms
41ms
|
Image
image/webp |
2600:9000:275d:fc00:11:c1cc:72c0:93a1
AMAZON-02
|
|
|
GET
H2
|
200
|
en.json
Show response
cdn.cookielaw.org/consent/996debe1-708b-4ebc-95c8-5b7ee0d77d76/149dcd24-9db6-4697-bcff-7ccc514c5265/
|
121 KB
27 KB
|
92ms
92ms
|
Fetch
application/x-javascript |
2606:4700::6813:b234
CLOUDFLARENET
|
|
General
- Full URL
- https://cdn.cookielaw.org/consent/996debe1-708b-4ebc-95c8-5b7ee0d77d76/149dcd24-9db6-4697-bcff-7ccc514c5265/en.json
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/static/js/main.08a90946.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700::6813:b234
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- b4349b838b952c4d391b77321d20b1b9608196f8daab8ef69f6dcc7daf51316a
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
iab2V2Data.json
Show response
cdn.cookielaw.org/vendorlist/
|
578 KB
74 KB
|
52ms
52ms
|
Fetch
application/x-javascript |
2606:4700::6813:b234
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
otTCF.js
Show response
cdn.cookielaw.org/scripttemplates/202311.1.0/
|
39 KB
12 KB
|
57ms
57ms
|
Script
application/javascript |
2606:4700::6813:b234
CLOUDFLARENET
|
|
General
- Full URL
- https://cdn.cookielaw.org/scripttemplates/202311.1.0/otTCF.js
- Requested by
- Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700::6813:b234
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- b225b553da329022367ef9806c9820cbb60051aede8489749a879cfc3bed0677
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
otFlat.json
Show response
cdn.cookielaw.org/scripttemplates/202311.1.0/assets/
|
13 KB
3 KB
|
59ms
59ms
|
Fetch
application/json |
2606:4700::6813:b234
CLOUDFLARENET
|
|
General
- Full URL
- https://cdn.cookielaw.org/scripttemplates/202311.1.0/assets/otFlat.json
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/static/js/main.08a90946.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700::6813:b234
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
otPcTab.json
Show response
cdn.cookielaw.org/scripttemplates/202311.1.0/assets/v2/
|
63 KB
14 KB
|
55ms
55ms
|
Fetch
application/json |
2606:4700::6813:b234
CLOUDFLARENET
|
|
General
- Full URL
- https://cdn.cookielaw.org/scripttemplates/202311.1.0/assets/v2/otPcTab.json
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/static/js/main.08a90946.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700::6813:b234
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 2bc6a125d698416498cdf5ef60cd959aef01db95a6e3e0d74a95f9b6d3d78feb
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
otCommonStyles.css
Show response
cdn.cookielaw.org/scripttemplates/202311.1.0/assets/
|
21 KB
4 KB
|
62ms
62ms
|
Fetch
text/css |
2606:4700::6813:b234
CLOUDFLARENET
|
|
General
- Full URL
- https://cdn.cookielaw.org/scripttemplates/202311.1.0/assets/otCommonStyles.css
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/static/js/main.08a90946.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700::6813:b234
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
ot_guard_logo.svg
Show response
cdn.cookielaw.org/logos/static/
|
497 B
515 B
|
52ms
51ms
|
Fetch
image/svg+xml |
2606:4700::6813:b234
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
fcm_rgbf_s.png
cdn.cookielaw.org/logos/a22264f8-9d14-4ab8-ab4b-a61925d0e901/f9cfefe8-45ba-46cf-8da1-2a27e1e35084/ff8bdf07-4d8b-47cf-ba45-a6f4cf46492c/
|
4 KB
4 KB
|
60ms
60ms
|
Image
image/png |
2606:4700::6813:b234
CLOUDFLARENET
|
|
General
- Full URL
- https://cdn.cookielaw.org/logos/a22264f8-9d14-4ab8-ab4b-a61925d0e901/f9cfefe8-45ba-46cf-8da1-2a27e1e35084/ff8bdf07-4d8b-47cf-ba45-a6f4cf46492c/fcm_rgbf_s.png
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700::6813:b234
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- bb5b84b03e2b10ce084ddccd3f8787dd0a436d1c39600c882a4f162b8a2ec161
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
powered_by_logo.svg
cdn.cookielaw.org/logos/static/
|
5 KB
2 KB
|
53ms
52ms
|
Image
image/svg+xml |
2606:4700::6813:b234
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
resources
Show response
cxm-api.fifa.com/fifaplusweb/api/
|
770 B
471 B
|
294ms
293ms
|
XHR
application/json |
68.232.34.143
EDGECAST
|
|
General
- Full URL
- https://cxm-api.fifa.com/fifaplusweb/api/resources?locale=de&identifier=GenericErrorPage
- Requested by
- Host: www.fifa.com
URL: https://www.fifa.com/static/js/main.08a90946.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
68.232.34.143
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (frb/67E1) /
- Resource Hash
- 1c5029b5a39b949f37bf7c8527eb4ab20d5d51a4beaf4ea20e34e246b221e823
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; includeSubDomains, max-age=63072000; includeSubDomains |
X-Content-Type-Options |
nosniff, nosniff |
X-Frame-Options |
sameorigin, sameorigin |
X-Xss-Protection |
1; mode=block, 1; mode=block |
|
GET
H2
|
200
|
cast_sender.js
Show response
www.gstatic.com/cv/js/sender/v1/
|
4 KB
2 KB
|
150ms
52ms
|
Script
text/javascript |
2a00:1450:4001:828::2003
GOOGLE
|
|
|
GET
H2
|
200
|
404ErrorBg.png
www.fifa.com/
|
765 KB
770 KB
|
43ms
43ms
|
Image
image/png |
152.199.19.82
EDGECAST
|
|
General
- Full URL
- https://www.fifa.com/404ErrorBg.png?v=083772b65acbe30a94cdd7eb401c1670
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
152.199.19.82
, United States,
ASN15133
(EDGECAST, US),
- Reverse DNS
- Software
-
ECAcc (frc/4C8E) /
- Resource Hash
- c0c08521ddc9347e9f7cff8807d7b5cde991404fe195f2927ed3b4ba17a3b275
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.2mdn.net *.theoplayer.com *.youtube.com cdnjs.cloudflare.com vjs.zencdn.net static.tagboard.com *.minute.ly blob: *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.google.ly;worker-src 'self' blob:;script-src-attr 'unsafe-inline';default-src 'unsafe-inline' blob:;manifest-src 'self' 'unsafe-inline' blob:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.ttwstatic.com;img-src 'self' 'unsafe-inline' data: blob: *;media-src 'self' 'unsafe-inline' data: blob: *;connect-src 'self' localhost:* cxm-dev-gl-afd-001-apis-fifa.azurefd.net cxm-uat-gl-afd-001-apis-fifa.azurefd.net *.cloudfront.net *.mycujoo.tv *.mcls.live *.p5cdn.com *.theoplayer.com *.youtube.com *.uplynk.com *.minute.ly *.onetrust.com mycujoo-static-fastly.images.mcls.live cpt-services-fastly.images.mcls.live mycujoo-assets-fastly.images.mcls.live m-tv-fastly.images.mcls.live mycujoo-thumbs-fastly.images.mcls.live wss://mls-rt.mycujoo.tv cxm-dev-we-fas-001-search-api.azurewebsites.net cxm-uat-we-fas-001-search-api.azurewebsites.net *.fifa.com *.adnxs.com *.crwdcntrl.net *.doubleclick.net *.doubleclick.com *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.googleanalytics.com *.googlevideo.com *.tpcsyndication.com *.nice264.com *.npaw.com *.tealiumiq.com *.tiqcdn.cn *.tiqcdn.com *.youbora.com *.youborafds01.com *.youboranqs01.com *.youboranqs02.com *.gstatic.com adservice.google.cn adservice.google.co.uk adservice.google.com adservice.google.es analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org connect.facebook.net dc.services.visualstudio.com dpm.demdex.net fifa.hb-api.omtrdc.net platform.twitter.com sc-static.net static.ads-twitter.com tr.snapchat.com *.conviva.com *.instagram.com *.tiktok.com *.ttwstatic.com *.tiktokcdn.com *.tiktokcdn-us.com *.2mdn.net api.pingone.eu walls.io *.minute.ly;frame-ancestors 'self' https://apps.monterosa.cloud https://mtsa-blog.fifa.com;frame-src 'self' *.fifa.com *.doubleclick.net *.googlesyndication.com *.googleapis.com *.theoplayer.com *.walls.io https://fifa.demdex.net/ https://tags.crwdcntrl.net/ https://tr.snapchat.com/ https://www.facebook.com/ https://m.facebook.com/ https://www.google.com/ https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://scontent.cdninstagram.com/ https://www.tiktok.com/ https://fifa-interest-page-qa-app.azurewebsites.net/ https://fifa-interest-page-prd-app.azurewebsites.net/ https://fifa-registration-of-interest-qa-app.azurewebsites.net/ https://fifa-registration-of-interest-prd-app.azurewebsites.net/ https://apps.monterosa.cloud https://mtsa-blog.fifa.com https://embed.tagboard.com;form-action 'self' https://tr.snapchat.com/ https://www.facebook.com/;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';upgrade-insecure-requests |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
AppMeasurement.min.js
Show response
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/
|
33 KB
12 KB
|
43ms
43ms
|
Script
application/x-javascript |
2a02:26f0:480:98f::1e80
AKAMAI-ASN1
|
|
|
GET
H2
|
200
|
AppMeasurement_Module_ActivityMap.min.js
Show response
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/
|
3 KB
2 KB
|
41ms
41ms
|
Script
application/x-javascript |
2a02:26f0:480:98f::1e80
AKAMAI-ASN1
|
|
|
GET
H2
|
200
|
RC3e90751ecc394a4390a54c28a54c4633-source.min.js
Show response
assets.adobedtm.com/7db34e84caae/759763b5faef/b562ba05469d/
|
12 KB
4 KB
|
40ms
40ms
|
Script
application/x-javascript |
2a02:26f0:480:98f::1e80
AKAMAI-ASN1
|
|
|
GET
H2
|
200
|
cast_framework.js
Show response
www.gstatic.com/cast/sdk/libs/sender/1.0/
|
35 KB
12 KB
|
54ms
53ms
|
Script
text/javascript |
2a00:1450:4001:828::2003
GOOGLE
|
|
|
GET
H2
|
200
|
cast_sender.js
Show response
www.gstatic.com/eureka/clank/125/
|
49 KB
15 KB
|
41ms
41ms
|
Script
text/javascript |
2a00:1450:4001:828::2003
GOOGLE
|
|
|